Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Z7tIK_IYCe093yv-15D6MuJZXMQ.roa
File: Z7tIK_IYCe093yv-15D6MuJZXMQ.roa (raw, json)
Hash identifier: Dco4cNuJU4vKqVRakcxSFSjfVNCUI9WjsrLemVt0IBE=
Subject key identifier: 67:BB:48:2B:F2:18:09:ED:3D:DF:2B:FE:D7:90:FA:32:E2:59:5C:C4
Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Certificate serial: 018CC5010D273FCFC359484D0FDB1FA49B80
Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Z7tIK_IYCe093yv-15D6MuJZXMQ.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61154
IP address blocks: 195.78.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0d:27:3f:cf:c3:59:48:4d:0f:db:1f:a4:9b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bb482bf21809ed3ddf2bfed790fa32e2595cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:84:08:fa:b0:a1:8a:03:2d:f0:73:72:1d:de:
dc:d7:3d:3b:c9:92:5b:7d:0d:36:08:3c:32:22:50:
cf:2e:0f:46:80:4f:26:1b:d4:d4:00:09:3f:20:29:
6a:54:95:a8:5d:cd:f0:d0:14:fb:d0:12:00:26:df:
7d:5d:f1:33:ab:31:fc:47:dc:dc:72:3c:80:d5:5b:
7f:9e:01:45:0f:5f:08:48:25:b3:c6:b0:47:88:37:
21:a2:fb:4e:05:5f:e4:9b:6b:e1:1c:3d:2d:9c:6a:
35:15:9a:c2:25:70:72:b8:ed:a3:c6:bb:52:de:52:
14:79:91:99:9c:7a:f0:14:91:4a:20:fb:8d:b2:05:
98:86:d5:ed:f6:68:51:e2:97:6f:d7:2c:8c:18:1a:
80:90:b4:40:05:20:0d:59:6f:01:5c:54:d3:b1:06:
1e:b2:99:2f:0a:7d:78:b1:93:e5:c0:07:16:51:97:
52:66:b0:79:1c:74:af:9d:58:51:96:bb:1a:f3:25:
7d:35:73:f9:3f:10:d2:f1:a7:5d:02:f0:36:42:69:
66:ed:e5:ad:80:80:b6:66:7a:c5:83:73:71:b1:c3:
01:e2:c2:73:08:2a:02:8b:ae:c8:71:71:d2:ec:2d:
90:09:33:ec:41:75:11:4b:cd:7b:a0:6d:ea:40:a3:
37:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BB:48:2B:F2:18:09:ED:3D:DF:2B:FE:D7:90:FA:32:E2:59:5C:C4
X509v3 Authority Key Identifier:
keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Z7tIK_IYCe093yv-15D6MuJZXMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.236.0/22
Signature Algorithm: sha256WithRSAEncryption
72:ef:2e:e1:8a:1b:bc:0f:dc:1c:5c:c6:33:9f:be:ae:bd:5f:
27:3f:01:7a:c1:8c:b9:ed:62:39:c3:8e:fb:f3:09:2d:94:c0:
79:64:f8:e4:a5:4e:ee:0b:cc:07:18:80:f2:b7:34:9e:15:3c:
d4:01:71:d0:aa:1d:40:53:c5:26:04:6e:d6:72:62:c4:c9:14:
02:f0:f9:0f:53:cb:1a:3a:cf:01:48:22:00:67:6f:bb:fe:21:
d0:a8:a7:fe:35:82:9e:29:d9:1a:a9:98:7b:c0:a7:ef:47:f8:
54:24:94:95:85:04:83:89:52:3e:be:26:42:36:8d:e5:c9:57:
80:3d:be:3c:d3:11:a1:38:fb:1d:94:21:e9:16:16:31:7c:fe:
cf:8c:1f:6d:f3:90:9e:cc:72:0d:31:a9:39:1a:55:2b:7b:f0:
44:19:ae:81:a3:87:7b:f2:a7:8d:9f:5f:5c:79:0c:23:74:41:
56:ec:6c:2c:81:cf:e6:1d:4a:34:f3:44:f4:c2:a1:a5:30:ec:
84:45:0c:8e:b2:bd:e8:ba:98:94:ef:92:dd:c3:bd:57:7f:b4:
1f:f1:b6:29:02:23:50:90:34:d0:57:5a:9b:d0:5b:7a:82:10:
ec:1d:af:d9:94:9c:94:f4:77:39:1f:e3:82:04:e3:6b:85:f8:
39:80:6c:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAQ0nP8/DWUhND9sfpJuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1
M2FlNjcwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2JiNDgyYmYyMTgwOWVkM2RkZjJiZmVkNzkwZmEzMmUyNTk1Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIQI+rChigMt8HNyHd7c1z07yZJb
fQ02CDwyIlDPLg9GgE8mG9TUAAk/IClqVJWoXc3w0BT70BIAJt99XfEzqzH8R9zc
cjyA1Vt/ngFFD18ISCWzxrBHiDchovtOBV/km2vhHD0tnGo1FZrCJXByuO2jxrtS
3lIUeZGZnHrwFJFKIPuNsgWYhtXt9mhR4pdv1yyMGBqAkLRABSANWW8BXFTTsQYe
spkvCn14sZPlwAcWUZdSZrB5HHSvnVhRlrsa8yV9NXP5PxDS8addAvA2Qmlm7eWt
gIC2ZnrFg3NxscMB4sJzCCoCi67IcXHS7C2QCTPsQXURS817oG3qQKM31QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGe7SCvyGAntPd8r/teQ+jLiWVzEMB8GA1UdIwQY
MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt
NjVhNWVmMGFmMGI0LzEvWjd0SUtfSVlDZTA5M3l2LTE1RDZNdUpaWE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0
LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw07sMA0G
CSqGSIb3DQEBCwUAA4IBAQBy7y7hihu8D9wcXMYzn76uvV8nPwF6wYy57WI5w477
8wktlMB5ZPjkpU7uC8wHGIDytzSeFTzUAXHQqh1AU8UmBG7WcmLEyRQC8PkPU8sa
Os8BSCIAZ2+7/iHQqKf+NYKeKdkaqZh7wKfvR/hUJJSVhQSDiVI+viZCNo3lyVeA
Pb480xGhOPsdlCHpFhYxfP7PjB9t85CezHINMak5GlUre/BEGa6Bo4d78qeNn19c
eQwjdEFW7Gwsgc/mHUo080T0wqGlMOyERQyOsr3oupiU75Ldw71Xf7Qf8bYpAiNQ
kDTQV1qb0Ft6ghDsHa/ZlJyU9Hc5H+OCBONrhfg5gGwr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:05 2025 by rpki-client