Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/RjJpfy9dXb4AThTEaKNuPkCVSDg.roa
File: RjJpfy9dXb4AThTEaKNuPkCVSDg.roa (raw, json)
Hash identifier: l2g7+DB6tkxVLRGfJ3JCDnCvj1RsT4Hf0e0qmK54eCU=
Subject key identifier: 46:32:69:7F:2F:5D:5D:BE:00:4E:14:C4:68:A3:6E:3E:40:95:48:38
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01955BDB66530B002BA1F1F0AB7E09FF4878
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/RjJpfy9dXb4AThTEaKNuPkCVSDg.roa
Signing time: Mon 03 Mar 2025 11:54:20 +0000
ROA not before: Mon 03 Mar 2025 11:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.97.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 13:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:db:66:53:0b:00:2b:a1:f1:f0:ab:7e:09:ff:48:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 3 11:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4632697f2f5d5dbe004e14c468a36e3e40954838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:57:91:a6:58:9b:65:7c:6e:db:44:4c:b7:
31:d0:8f:78:1a:d6:8d:a1:78:69:24:4b:c1:5e:1f:
31:31:e2:23:76:fe:63:fd:b8:93:d6:2e:af:74:3a:
55:4b:34:ab:4f:cd:a9:ec:c8:3a:90:fa:f7:55:f9:
86:a9:ef:7b:30:d2:c8:3b:27:60:03:e7:eb:59:54:
b1:0d:c2:16:78:fa:21:cb:33:c1:6c:94:a6:35:73:
5e:6b:ae:ee:72:24:02:36:b6:07:35:7d:57:9a:2c:
ee:07:62:6d:5d:3c:f7:ee:19:8d:1c:c5:8d:9d:c9:
db:64:27:5b:d0:0c:35:72:00:9a:53:5a:da:8e:9c:
c5:8e:df:5f:4a:02:c4:58:74:e8:f6:a1:cd:0c:b8:
19:b2:51:fc:51:21:ab:00:fe:16:93:9d:9d:33:3c:
84:7e:c4:b3:47:b7:3b:1b:90:93:95:08:d5:ef:59:
28:fc:39:db:fd:22:9e:d1:f4:c1:6b:76:58:d3:3a:
ea:c1:31:44:95:24:8c:66:0a:ec:84:ba:ea:81:9b:
9e:ec:fb:f7:3f:d0:0b:5d:fb:24:15:99:53:3a:03:
a1:57:69:8e:92:c2:ed:86:96:f5:6a:65:6f:8d:81:
f9:c1:9b:90:88:ee:48:a8:16:b9:f0:9c:c1:b1:ac:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:32:69:7F:2F:5D:5D:BE:00:4E:14:C4:68:A3:6E:3E:40:95:48:38
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/RjJpfy9dXb4AThTEaKNuPkCVSDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.97.0/24
188.132.188.0/23
188.132.191.0/24
188.132.236.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
1f:2b:77:9c:91:76:db:09:49:b5:90:da:d4:0c:5d:a4:2b:35:
0e:ee:78:f3:df:99:83:41:a5:09:fb:13:09:61:3f:c6:9c:93:
2d:40:f5:26:cb:fb:b8:f6:8a:3f:d6:37:6d:db:68:c7:79:3c:
9a:b5:b1:78:13:ae:cc:0e:0a:d9:47:b1:ff:65:e0:4a:f7:06:
23:84:f1:4b:66:f8:25:d1:58:ad:5a:f2:c3:af:09:fe:53:26:
ce:30:af:61:8b:57:bc:85:32:cf:e9:6a:c4:34:43:c8:38:30:
6c:73:1e:48:dd:81:67:2c:d3:e2:21:5f:f8:de:54:e1:0b:57:
6d:eb:ac:99:b6:93:2d:b5:1a:97:39:30:45:07:4f:cb:50:4a:
a7:0e:f9:bd:6b:22:d8:c1:ec:1a:29:ab:71:7c:a1:e7:2c:32:
7c:c2:59:d2:51:7c:08:5c:bd:f5:4d:8d:d6:c2:2e:48:ee:e4:
ca:7d:ea:57:15:2c:90:11:82:65:57:82:37:0d:27:32:1d:21:
55:14:df:a3:60:b7:e0:08:bf:75:47:6a:a9:a5:f1:27:ae:91:
60:91:08:50:51:9b:5a:9f:07:07:14:15:cc:73:d1:c4:65:08:
14:84:65:1d:07:e8:95:d9:23:eb:ed:66:f1:7e:e6:9b:3f:df:
61:76:5a:f0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZVb22ZTCwArofHwq34J/0h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzAzMTE1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjMyNjk3ZjJmNWQ1ZGJlMDA0ZTE0YzQ2OGEzNmUzZTQwOTU0ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDJXkaZYm2V8bttETLcx0I94GtaN
oXhpJEvBXh8xMeIjdv5j/biT1i6vdDpVSzSrT82p7Mg6kPr3VfmGqe97MNLIOydg
A+frWVSxDcIWePohyzPBbJSmNXNea67uciQCNrYHNX1XmizuB2JtXTz37hmNHMWN
ncnbZCdb0Aw1cgCaU1rajpzFjt9fSgLEWHTo9qHNDLgZslH8USGrAP4Wk52dMzyE
fsSzR7c7G5CTlQjV71ko/Dnb/SKe0fTBa3ZY0zrqwTFElSSMZgrshLrqgZue7Pv3
P9ALXfskFZlTOgOhV2mOksLthpb1amVvjYH5wZuQiO5IqBa58JzBsaz9TQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEYyaX8vXV2+AE4UxGijbj5AlUg4MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUmpKcGZ5OWRYYjRBVGhURWFLTnVQa0NWU0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATodhAwQB
vIS8AwQAvIS/AwQAvITsMAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEB
AB8rd5yRdtsJSbWQ2tQMXaQrNQ7uePPfmYNBpQn7EwlhP8acky1A9SbL+7j2ij/W
N23baMd5PJq1sXgTrswOCtlHsf9l4Er3BiOE8Utm+CXRWK1a8sOvCf5TJs4wr2GL
V7yFMs/pasQ0Q8g4MGxzHkjdgWcs0+IhX/jeVOELV23rrJm2ky21Gpc5MEUHT8tQ
SqcO+b1rItjB7Bopq3F8oecsMnzCWdJRfAhcvfVNjdbCLkju5Mp96lcVLJARgmVX
gjcNJzIdIVUU36Ngt+AIv3VHaqml8SeukWCRCFBRm1qfBwcUFcxz0cRlCBSEZR0H
6JXZI+vtZvF+5ps/32F2WvA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:05:10 2025 by rpki-client