Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/t6qZqDeZ09MWSDzZVr-GI1Z6wQo.roa
File: t6qZqDeZ09MWSDzZVr-GI1Z6wQo.roa (raw, json)
Hash identifier: ah2Npyzk1rVjwuMIZVDAAzPOq/jKihWbyGuGXoQgmJk=
Subject key identifier: B7:AA:99:A8:37:99:D3:D3:16:48:3C:D9:56:BF:86:23:56:7A:C1:0A
Certificate issuer: /CN=87f1cac0de8f66a7076f2810f3f3518aa70643ba
Certificate serial: 018CCA2A73DEDE91C14146FBB8DB02133289
Authority key identifier: 87:F1:CA:C0:DE:8F:66:A7:07:6F:28:10:F3:F3:51:8A:A7:06:43:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/t6qZqDeZ09MWSDzZVr-GI1Z6wQo.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210964
IP address blocks: 194.150.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:73:de:de:91:c1:41:46:fb:b8:db:02:13:32:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f1cac0de8f66a7076f2810f3f3518aa70643ba
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7aa99a83799d3d316483cd956bf8623567ac10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ff:86:9b:50:c8:29:08:53:cc:d5:6f:4f:5b:
13:88:08:e0:61:39:3c:b6:e5:e2:0f:8f:51:1b:c3:
ac:26:0e:d6:32:58:f6:a3:86:b0:91:bf:30:f5:d4:
bb:81:c0:75:81:91:7c:86:89:95:7c:02:28:fc:c6:
e2:28:99:f9:28:2b:91:fe:5a:08:fa:97:58:15:f6:
c9:ff:1c:75:03:62:9b:08:d6:22:77:33:9d:e1:55:
e1:46:ed:a8:66:bb:3f:f2:c2:16:67:8d:db:36:79:
8c:15:4c:ee:9d:c4:35:81:6e:98:32:d3:91:62:f8:
64:18:aa:07:59:fa:ac:2d:7c:bc:21:29:12:c2:d5:
15:97:2d:7b:dd:fb:b9:e0:b2:87:14:1e:f9:12:21:
39:e0:c3:5c:98:1c:1b:f9:bd:98:be:34:58:4e:28:
f0:fd:33:3f:26:49:7b:01:60:13:33:ad:29:84:f1:
c1:cf:1f:fe:d3:16:22:2f:d7:de:46:72:30:f1:23:
31:ed:cb:c6:0a:e3:d2:60:a5:7a:e9:dc:fa:04:12:
73:a5:79:30:4e:fc:94:67:33:03:ea:d7:09:cd:00:
cf:f3:2d:71:15:fd:10:25:7b:e6:08:4c:4d:d0:db:
a1:37:a1:09:32:e8:70:4e:f5:fb:c0:75:76:a4:cc:
90:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AA:99:A8:37:99:D3:D3:16:48:3C:D9:56:BF:86:23:56:7A:C1:0A
X509v3 Authority Key Identifier:
keyid:87:F1:CA:C0:DE:8F:66:A7:07:6F:28:10:F3:F3:51:8A:A7:06:43:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/t6qZqDeZ09MWSDzZVr-GI1Z6wQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.78.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e9:8a:68:42:a8:da:44:c8:fc:50:2d:70:20:34:62:da:b7:
3c:a3:bc:3d:a3:0f:ad:53:ff:b8:b5:92:37:6d:71:0a:a5:5c:
53:86:5c:8a:c2:09:17:2f:b3:f0:d9:9d:aa:0c:db:dd:de:7c:
43:87:77:14:cd:f1:37:d9:1a:52:46:79:1d:a1:27:ad:e0:22:
f0:5c:96:7a:ef:d7:e1:af:ff:1c:52:b6:b4:77:fc:4d:c1:3b:
70:96:f1:08:ef:6e:97:6c:08:30:9b:f5:40:84:3e:f9:e8:83:
11:76:c8:5c:f9:49:d5:c1:28:52:6e:16:0d:fc:7d:4d:42:96:
ea:e4:c8:79:d2:bc:99:3a:83:ea:87:db:ec:0d:fe:10:39:bc:
24:c6:75:2e:af:4f:98:b6:30:8a:30:d5:a7:7e:dc:1c:68:2e:
db:02:5b:ec:a6:f9:14:e1:ce:f5:44:e5:5d:e2:60:35:86:32:
8d:01:16:71:47:54:d8:4a:36:41:97:24:e9:7a:7d:a6:e8:c9:
19:b2:82:de:91:5e:d6:ba:11:aa:71:67:1a:c1:38:4f:04:6e:
e3:ab:69:34:f6:f1:07:66:32:f1:f3:b1:76:70:a6:13:f5:14:
32:1f:e4:fc:dc:ae:4c:8e:da:58:e8:48:06:64:b1:01:90:3c:
35:47:ec:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnPe3pHBQUb7uNsCEzKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjFjYWMwZGU4ZjY2YTcwNzZmMjgxMGYzZjM1MThhYTcw
NjQzYmEwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FhOTlhODM3OTlkM2QzMTY0ODNjZDk1NmJmODYyMzU2N2FjMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf+Gm1DIKQhTzNVvT1sTiAjgYTk8
tuXiD49RG8OsJg7WMlj2o4awkb8w9dS7gcB1gZF8homVfAIo/MbiKJn5KCuR/loI
+pdYFfbJ/xx1A2KbCNYidzOd4VXhRu2oZrs/8sIWZ43bNnmMFUzuncQ1gW6YMtOR
YvhkGKoHWfqsLXy8ISkSwtUVly173fu54LKHFB75EiE54MNcmBwb+b2YvjRYTijw
/TM/Jkl7AWATM60phPHBzx/+0xYiL9feRnIw8SMx7cvGCuPSYKV66dz6BBJzpXkw
TvyUZzMD6tcJzQDP8y1xFf0QJXvmCExN0NuhN6EJMuhwTvX7wHV2pMyQBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeqmag3mdPTFkg82Va/hiNWesEKMB8GA1UdIwQY
MBaAFIfxysDej2anB28oEPPzUYqnBkO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9IS3dONlBacWNIYnlnUThfTlJpcWNHUTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNmIxYjktOWVkNi00YWYyLWE3M2It
Zjg4NzRhNmJhZDM4LzEvdDZxWnFEZVowOU1XU0R6WlZyLUdJMVo2d1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNmIxYjktOWVkNi00YWYyLWE3M2ItZjg4NzRhNmJhZDM4
LzEvaF9IS3dONlBacWNIYnlnUThfTlJpcWNHUTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpZOMA0G
CSqGSIb3DQEBCwUAA4IBAQB16YpoQqjaRMj8UC1wIDRi2rc8o7w9ow+tU/+4tZI3
bXEKpVxThlyKwgkXL7Pw2Z2qDNvd3nxDh3cUzfE32RpSRnkdoSet4CLwXJZ679fh
r/8cUra0d/xNwTtwlvEI726XbAgwm/VAhD756IMRdshc+UnVwShSbhYN/H1NQpbq
5Mh50ryZOoPqh9vsDf4QObwkxnUur0+YtjCKMNWnftwcaC7bAlvspvkU4c71ROVd
4mA1hjKNARZxR1TYSjZBlyTpen2m6MkZsoLekV7WuhGqcWcawThPBG7jq2k09vEH
ZjLx87F2cKYT9RQyH+T83K5MjtpY6EgGZLEBkDw1R+yH
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:19 2025 by rpki-client