Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ic99gRHKg1vcgLCwyFZ8Bx71Z8Y.roa
File: ic99gRHKg1vcgLCwyFZ8Bx71Z8Y.roa (raw, json)
Hash identifier: xnvatj155ssQn/guC9fxeNutstRxk/h8n3ldSZebXYc=
Subject key identifier: 89:CF:7D:81:11:CA:83:5B:DC:80:B0:B0:C8:56:7C:07:1E:F5:67:C6
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 01913194DBA3970E71E27E5B85B3706ECAC0
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ic99gRHKg1vcgLCwyFZ8Bx71Z8Y.roa
Signing time: Thu 08 Aug 2024 10:42:04 +0000
ROA not before: Thu 08 Aug 2024 10:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 78.153.131.0/24 maxlen: 24
78.153.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 08:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:94:db:a3:97:0e:71:e2:7e:5b:85:b3:70:6e:ca:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Aug 8 10:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89cf7d8111ca835bdc80b0b0c8567c071ef567c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:31:47:d8:2c:67:4a:2a:20:7a:a2:9a:16:
e4:57:65:92:e3:b7:d5:8a:b4:84:0d:ab:25:43:42:
b6:c5:c9:42:82:e4:de:f7:9b:bf:ce:a2:8c:15:6c:
70:1f:32:88:dc:8a:b1:34:d0:2c:67:45:65:bf:5f:
d7:f9:1a:e5:a4:78:c1:0c:92:78:7c:d3:2f:8a:17:
e5:7a:cb:cf:5a:e8:c9:68:3d:b7:2d:03:ea:c4:77:
21:b1:56:68:7b:2e:fa:58:cd:a0:50:60:08:9f:d4:
6a:3f:4e:23:c5:ad:29:3f:42:3c:05:54:95:b1:c0:
17:98:5b:05:54:27:d7:9a:e2:6e:06:db:25:2c:b3:
07:8c:7c:3b:37:80:bc:e0:1d:82:49:31:d0:6a:d2:
5c:fa:ab:97:b7:81:58:15:d5:a9:fa:62:36:f1:08:
f1:52:db:f1:b6:84:fb:54:12:20:e7:4b:2c:73:46:
65:df:14:3d:0f:d6:42:36:43:79:4b:11:53:39:16:
4f:2f:f7:9c:c1:16:ef:f4:43:c4:8e:d0:02:fd:c2:
93:c5:87:1f:27:1d:34:d4:0c:2d:9c:59:fa:db:1b:
d4:53:a9:b0:b5:63:ab:2c:de:46:c7:10:50:8c:6b:
9f:23:b2:f3:e0:11:14:59:90:71:9f:0b:9f:97:2e:
c5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CF:7D:81:11:CA:83:5B:DC:80:B0:B0:C8:56:7C:07:1E:F5:67:C6
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ic99gRHKg1vcgLCwyFZ8Bx71Z8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.131.0/24
78.153.139.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c6:e8:e8:e7:29:4a:76:5a:e0:59:0c:77:e2:00:a5:fc:69:
59:57:d2:26:1a:15:fd:87:c5:47:7b:bb:73:22:79:81:4d:3b:
0e:98:cb:6d:0c:85:e8:ad:f3:54:fd:ab:55:eb:c6:c6:a6:1d:
52:d1:1b:19:5a:d9:ac:bf:79:d4:1e:5e:5b:4c:26:f0:e1:71:
c0:6f:2a:7e:eb:16:b8:53:ee:9a:3a:ee:0b:39:8d:8c:e2:90:
17:d3:74:bf:7e:57:8a:8e:11:d4:4d:c8:e3:cc:85:f2:06:54:
bd:83:d6:d1:ac:f5:f9:e9:e3:1b:c4:e5:7d:c8:16:c9:48:69:
dd:6f:13:8c:16:e6:5f:be:03:5a:b0:1e:35:82:74:9c:a1:8d:
79:3f:1c:11:17:5a:f1:a9:8d:38:b4:fe:1b:78:16:ac:7d:9d:
f6:f3:04:8c:c3:c7:48:a7:6a:14:ad:4e:f2:8f:d5:fc:fb:bb:
5c:ee:be:02:40:1c:bf:48:e3:07:c8:78:ea:9d:6f:77:92:4e:
a9:45:12:9c:0c:58:10:58:b4:bb:56:7c:33:0f:94:27:8f:93:
13:0e:9e:66:ca:d4:8d:ff:4d:47:de:70:0c:8e:80:0d:7e:ae:
84:52:1f:fe:e1:7d:1a:e7:de:f0:8c:89:fe:79:a1:0c:74:bf:
4e:8d:fd:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZExlNujlw5x4n5bhbNwbsrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwODA4MTA0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNmN2Q4MTExY2E4MzViZGM4MGIwYjBjODU2N2MwNzFlZjU2N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldUxR9gsZ0oqIHqimhbkV2WS47fV
irSEDaslQ0K2xclCguTe95u/zqKMFWxwHzKI3IqxNNAsZ0Vlv1/X+RrlpHjBDJJ4
fNMvihflesvPWujJaD23LQPqxHchsVZoey76WM2gUGAIn9RqP04jxa0pP0I8BVSV
scAXmFsFVCfXmuJuBtslLLMHjHw7N4C84B2CSTHQatJc+quXt4FYFdWp+mI28Qjx
UtvxtoT7VBIg50ssc0Zl3xQ9D9ZCNkN5SxFTORZPL/ecwRbv9EPEjtAC/cKTxYcf
Jx001AwtnFn62xvUU6mwtWOrLN5GxxBQjGufI7Lz4BEUWZBxnwufly7FSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFInPfYERyoNb3ICwsMhWfAce9WfGMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvaWM5OWdSSEtnMXZjZ0xDd3lGWjhCeDcxWjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATpmDAwQA
TpmLMA0GCSqGSIb3DQEBCwUAA4IBAQCIxujo5ylKdlrgWQx34gCl/GlZV9ImGhX9
h8VHe7tzInmBTTsOmMttDIXorfNU/atV68bGph1S0RsZWtmsv3nUHl5bTCbw4XHA
byp+6xa4U+6aOu4LOY2M4pAX03S/fleKjhHUTcjjzIXyBlS9g9bRrPX56eMbxOV9
yBbJSGndbxOMFuZfvgNasB41gnScoY15PxwRF1rxqY04tP4beBasfZ328wSMw8dI
p2oUrU7yj9X8+7tc7r4CQBy/SOMHyHjqnW93kk6pRRKcDFgQWLS7VnwzD5Qnj5MT
Dp5mytSN/01H3nAMjoANfq6EUh/+4X0a597wjIn+eaEMdL9Ojf0g
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:09:31 2025 by rpki-client