Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/r2iCua04rAe9rhpvOKL2dtHZs2Q.roa
File: r2iCua04rAe9rhpvOKL2dtHZs2Q.roa (raw, json)
Hash identifier: t64WOdmO2cjS+CMuKXc9jr43+UvWtbIQtvBeyMrxQW0=
Subject key identifier: AF:68:82:B9:AD:38:AC:07:BD:AE:1A:6F:38:A2:F6:76:D1:D9:B3:64
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 01904EB26D299074BEBDD14B46A1D83AB4DC
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/r2iCua04rAe9rhpvOKL2dtHZs2Q.roa
Signing time: Tue 25 Jun 2024 09:20:34 +0000
ROA not before: Tue 25 Jun 2024 09:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 78.153.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 10:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:b2:6d:29:90:74:be:bd:d1:4b:46:a1:d8:3a:b4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Jun 25 09:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af6882b9ad38ac07bdae1a6f38a2f676d1d9b364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:07:22:d6:fd:f8:9e:2f:73:c1:e8:3f:61:de:
42:7a:2a:68:be:b1:46:59:bd:be:6c:e0:7c:b6:8c:
41:2b:2f:e8:1d:e6:2f:70:ec:93:17:f5:9b:b6:6e:
f9:dc:a1:ff:8f:d8:1d:93:d1:dc:42:ec:c7:fd:2c:
5b:a2:4a:a1:07:bd:81:ec:b2:4d:07:88:73:03:0f:
f7:cc:49:b3:34:52:39:30:47:f0:95:05:68:89:57:
64:99:37:94:49:2b:c5:67:0c:c7:60:88:1c:e4:03:
8f:19:6f:a5:98:67:37:ef:e7:97:24:d4:2d:4b:77:
f5:d1:ad:a6:63:a0:11:a3:56:60:92:b6:3a:49:e2:
9b:7f:3a:1f:c6:06:ac:64:b7:99:77:b2:9b:2b:58:
c5:cf:56:4e:19:df:d1:59:dc:87:9c:d7:a3:72:fe:
3d:d2:48:84:b2:69:ce:cd:ee:ee:50:5c:e6:7d:a3:
7c:80:60:d5:fc:e5:df:1a:0b:5c:c2:59:f5:9a:77:
80:23:e7:89:8f:0f:2b:9e:f7:c0:c6:21:a9:f0:bf:
60:4a:1d:71:b9:8e:ed:f0:1c:7c:8b:98:b2:4f:70:
e5:c6:66:8f:30:99:d4:5b:c1:d9:66:6d:34:51:ad:
3b:4f:23:ea:86:66:f4:4d:b3:89:0a:69:29:f3:88:
73:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:68:82:B9:AD:38:AC:07:BD:AE:1A:6F:38:A2:F6:76:D1:D9:B3:64
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/r2iCua04rAe9rhpvOKL2dtHZs2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.139.0/24
Signature Algorithm: sha256WithRSAEncryption
65:76:33:69:3a:89:66:db:0f:5a:69:28:6c:5a:0c:ed:e2:10:
93:52:57:2a:17:da:c6:59:fb:cf:cf:54:cc:23:62:4d:74:11:
8c:7d:87:63:45:28:09:13:b2:04:6a:15:eb:26:bd:9e:fe:fd:
63:f4:5f:4d:51:6f:02:31:79:30:a3:39:4d:c8:47:fd:02:51:
42:b3:95:d8:36:ff:0d:fd:d4:e8:02:86:de:82:72:4f:6d:7d:
ce:e8:cf:00:f5:a0:17:4d:a8:8d:85:99:1f:74:d8:4a:60:8d:
d8:31:45:58:6b:0a:6d:d8:ec:dc:ce:fa:3f:5b:6e:3e:cd:9c:
71:84:96:3b:92:00:de:33:19:e8:b1:6c:8a:f2:e9:60:b2:95:
8e:58:53:89:63:8d:b6:b7:f2:ed:f4:f0:cd:93:b5:4a:25:32:
db:00:06:c6:c5:e4:27:94:81:b4:00:e8:85:c7:f4:b6:25:d1:
d9:32:ec:57:f5:e8:5f:04:3b:01:4c:fe:db:33:b3:db:5e:4e:
2d:f8:c9:32:b3:e6:4a:36:10:bc:6c:e7:1f:f4:83:e7:a8:a6:
82:d5:79:5f:de:73:cf:92:6b:0a:7c:35:4a:ab:da:36:ef:1d:
f1:87:bf:7e:20:7f:ae:c6:b6:57:49:8a:05:e3:af:6d:87:3c:
75:d2:f4:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBOsm0pkHS+vdFLRqHYOrTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwNjI1MDkyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY4ODJiOWFkMzhhYzA3YmRhZTFhNmYzOGEyZjY3NmQxZDliMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQci1v34ni9zweg/Yd5CeipovrFG
Wb2+bOB8toxBKy/oHeYvcOyTF/Wbtm753KH/j9gdk9HcQuzH/SxbokqhB72B7LJN
B4hzAw/3zEmzNFI5MEfwlQVoiVdkmTeUSSvFZwzHYIgc5AOPGW+lmGc37+eXJNQt
S3f10a2mY6ARo1ZgkrY6SeKbfzofxgasZLeZd7KbK1jFz1ZOGd/RWdyHnNejcv49
0kiEsmnOze7uUFzmfaN8gGDV/OXfGgtcwln1mneAI+eJjw8rnvfAxiGp8L9gSh1x
uY7t8Bx8i5iyT3DlxmaPMJnUW8HZZm00Ua07TyPqhmb0TbOJCmkp84hzKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9ogrmtOKwHva4abzii9nbR2bNkMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvcjJpQ3VhMDRyQWU5cmhwdk9LTDJkdEhaczJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATpmLMA0G
CSqGSIb3DQEBCwUAA4IBAQBldjNpOolm2w9aaShsWgzt4hCTUlcqF9rGWfvPz1TM
I2JNdBGMfYdjRSgJE7IEahXrJr2e/v1j9F9NUW8CMXkwozlNyEf9AlFCs5XYNv8N
/dToAobegnJPbX3O6M8A9aAXTaiNhZkfdNhKYI3YMUVYawpt2Ozczvo/W24+zZxx
hJY7kgDeMxnosWyK8ulgspWOWFOJY422t/Lt9PDNk7VKJTLbAAbGxeQnlIG0AOiF
x/S2JdHZMuxX9ehfBDsBTP7bM7PbXk4t+Mkys+ZKNhC8bOcf9IPnqKaC1Xlf3nPP
kmsKfDVKq9o27x3xh79+IH+uxrZXSYoF469thzx10vT+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:14 2025 by rpki-client