Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/_9-AUvDKqkvyOcioWLaU0o15fbE.roa
File: _9-AUvDKqkvyOcioWLaU0o15fbE.roa (raw, json)
Hash identifier: RzOXAAnjiJp8STNrXd0L/9ivKPlB+VQNEtJt+s6ux4w=
Subject key identifier: FF:DF:80:52:F0:CA:AA:4B:F2:39:C8:A8:58:B6:94:D2:8D:79:7D:B1
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 01940E1D750470B7E35983E722D3D2A16C2B
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/_9-AUvDKqkvyOcioWLaU0o15fbE.roa
Signing time: Sat 28 Dec 2024 16:33:18 +0000
ROA not before: Sat 28 Dec 2024 16:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.88.0/24 maxlen: 24
147.78.89.0/24 maxlen: 24
147.78.90.0/24 maxlen: 24
147.78.91.0/24 maxlen: 24
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0e:1d:75:04:70:b7:e3:59:83:e7:22:d3:d2:a1:6c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Dec 28 16:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdf8052f0caaa4bf239c8a858b694d28d797db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:7a:fb:6f:b8:6d:fa:df:e9:a4:bb:cb:cc:f7:
dd:e3:b9:b9:67:fa:69:d7:65:98:db:17:c8:66:92:
4f:99:1d:f7:dc:65:0e:c9:97:ec:9e:e2:fb:40:f9:
19:0c:06:f3:7d:73:e4:69:fa:5a:2a:2a:19:2e:a3:
f0:41:d4:e7:7d:a7:ba:2e:9b:70:90:9b:d8:18:15:
e8:8d:4a:a5:8e:2d:4c:b1:ff:d2:20:d7:09:2f:cc:
a2:38:f7:81:f2:d7:e2:8f:9c:36:78:03:9c:8f:aa:
3a:1f:64:d7:d3:15:62:81:6a:cf:df:9c:1d:8a:54:
ab:a8:89:51:b4:7d:66:db:a1:00:a7:a3:b9:68:8a:
16:0a:68:ea:46:25:a8:34:d6:68:47:44:d0:18:e9:
5d:a5:a7:40:79:9d:a0:d5:60:1c:2d:6e:f0:40:72:
4e:a7:27:82:52:15:51:3a:34:ed:72:a2:3d:fe:eb:
2f:f6:2d:d6:22:32:56:b9:38:39:20:9e:8f:94:45:
57:e5:3d:29:f0:e0:ed:53:52:34:28:10:3f:b3:d0:
1e:77:fe:38:bb:d1:d0:cd:24:59:bb:9f:a3:7b:f3:
b4:a5:a6:95:90:f4:4f:f3:8f:d4:4c:bc:16:fc:e3:
90:7e:82:03:19:71:2b:8f:93:20:1f:39:0c:03:54:
ec:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DF:80:52:F0:CA:AA:4B:F2:39:C8:A8:58:B6:94:D2:8D:79:7D:B1
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/_9-AUvDKqkvyOcioWLaU0o15fbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
42:02:86:2b:dc:c3:3d:ad:76:2f:8d:7e:95:35:b4:4f:e1:69:
3f:df:6d:89:2c:b3:e7:86:48:81:a1:5a:1e:49:88:6d:65:34:
f5:56:2f:72:5c:f9:6b:44:c2:d2:36:35:02:8f:96:9e:0a:99:
06:c7:99:c2:3b:4b:3e:96:31:3c:33:9c:ec:03:34:a6:fe:a1:
20:bb:a4:1a:8e:59:1c:90:25:0e:36:d9:4c:36:e5:f3:d0:0d:
1c:54:6e:dc:6c:bc:d4:cb:91:62:1c:bf:f3:4a:88:62:7b:f2:
87:97:75:f3:37:5b:30:48:b9:27:ac:65:63:48:4e:a3:be:b5:
22:47:ab:d3:5a:7a:ef:59:87:f2:d7:42:12:fc:68:ea:d6:84:
ba:18:3f:49:4d:4b:2c:76:85:04:95:e8:05:fc:7b:75:62:4c:
89:06:32:61:41:a5:3a:f5:5e:82:7d:af:cf:65:2c:96:7c:b7:
3d:cc:cf:24:69:f2:83:ee:33:a1:d9:27:26:aa:28:6d:0f:bc:
b6:d3:bb:4b:43:b8:26:60:df:f5:83:c2:9d:32:60:34:39:96:
5d:66:9e:6f:c0:49:d6:b6:7f:e5:21:39:13:c2:d0:4e:e4:86:
12:54:33:2b:e2:c6:27:8b:a8:12:3f:fa:47:59:17:65:88:3e:
34:0c:88:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQOHXUEcLfjWYPnItPSoWwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjQxMjI4MTYzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRmODA1MmYwY2FhYTRiZjIzOWM4YTg1OGI2OTRkMjhkNzk3ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Xr7b7ht+t/ppLvLzPfd47m5Z/pp
12WY2xfIZpJPmR333GUOyZfsnuL7QPkZDAbzfXPkafpaKioZLqPwQdTnfae6Lptw
kJvYGBXojUqlji1Msf/SINcJL8yiOPeB8tfij5w2eAOcj6o6H2TX0xVigWrP35wd
ilSrqIlRtH1m26EAp6O5aIoWCmjqRiWoNNZoR0TQGOldpadAeZ2g1WAcLW7wQHJO
pyeCUhVROjTtcqI9/usv9i3WIjJWuTg5IJ6PlEVX5T0p8ODtU1I0KBA/s9Aed/44
u9HQzSRZu5+je/O0paaVkPRP84/UTLwW/OOQfoIDGXErj5MgHzkMA1TsEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP/fgFLwyqpL8jnIqFi2lNKNeX2xMB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvXzktQVV2REtxa3Z5T2Npb1dMYVUwbzE1ZmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBCAoYr3MM9rXYvjX6VNbRP
4Wk/322JLLPnhkiBoVoeSYhtZTT1Vi9yXPlrRMLSNjUCj5aeCpkGx5nCO0s+ljE8
M5zsAzSm/qEgu6QajlkckCUONtlMNuXz0A0cVG7cbLzUy5FiHL/zSohie/KHl3Xz
N1swSLknrGVjSE6jvrUiR6vTWnrvWYfy10IS/Gjq1oS6GD9JTUssdoUElegF/Ht1
YkyJBjJhQaU69V6Cfa/PZSyWfLc9zM8kafKD7jOh2ScmqihtD7y207tLQ7gmYN/1
g8KdMmA0OZZdZp5vwEnWtn/lITkTwtBO5IYSVDMr4sYni6gSP/pHWRdliD40DIhe
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:57:42 2025 by rpki-client