Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/24Mh9bBqzVKPHN-4Khsh9yxlIg4.roa
File: 24Mh9bBqzVKPHN-4Khsh9yxlIg4.roa (raw, json)
Hash identifier: oAwba8ugBLvVIU/kDANwGQZwnIfxM3/GLgUGb+h0zaY=
Subject key identifier: DB:83:21:F5:B0:6A:CD:52:8F:1C:DF:B8:2A:1B:21:F7:2C:65:22:0E
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746999E1AF2D9969892C51547988348
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/24Mh9bBqzVKPHN-4Khsh9yxlIg4.roa
Signing time: Thu 02 Jan 2025 13:48:45 +0000
ROA not before: Thu 02 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.100.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 18:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:99:9e:1a:f2:d9:96:98:92:c5:15:47:98:83:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db8321f5b06acd528f1cdfb82a1b21f72c65220e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:62:40:49:31:0e:6b:b3:1a:22:a4:86:c6:
29:d3:fb:f7:04:98:bf:19:4f:c9:8e:c5:ed:b3:55:
d0:c1:a1:52:5d:d0:8f:cb:c4:70:18:9c:b3:e9:a5:
b1:e7:34:98:99:57:53:f8:4e:ce:81:f6:e0:c0:af:
02:64:a8:7b:66:fb:b0:0d:e7:d2:cc:0b:82:61:1b:
13:82:fb:c9:57:64:02:85:51:56:d8:a0:c4:05:a0:
eb:13:f7:9f:7c:b6:25:6c:c8:8b:11:c7:8c:3a:03:
81:8b:09:7f:d6:55:e0:db:a2:e0:40:0a:2a:0c:5b:
1a:04:98:ba:26:7f:e0:0a:ce:bc:b3:fd:6e:44:cf:
1a:c8:c3:67:98:26:df:19:11:36:64:a6:3d:96:94:
16:e1:f7:de:21:8b:56:c9:5a:38:a2:97:91:94:69:
1b:f3:8b:77:2d:cf:f4:8e:d8:ef:86:e2:97:df:f6:
6a:a2:06:3c:a0:5e:36:af:6c:d5:26:7d:aa:66:8f:
ad:94:e2:ce:87:35:62:20:8c:1f:3c:3b:e7:e9:df:
c4:c3:64:e0:cd:68:c8:46:83:ef:fd:1d:91:78:27:
2a:e1:8f:29:06:b7:62:32:de:cc:18:29:d1:be:ab:
ca:d5:7e:e0:51:f1:b2:8e:6d:bc:16:f5:b0:e6:1e:
c6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:83:21:F5:B0:6A:CD:52:8F:1C:DF:B8:2A:1B:21:F7:2C:65:22:0E
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/24Mh9bBqzVKPHN-4Khsh9yxlIg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.100.0/24
188.132.188.0/22
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
8f:bb:5f:ce:5b:02:94:2e:42:17:fb:62:8a:5f:90:52:a3:ed:
3f:28:c6:30:cb:a8:32:96:45:f5:83:67:6f:16:37:4a:2b:df:
a1:6e:42:ef:55:80:c1:81:90:a2:60:d4:4c:47:a7:96:e7:91:
db:d4:b4:f7:85:9d:76:1d:71:c5:1d:3c:bf:2e:4a:87:07:fb:
38:54:19:9b:b1:ed:53:77:78:d7:0b:02:af:81:72:c6:42:3f:
52:c3:d1:4d:93:2d:0d:f3:73:85:89:4b:16:be:36:6a:f5:36:
6a:a4:88:44:6f:22:6f:5f:c5:59:34:ef:ba:56:f9:b8:65:b1:
27:8e:91:80:bc:ca:00:59:e9:8e:6d:b7:87:29:c6:10:e0:08:
53:cc:66:0d:4a:8b:3e:04:ef:70:bf:ff:a7:75:fc:f7:c0:aa:
1a:05:6a:16:90:7e:4a:54:1c:8d:a1:58:3f:f0:b2:d7:fa:3b:
65:d4:54:ea:b4:51:e2:b1:99:11:21:8d:81:f9:7a:15:30:06:
2c:47:6c:c7:13:8a:60:5b:07:08:1f:76:33:76:3c:53:36:d7:
d8:a6:2f:e2:b6:d2:91:ad:5b:df:f9:77:69:2b:16:68:92:c0:
a6:75:fa:d8:97:db:a5:07:6c:90:9d:2f:1a:bf:4f:78:82:fa:
02:12:3f:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnRpmeGvLZlpiSxRVHmINIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgzMjFmNWIwNmFjZDUyOGYxY2RmYjgyYTFiMjFmNzJjNjUyMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmliQEkxDmuzGiKkhsYp0/v3BJi/
GU/JjsXts1XQwaFSXdCPy8RwGJyz6aWx5zSYmVdT+E7OgfbgwK8CZKh7ZvuwDefS
zAuCYRsTgvvJV2QChVFW2KDEBaDrE/effLYlbMiLEceMOgOBiwl/1lXg26LgQAoq
DFsaBJi6Jn/gCs68s/1uRM8ayMNnmCbfGRE2ZKY9lpQW4ffeIYtWyVo4opeRlGkb
84t3Lc/0jtjvhuKX3/ZqogY8oF42r2zVJn2qZo+tlOLOhzViIIwfPDvn6d/Ew2Tg
zWjIRoPv/R2ReCcq4Y8pBrdiMt7MGCnRvqvK1X7gUfGyjm28FvWw5h7GswIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNuDIfWwas1SjxzfuCobIfcsZSIOMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMjRNaDliQnF6VktQSE4tNEtoc2g5eXhsSWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATodkAwQC
vIS8MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAI+7X85bApQuQhf7
YopfkFKj7T8oxjDLqDKWRfWDZ28WN0or36FuQu9VgMGBkKJg1ExHp5bnkdvUtPeF
nXYdccUdPL8uSocH+zhUGZux7VN3eNcLAq+BcsZCP1LD0U2TLQ3zc4WJSxa+Nmr1
NmqkiERvIm9fxVk077pW+bhlsSeOkYC8ygBZ6Y5tt4cpxhDgCFPMZg1Kiz4E73C/
/6d1/PfAqhoFahaQfkpUHI2hWD/wstf6O2XUVOq0UeKxmREhjYH5ehUwBixHbMcT
imBbBwgfdjN2PFM219imL+K20pGtW9/5d2krFmiSwKZ1+tiX26UHbJCdLxq/T3iC
+gISP5A=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:33:48 2025 by rpki-client