Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/yRquq1M7FuPNixH6y2iUKX7LS3k.roa
File: yRquq1M7FuPNixH6y2iUKX7LS3k.roa (raw, json)
Hash identifier: ldlAuFLyTVVl50dV3oQJtwqFZDsVQnNoThW2x2DiaJE=
Subject key identifier: C9:1A:AE:AB:53:3B:16:E3:CD:8B:11:FA:CB:68:94:29:7E:CB:4B:79
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 0194236A1272D956C78A3AC43FB3AC3CA009
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/yRquq1M7FuPNixH6y2iUKX7LS3k.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.88.0/24 maxlen: 24
147.78.89.0/24 maxlen: 24
147.78.90.0/24 maxlen: 24
147.78.91.0/24 maxlen: 24
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Jan 2025 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:12:72:d9:56:c7:8a:3a:c4:3f:b3:ac:3c:a0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c91aaeab533b16e3cd8b11facb6894297ecb4b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2d:ff:57:95:98:27:1c:d3:36:53:a3:c2:a2:
f2:c5:93:d7:88:86:39:75:97:cd:8b:9c:1b:8b:e5:
a5:24:56:62:39:1d:4a:90:ac:f2:67:70:23:4b:57:
40:a1:d1:86:d9:35:0a:e4:41:7e:d8:5d:40:34:9c:
7d:8a:bf:f2:68:46:b0:8e:40:bc:55:1a:d2:e4:cf:
97:60:51:bb:18:33:4f:61:2d:2b:d9:8d:e0:fb:16:
19:78:db:2c:2d:b1:38:d2:11:f6:69:fa:bd:d5:db:
fd:ad:6e:82:2b:3c:1a:08:0c:66:09:4b:b6:8b:48:
63:4e:54:f4:63:52:29:80:e5:49:b8:79:8a:32:1a:
83:3e:be:33:e3:01:23:32:c4:ba:59:83:20:31:0b:
94:a3:95:68:8b:bc:16:75:c6:ad:e1:7d:7b:d1:58:
a6:aa:81:1b:29:d1:b4:a9:38:65:ba:8d:bb:20:b0:
ad:13:0c:42:eb:d9:8e:fc:81:46:d8:eb:06:b0:00:
c1:95:9f:71:9d:91:ad:8c:79:02:78:4f:01:3e:55:
dc:1c:49:f0:85:70:77:5f:8f:8d:ad:cd:63:7f:6b:
03:f9:85:be:af:f0:d6:dd:34:1c:09:64:62:f1:11:
72:0d:d6:5e:71:26:d3:b0:42:04:15:07:dd:45:b1:
05:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1A:AE:AB:53:3B:16:E3:CD:8B:11:FA:CB:68:94:29:7E:CB:4B:79
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/yRquq1M7FuPNixH6y2iUKX7LS3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
76:5f:51:64:1d:39:68:6a:61:04:86:ca:4a:ee:40:d3:d5:30:
fc:1c:ea:bd:09:83:18:01:f2:44:c6:93:3b:2d:3d:04:0b:30:
9b:f4:e4:f8:24:d6:ce:99:08:ed:3a:a6:23:ba:ee:9a:7e:a5:
82:ae:f7:f7:8e:c8:ae:1c:94:36:91:cc:01:52:2f:f0:aa:27:
35:7c:64:16:54:8d:43:64:1d:0c:44:d9:7a:13:c2:bc:41:39:
fb:d2:8d:bf:e5:df:c3:65:d5:ef:de:5b:f7:ec:be:58:5a:3a:
6a:69:f0:05:c3:8c:b9:e5:7a:db:38:56:03:a7:d1:e7:f9:aa:
fa:34:34:4e:5e:97:28:7d:8f:d7:4c:78:e9:37:f3:36:44:d1:
62:cc:e0:09:19:ee:f0:b4:ed:78:a3:13:ed:99:00:af:8c:ae:
01:cb:6e:7c:f3:5e:2b:ce:82:61:dd:9f:4f:94:75:d7:25:75:
7e:74:eb:ab:68:ff:da:1b:8e:58:7a:09:07:c9:78:43:b3:dd:
4d:48:84:d9:e9:01:d8:e7:23:f5:c9:cd:38:b5:20:78:b8:6a:
23:20:2e:f1:24:5d:19:89:eb:a3:ff:c2:dc:5e:3d:ae:b1:5c:
90:34:b7:41:34:ec:af:d3:f5:8c:f4:0c:30:63:55:66:60:8e:
ee:53:4d:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjahJy2VbHijrEP7OsPKAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTFhYWVhYjUzM2IxNmUzY2Q4YjExZmFjYjY4OTQyOTdlY2I0Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i3/V5WYJxzTNlOjwqLyxZPXiIY5
dZfNi5wbi+WlJFZiOR1KkKzyZ3AjS1dAodGG2TUK5EF+2F1ANJx9ir/yaEawjkC8
VRrS5M+XYFG7GDNPYS0r2Y3g+xYZeNssLbE40hH2afq91dv9rW6CKzwaCAxmCUu2
i0hjTlT0Y1IpgOVJuHmKMhqDPr4z4wEjMsS6WYMgMQuUo5Voi7wWdcat4X170Vim
qoEbKdG0qThluo27ILCtEwxC69mO/IFG2OsGsADBlZ9xnZGtjHkCeE8BPlXcHEnw
hXB3X4+Nrc1jf2sD+YW+r/DW3TQcCWRi8RFyDdZecSbTsEIEFQfdRbEFeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMkarqtTOxbjzYsR+stolCl+y0t5MB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEveVJxdXExTTdGdVBOaXhINnkyaVVLWDdMUzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQB2X1FkHTloamEEhspK7kDT
1TD8HOq9CYMYAfJExpM7LT0ECzCb9OT4JNbOmQjtOqYjuu6afqWCrvf3jsiuHJQ2
kcwBUi/wqic1fGQWVI1DZB0MRNl6E8K8QTn70o2/5d/DZdXv3lv37L5YWjpqafAF
w4y55XrbOFYDp9Hn+ar6NDROXpcofY/XTHjpN/M2RNFizOAJGe7wtO14oxPtmQCv
jK4By258814rzoJh3Z9PlHXXJXV+dOuraP/aG45YegkHyXhDs91NSITZ6QHY5yP1
yc04tSB4uGojIC7xJF0Zieuj/8LcXj2usVyQNLdBNOyv0/WM9AwwY1VmYI7uU02L
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:23:44 2025 by rpki-client