Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/Q6xNeCATM5rraR6p-HUbwC7XyoI.roa
File: Q6xNeCATM5rraR6p-HUbwC7XyoI.roa (raw, json)
Hash identifier: bOKLZQvnQfqa+eZb0OL247JcIP2g1sc9KHw9m2TrSTo=
Subject key identifier: 43:AC:4D:78:20:13:33:9A:EB:69:1E:A9:F8:75:1B:C0:2E:D7:CA:82
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 0194413EC0BE118452A31F2FDEE28C4A078E
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/Q6xNeCATM5rraR6p-HUbwC7XyoI.roa
Signing time: Tue 07 Jan 2025 14:50:19 +0000
ROA not before: Tue 07 Jan 2025 14:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.88.0/24 maxlen: 24
147.78.89.0/24 maxlen: 24
147.78.90.0/24 maxlen: 24
147.78.91.0/24 maxlen: 24
2a09:2040::/29 maxlen: 29
2a09:2040:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:3e:c0:be:11:84:52:a3:1f:2f:de:e2:8c:4a:07:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Jan 7 14:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43ac4d782013339aeb691ea9f8751bc02ed7ca82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0f:e5:ec:e7:9e:06:12:38:8f:33:88:50:1f:
83:cd:14:d8:e5:fd:c1:91:f7:ff:5f:24:85:fc:d2:
f9:80:0d:b8:63:d3:96:8e:9f:82:94:ac:5b:a1:36:
d2:14:3b:4e:6b:be:ff:12:77:d9:34:fc:2a:e5:ec:
ea:f3:20:08:d0:18:ce:3e:0d:67:f6:f7:b3:e4:62:
26:b0:2d:7c:2a:70:ec:6b:8d:82:ed:e1:e6:31:8a:
e6:b7:93:e0:8b:2d:9f:40:b4:c8:8e:40:d1:c7:7d:
d6:b2:24:8a:93:20:20:d9:53:71:f5:0e:6b:f0:69:
be:3d:92:f3:f5:5c:68:c7:85:a3:5a:54:e0:0f:ec:
b8:87:69:0e:38:89:e2:10:87:8b:fa:53:44:74:5f:
d5:86:03:16:09:97:34:32:95:e7:ac:35:47:b4:0c:
12:75:40:60:58:ad:66:85:d2:e6:59:e7:ab:03:c5:
0e:14:9c:dc:af:46:89:71:ae:d6:0a:9c:79:49:52:
84:be:b9:9b:65:e9:05:2b:9f:2b:ac:44:2f:8a:56:
dd:b4:66:3a:11:00:03:1d:e7:aa:85:80:68:ea:e5:
10:9c:20:34:5c:ae:fd:d7:d5:e4:c0:9d:ac:a0:25:
68:ac:68:ba:90:39:de:49:1c:11:5d:89:04:97:1e:
ef:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AC:4D:78:20:13:33:9A:EB:69:1E:A9:F8:75:1B:C0:2E:D7:CA:82
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/Q6xNeCATM5rraR6p-HUbwC7XyoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
94:af:ab:8d:fc:95:d4:77:92:94:db:73:51:ff:19:e0:b6:e6:
28:ba:b6:89:74:8b:fb:11:7a:cf:ad:b3:a6:31:ca:70:c7:36:
1e:be:ae:61:89:c5:3b:e8:b1:bf:50:92:fa:dc:99:31:94:fa:
d4:1f:55:aa:b4:83:87:75:75:ac:94:b7:de:0d:ec:36:62:7f:
3a:82:cb:31:4d:f2:72:78:53:ac:df:d3:79:4e:b2:3e:47:eb:
be:e5:67:10:51:ce:d7:78:a8:f9:b9:4f:c2:6f:08:df:10:14:
93:ae:a5:c3:4f:39:b3:24:f4:28:8f:7a:ae:51:bd:4b:74:ec:
29:7b:d8:cc:72:26:74:3c:72:7b:cd:f1:d3:64:40:be:ad:9d:
31:69:50:ac:6a:04:1e:d9:1c:06:f9:4d:71:a3:b3:e9:85:a6:
18:f3:e6:16:e1:06:54:d0:d0:8c:26:09:ed:10:f3:47:17:a4:
25:9b:69:8a:ed:9a:8e:c9:41:5a:d9:30:21:91:c2:04:ae:34:
59:20:c7:cf:0f:76:bc:36:c0:70:59:90:9b:bb:5c:44:24:c2:
e6:99:5c:a1:ed:e6:75:85:2f:55:78:ac:01:e3:a4:8f:26:d6:
00:14:82:0c:89:63:bc:6d:dd:dc:5f:df:09:3d:9b:32:87:b3:
2f:a4:ac:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRBPsC+EYRSox8v3uKMSgeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjUwMTA3MTQ1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FjNGQ3ODIwMTMzMzlhZWI2OTFlYTlmODc1MWJjMDJlZDdjYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw/l7OeeBhI4jzOIUB+DzRTY5f3B
kff/XySF/NL5gA24Y9OWjp+ClKxboTbSFDtOa77/EnfZNPwq5ezq8yAI0BjOPg1n
9vez5GImsC18KnDsa42C7eHmMYrmt5Pgiy2fQLTIjkDRx33WsiSKkyAg2VNx9Q5r
8Gm+PZLz9Vxox4WjWlTgD+y4h2kOOIniEIeL+lNEdF/VhgMWCZc0MpXnrDVHtAwS
dUBgWK1mhdLmWeerA8UOFJzcr0aJca7WCpx5SVKEvrmbZekFK58rrEQvilbdtGY6
EQADHeeqhYBo6uUQnCA0XK7919XkwJ2soCVorGi6kDneSRwRXYkElx7vrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEOsTXggEzOa62keqfh1G8Au18qCMB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvUTZ4TmVDQVRNNXJyYVI2cC1IVWJ3QzdYeW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQCUr6uN/JXUd5KU23NR/xng
tuYouraJdIv7EXrPrbOmMcpwxzYevq5hicU76LG/UJL63JkxlPrUH1WqtIOHdXWs
lLfeDew2Yn86gssxTfJyeFOs39N5TrI+R+u+5WcQUc7XeKj5uU/CbwjfEBSTrqXD
TzmzJPQoj3quUb1LdOwpe9jMciZ0PHJ7zfHTZEC+rZ0xaVCsagQe2RwG+U1xo7Pp
haYY8+YW4QZU0NCMJgntEPNHF6Qlm2mK7ZqOyUFa2TAhkcIErjRZIMfPD3a8NsBw
WZCbu1xEJMLmmVyh7eZ1hS9VeKwB46SPJtYAFIIMiWO8bd3cX98JPZsyh7MvpKwo
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:41:55 2025 by rpki-client