Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/36e065-a1f6-4e14-b2d7-61e54cfc2abc/1/53hgWUoFdcLLEEbv71yQbLRzf28.roa
File: 53hgWUoFdcLLEEbv71yQbLRzf28.roa (raw, json)
Hash identifier: 85lJpnSLzxabWup9bsF9er3MXgfIJt1DBePCDQAyFgM=
Subject key identifier: E7:78:60:59:4A:05:75:C2:CB:10:46:EF:EF:5C:90:6C:B4:73:7F:6F
Certificate issuer: /CN=8775e6408b8e05aa914b874635a47b7b820c6c32
Certificate serial: 0194F43BB1F309120590008A924E0C167A6C
Authority key identifier: 87:75:E6:40:8B:8E:05:AA:91:4B:87:46:35:A4:7B:7B:82:0C:6C:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3XmQIuOBaqRS4dGNaR7e4IMbDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/36e065-a1f6-4e14-b2d7-61e54cfc2abc/1/53hgWUoFdcLLEEbv71yQbLRzf28.roa
Signing time: Tue 11 Feb 2025 08:59:00 +0000
ROA not before: Tue 11 Feb 2025 08:59:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215395
IP address blocks: 195.78.154.0/24 maxlen: 24
195.78.155.0/24 maxlen: 24
195.78.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 07:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:3b:b1:f3:09:12:05:90:00:8a:92:4e:0c:16:7a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8775e6408b8e05aa914b874635a47b7b820c6c32
Validity
Not Before: Feb 11 08:59:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e77860594a0575c2cb1046efef5c906cb4737f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:14:1b:f8:f8:33:6a:02:38:75:40:c5:32:57:
05:ec:0e:29:8a:a1:3a:d0:ab:1a:5f:42:dd:54:16:
8b:53:25:97:30:36:e6:0d:a6:25:43:5e:76:9d:f2:
7a:47:42:53:5f:7d:13:10:e5:f0:27:a0:75:d2:b2:
a3:48:21:07:06:6c:68:9c:ba:04:24:b1:29:53:da:
b2:1e:0c:0a:67:25:c2:44:5e:b9:b3:dd:5a:82:fb:
ed:ec:44:e7:fc:b6:0b:d7:81:17:e0:fa:31:40:68:
89:93:30:93:99:92:b0:d7:a5:c5:43:8a:7d:69:e6:
0a:7a:03:9f:bc:5e:98:c9:2f:f8:b5:e2:35:13:ab:
8f:42:2a:fd:63:66:a4:51:52:67:27:67:cf:62:c6:
cb:1a:7a:31:55:f5:d8:48:02:31:b9:b0:38:7b:f2:
c8:4c:79:69:26:fe:8e:91:eb:79:13:e5:35:b1:13:
79:ed:6e:f1:47:7d:48:c9:5a:41:2d:bc:b9:8e:09:
cb:e0:65:5a:77:8f:2f:49:c9:e2:65:fc:4a:e9:86:
69:73:6e:03:7c:25:ff:e9:31:2f:6d:c2:3a:cc:02:
c5:05:32:df:16:7b:ac:8c:dd:93:6b:14:a7:cc:ce:
27:e3:d3:5d:77:24:94:b4:6d:38:bd:37:10:06:cc:
98:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:78:60:59:4A:05:75:C2:CB:10:46:EF:EF:5C:90:6C:B4:73:7F:6F
X509v3 Authority Key Identifier:
keyid:87:75:E6:40:8B:8E:05:AA:91:4B:87:46:35:A4:7B:7B:82:0C:6C:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3XmQIuOBaqRS4dGNaR7e4IMbDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/36e065-a1f6-4e14-b2d7-61e54cfc2abc/1/53hgWUoFdcLLEEbv71yQbLRzf28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/36e065-a1f6-4e14-b2d7-61e54cfc2abc/1/h3XmQIuOBaqRS4dGNaR7e4IMbDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.154.0-195.78.156.255
Signature Algorithm: sha256WithRSAEncryption
06:e2:60:9a:f1:0a:99:f9:66:c8:e0:25:ee:c7:6a:c0:69:16:
bb:3b:1e:b1:99:8c:e3:56:a5:98:73:de:3b:7e:bc:c1:62:d5:
29:f2:37:ff:d2:b8:22:cf:90:15:ab:06:34:f4:d2:75:fd:07:
87:83:b7:40:81:f7:14:5f:45:1a:58:63:a9:91:81:73:64:d2:
d2:be:ab:42:40:4e:71:21:c5:86:bb:8d:64:6d:88:95:23:9d:
5c:b0:3b:c9:87:6d:55:44:e4:12:f4:8f:26:b6:1f:08:b7:b3:
53:b9:ae:c4:7d:c6:dd:9d:bd:e8:86:e9:13:3a:76:a8:6c:0a:
04:ce:9f:eb:c3:b1:b9:85:82:71:fe:e1:92:ce:0c:7b:ae:24:
42:4a:6d:e8:0e:93:a5:a8:68:c4:f6:2d:97:08:d6:c4:cc:d1:
f3:93:ee:e4:f2:44:e2:d9:3c:4f:2e:d7:4c:e3:5a:de:cd:98:
98:23:67:6e:3c:b3:5f:d4:b8:f2:67:84:4e:69:8b:34:0a:22:
38:ea:8d:78:b5:b1:6d:f1:a6:6e:98:b2:78:29:6b:25:97:eb:
16:15:6c:f6:28:ff:90:e0:3e:ba:bf:2d:30:83:c6:23:d4:5c:
39:52:4e:c2:b1:e8:90:a5:67:0f:cb:ac:3a:68:7f:4d:c5:e3:
8e:99:08:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZT0O7HzCRIFkACKkk4MFnpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzVlNjQwOGI4ZTA1YWE5MTRiODc0NjM1YTQ3YjdiODIw
YzZjMzIwHhcNMjUwMjExMDg1OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzc4NjA1OTRhMDU3NWMyY2IxMDQ2ZWZlZjVjOTA2Y2I0NzM3ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRQb+PgzagI4dUDFMlcF7A4piqE6
0KsaX0LdVBaLUyWXMDbmDaYlQ152nfJ6R0JTX30TEOXwJ6B10rKjSCEHBmxonLoE
JLEpU9qyHgwKZyXCRF65s91agvvt7ETn/LYL14EX4PoxQGiJkzCTmZKw16XFQ4p9
aeYKegOfvF6YyS/4teI1E6uPQir9Y2akUVJnJ2fPYsbLGnoxVfXYSAIxubA4e/LI
THlpJv6Oket5E+U1sRN57W7xR31IyVpBLby5jgnL4GVad48vScniZfxK6YZpc24D
fCX/6TEvbcI6zALFBTLfFnusjN2TaxSnzM4n49NddySUtG04vTcQBsyYBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOd4YFlKBXXCyxBG7+9ckGy0c39vMB8GA1UdIwQY
MBaAFId15kCLjgWqkUuHRjWke3uCDGwyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNYbVFJdU9CYXFSUzRkR05hUjdlNElNYkRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zNmUwNjUtYTFmNi00ZTE0LWIyZDct
NjFlNTRjZmMyYWJjLzEvNTNoZ1dVb0ZkY0xMRUVidjcxeVFiTFJ6ZjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zNmUwNjUtYTFmNi00ZTE0LWIyZDctNjFlNTRjZmMyYWJj
LzEvaDNYbVFJdU9CYXFSUzRkR05hUjdlNElNYkRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHDTpoD
BADDTpwwDQYJKoZIhvcNAQELBQADggEBAAbiYJrxCpn5ZsjgJe7HasBpFrs7HrGZ
jONWpZhz3jt+vMFi1SnyN//SuCLPkBWrBjT00nX9B4eDt0CB9xRfRRpYY6mRgXNk
0tK+q0JATnEhxYa7jWRtiJUjnVywO8mHbVVE5BL0jya2Hwi3s1O5rsR9xt2dveiG
6RM6dqhsCgTOn+vDsbmFgnH+4ZLODHuuJEJKbegOk6WoaMT2LZcI1sTM0fOT7uTy
ROLZPE8u10zjWt7NmJgjZ248s1/UuPJnhE5pizQKIjjqjXi1sW3xpm6YsngpayWX
6xYVbPYo/5DgPrq/LTCDxiPUXDlSTsKx6JClZw/LrDpof03F446ZCLo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:31:04 2025 by rpki-client