Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/J7xjCcyFMdJawGAavrBPlot1oQA.roa
File: J7xjCcyFMdJawGAavrBPlot1oQA.roa (raw, json)
Hash identifier: gZZYyGTs78vp7CKr2MoDTiWUq/uqoo17uzosI+PxGOw=
Subject key identifier: 27:BC:63:09:CC:85:31:D2:5A:C0:60:1A:BE:B0:4F:96:8B:75:A1:00
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01958A0AF9E9D4DF89B7CB8C53F3A7289E68
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/J7xjCcyFMdJawGAavrBPlot1oQA.roa
Signing time: Wed 12 Mar 2025 11:08:49 +0000
ROA not before: Wed 12 Mar 2025 11:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 21:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:0a:f9:e9:d4:df:89:b7:cb:8c:53:f3:a7:28:9e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 12 11:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27bc6309cc8531d25ac0601abeb04f968b75a100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3e:1d:9e:30:62:e2:59:69:08:84:1d:53:52:
3c:c6:3e:b9:64:d5:e5:ee:27:b5:bd:1e:b5:2f:32:
94:ef:58:79:90:f4:aa:2a:85:1d:f2:d9:df:f4:f0:
00:11:57:e1:44:08:83:5b:18:fc:2d:fa:3b:6d:67:
a1:4e:87:59:3f:30:f7:dd:3e:3d:f6:73:de:3c:04:
d0:00:cc:97:62:4c:00:4a:74:98:da:1f:1d:cd:be:
31:a0:59:d7:13:c6:af:27:68:d2:1d:42:ad:f1:65:
98:b6:b9:d3:03:93:59:3b:3a:b8:84:57:58:f2:34:
99:9d:ea:f5:32:e3:6a:68:94:95:54:ec:6d:0c:b8:
27:ce:07:21:08:cb:a8:ab:af:c1:34:86:02:82:22:
d1:15:ff:1a:70:91:9f:0b:21:3b:86:c2:70:72:6b:
28:b1:d0:b5:18:42:88:fb:15:d1:6a:f9:ab:7a:f5:
3c:49:84:6d:6b:72:2b:ba:ec:40:df:e3:7f:93:71:
85:b4:4a:e8:e0:a1:39:ac:27:53:cf:d1:c4:e4:a3:
e5:57:fc:a7:c3:d0:21:72:1c:04:5c:ea:6d:68:d5:
2e:51:6e:ae:fa:77:a4:30:e3:d1:bb:d8:a2:42:6d:
d0:a4:e8:9e:3e:c2:e4:34:c0:85:0b:67:02:1b:2d:
fb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BC:63:09:CC:85:31:D2:5A:C0:60:1A:BE:B0:4F:96:8B:75:A1:00
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/J7xjCcyFMdJawGAavrBPlot1oQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
188.132.188.0/23
188.132.191.0/24
188.132.236.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
6a:7e:5d:eb:ec:5d:46:87:37:34:18:8e:cf:09:ba:97:be:69:
84:15:17:25:bd:71:ae:92:5a:7a:c1:7b:15:f3:91:84:0c:b9:
4d:c5:a6:d0:60:69:4a:9e:21:90:e5:b5:99:13:20:cd:4d:a6:
e4:36:f6:92:36:37:c4:09:e9:8e:13:ea:24:1e:05:c0:0c:d1:
8f:08:be:6a:0e:10:5e:0e:b3:37:e7:78:39:ed:e9:9a:97:36:
8f:0f:ed:a0:73:ee:22:d4:b0:43:ed:55:d9:f9:73:8c:04:2c:
86:63:2b:f2:29:e4:9a:3c:ce:35:25:92:40:82:36:c6:46:24:
92:98:7c:1b:7a:70:3e:cb:02:78:cd:38:99:5c:ca:98:4d:84:
fc:51:f7:99:66:38:e7:0c:ad:ff:96:28:6b:0b:ff:85:91:4f:
a1:d2:84:f3:89:20:f6:4e:88:d3:a4:5c:bc:d2:53:c5:d1:ca:
09:98:81:65:d1:28:11:7b:9f:0d:fc:39:3f:26:70:1d:db:03:
5e:e5:2c:80:68:d8:8f:7e:86:38:ed:6e:3d:5c:be:02:52:83:
c3:0a:6e:4b:b6:04:e4:d5:54:2f:e7:ab:e1:d6:e2:19:2c:c7:
bb:81:85:7d:54:71:3f:2b:69:66:53:90:9f:57:fc:68:31:d7:
05:ae:a5:86
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWKCvnp1N+Jt8uMU/OnKJ5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzEyMTEwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JjNjMwOWNjODUzMWQyNWFjMDYwMWFiZWIwNGY5NjhiNzVhMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT4dnjBi4llpCIQdU1I8xj65ZNXl
7ie1vR61LzKU71h5kPSqKoUd8tnf9PAAEVfhRAiDWxj8Lfo7bWehTodZPzD33T49
9nPePATQAMyXYkwASnSY2h8dzb4xoFnXE8avJ2jSHUKt8WWYtrnTA5NZOzq4hFdY
8jSZner1MuNqaJSVVOxtDLgnzgchCMuoq6/BNIYCgiLRFf8acJGfCyE7hsJwcmso
sdC1GEKI+xXRavmrevU8SYRta3IruuxA3+N/k3GFtEro4KE5rCdTz9HE5KPlV/yn
w9AhchwEXOptaNUuUW6u+nekMOPRu9iiQm3QpOiePsLkNMCFC2cCGy37rwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCe8YwnMhTHSWsBgGr6wT5aLdaEAMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSjd4akNjeUZNZEphd0dBYXZyQlBsb3Qxb1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATodIAwQB
vIS8AwQAvIS/AwQAvITsMAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEB
AGp+XevsXUaHNzQYjs8Jupe+aYQVFyW9ca6SWnrBexXzkYQMuU3FptBgaUqeIZDl
tZkTIM1NpuQ29pI2N8QJ6Y4T6iQeBcAM0Y8IvmoOEF4OszfneDnt6ZqXNo8P7aBz
7iLUsEPtVdn5c4wELIZjK/Ip5Jo8zjUlkkCCNsZGJJKYfBt6cD7LAnjNOJlcyphN
hPxR95lmOOcMrf+WKGsL/4WRT6HShPOJIPZOiNOkXLzSU8XRygmYgWXRKBF7nw38
OT8mcB3bA17lLIBo2I9+hjjtbj1cvgJSg8MKbku2BOTVVC/nq+HW4hksx7uBhX1U
cT8raWZTkJ9X/Ggx1wWupYY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:14:51 2025 by rpki-client