Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/dXwh8XIdYtVLf5ejrFbatx9B4vk.roa
File: dXwh8XIdYtVLf5ejrFbatx9B4vk.roa (raw, json)
Hash identifier: kPyOoKMoMnoeR7qlTjBZjHOQM1B+Nn987yZPP7D505g=
Subject key identifier: 75:7C:21:F1:72:1D:62:D5:4B:7F:97:A3:AC:56:DA:B7:1F:41:E2:F9
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 0194236A12347DCE11E7AEE227415D07E6BF
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/dXwh8XIdYtVLf5ejrFbatx9B4vk.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61157
IP address blocks: 147.78.88.0/22 maxlen: 22
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:12:34:7d:ce:11:e7:ae:e2:27:41:5d:07:e6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=757c21f1721d62d54b7f97a3ac56dab71f41e2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a8:8d:d7:b0:4a:8e:40:48:3c:7d:47:58:63:
57:f4:bc:7b:9c:0c:38:c8:55:37:c5:0a:ff:e9:db:
86:75:33:2a:61:34:02:4a:37:ef:7d:a3:47:7a:94:
0a:e1:e6:d0:5b:d6:7a:7b:a7:04:77:88:6f:f3:b3:
f1:3d:af:f1:bd:c6:e5:e5:bc:7b:a9:f4:62:89:2f:
c3:7b:6e:ed:e7:2c:72:95:a0:db:9f:6a:52:f2:73:
61:a6:c1:c6:5b:47:84:be:5d:08:46:9e:95:8f:ed:
27:6d:59:bc:a8:2d:1c:72:36:f5:84:48:77:d3:9f:
ec:5f:39:1d:5c:2c:e0:c0:e4:d5:18:ad:a9:61:5f:
db:fa:e2:e0:e4:4e:fe:94:66:1e:fe:7e:f1:21:c2:
ed:25:80:5b:c6:8a:41:ad:84:46:eb:3a:c9:f6:a8:
0a:89:7b:fa:dc:f4:15:18:47:ec:96:61:19:46:5d:
c9:63:a9:6c:ee:e7:35:60:89:e9:60:b5:26:fe:56:
9f:45:a0:db:e6:ad:8e:9e:97:87:8e:1e:8f:00:22:
f8:73:47:9a:4a:6e:e6:16:84:e0:58:c9:2c:e5:40:
0f:83:34:c4:9c:dc:27:14:b4:bf:36:49:7b:cb:77:
99:8f:e0:91:b1:91:e8:45:cb:3e:53:ba:5d:9d:ba:
fa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7C:21:F1:72:1D:62:D5:4B:7F:97:A3:AC:56:DA:B7:1F:41:E2:F9
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/dXwh8XIdYtVLf5ejrFbatx9B4vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
5a:de:17:40:fa:91:27:80:5d:87:40:a4:d2:a7:a4:cc:ab:35:
44:c1:ce:e0:d4:68:07:3e:5d:eb:e0:c7:f2:a8:64:2a:28:c5:
ff:35:5a:39:33:4d:63:a8:92:9d:88:4a:c3:71:81:ec:20:63:
35:29:92:bb:e5:9e:1d:cd:a7:e3:a9:fe:61:52:49:6d:88:2d:
1f:da:08:72:0f:dd:a1:e6:df:48:eb:b5:ec:ab:6f:75:2b:ba:
4a:01:c7:e8:ef:d2:09:d8:bd:03:e9:38:25:bd:18:46:87:75:
2a:f4:bb:64:a0:4c:d5:ca:2a:96:be:b6:72:17:17:14:03:c3:
c0:36:53:06:92:08:fd:83:d7:e8:49:cc:c6:68:72:52:9c:a0:
8c:0d:2d:22:28:06:06:cf:9c:aa:c3:ab:46:dc:83:31:7d:d3:
76:b3:9f:3f:38:93:04:f7:65:2f:a4:62:32:17:18:7f:4d:ab:
3d:dd:ea:9e:22:56:40:2a:b1:70:7c:18:59:a2:b4:d5:72:9b:
7c:8b:78:e9:fc:e8:c1:38:66:62:7e:0d:30:45:90:01:c2:6f:
de:d2:3f:ca:03:94:1b:b0:05:96:c6:80:0e:93:7d:da:e8:3c:
47:80:8c:04:5a:70:8f:c2:0f:f9:b8:3b:4d:5a:26:16:f3:fb:
88:b9:bb:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjahI0fc4R567iJ0FdB+a/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTdjMjFmMTcyMWQ2MmQ1NGI3Zjk3YTNhYzU2ZGFiNzFmNDFlMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKiN17BKjkBIPH1HWGNX9Lx7nAw4
yFU3xQr/6duGdTMqYTQCSjfvfaNHepQK4ebQW9Z6e6cEd4hv87PxPa/xvcbl5bx7
qfRiiS/De27t5yxylaDbn2pS8nNhpsHGW0eEvl0IRp6Vj+0nbVm8qC0ccjb1hEh3
05/sXzkdXCzgwOTVGK2pYV/b+uLg5E7+lGYe/n7xIcLtJYBbxopBrYRG6zrJ9qgK
iXv63PQVGEfslmEZRl3JY6ls7uc1YInpYLUm/lafRaDb5q2OnpeHjh6PACL4c0ea
Sm7mFoTgWMks5UAPgzTEnNwnFLS/Nkl7y3eZj+CRsZHoRcs+U7pdnbr6mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHV8IfFyHWLVS3+Xo6xW2rcfQeL5MB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvZFh3aDhYSWRZdFZMZjVlanJGYmF0eDlCNHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBa3hdA+pEngF2HQKTSp6TM
qzVEwc7g1GgHPl3r4MfyqGQqKMX/NVo5M01jqJKdiErDcYHsIGM1KZK75Z4dzafj
qf5hUkltiC0f2ghyD92h5t9I67Xsq291K7pKAcfo79IJ2L0D6TglvRhGh3Uq9Ltk
oEzVyiqWvrZyFxcUA8PANlMGkgj9g9foSczGaHJSnKCMDS0iKAYGz5yqw6tG3IMx
fdN2s58/OJME92UvpGIyFxh/Tas93eqeIlZAKrFwfBhZorTVcpt8i3jp/OjBOGZi
fg0wRZABwm/e0j/KA5QbsAWWxoAOk33a6DxHgIwEWnCPwg/5uDtNWiYW8/uIubvG
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:54:24 2025 by rpki-client