Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/j3ggWQKuitQ5yWxVsBriToyrcKY.roa
File: j3ggWQKuitQ5yWxVsBriToyrcKY.roa (raw, json)
Hash identifier: 8jvNZ1dg0kHqpeD0ywJ616afT6UilUdn8M1xv1R+tD8=
Subject key identifier: 8F:78:20:59:02:AE:8A:D4:39:C9:6C:55:B0:1A:E2:4E:8C:AB:70:A6
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193F95F671617CBA23FF9900671A34C10ED
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/j3ggWQKuitQ5yWxVsBriToyrcKY.roa
Signing time: Tue 24 Dec 2024 15:53:19 +0000
ROA not before: Tue 24 Dec 2024 15:53:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 78.135.100.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 08:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f9:5f:67:16:17:cb:a2:3f:f9:90:06:71:a3:4c:10:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 24 15:53:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f78205902ae8ad439c96c55b01ae24e8cab70a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:11:56:8d:99:c2:fb:6d:de:28:25:e6:fb:
05:67:a6:1a:6a:be:e8:e2:5b:7c:ef:77:9f:d0:fa:
c3:f5:f1:1c:e5:62:8f:89:be:2e:5b:d2:a4:ea:24:
36:3d:18:d7:0e:28:5b:c5:9f:03:9e:63:41:4e:bb:
f9:da:7c:68:20:03:c6:21:5f:a2:26:ba:26:da:d2:
de:da:5a:16:22:27:ed:8f:4e:0b:89:10:d2:2b:d4:
a4:f2:c1:a4:d3:c7:75:27:b2:cb:00:4a:fb:d5:3e:
37:03:20:91:60:a1:3d:7f:d7:9f:29:a1:91:64:e3:
fa:1c:54:74:29:59:42:39:4a:6e:c3:8b:27:5f:4c:
04:13:5b:34:5b:10:fc:df:6a:70:ed:e1:f1:ca:9b:
80:5a:2f:83:e8:20:8b:e2:fa:80:b2:ac:fd:dc:00:
d4:e4:ac:39:8a:90:16:e3:04:e4:53:95:1b:f5:7b:
a0:25:ad:a6:22:a2:3d:02:1b:6b:7e:c2:9b:59:d4:
fd:3f:0b:05:cb:f7:8d:8e:62:02:8c:fe:21:a3:c2:
56:5d:e5:ea:fb:45:5b:c7:b7:03:79:44:93:3b:a7:
7f:66:6b:29:b5:d9:d4:79:d6:10:ae:db:02:90:c4:
6e:16:fa:b9:9d:59:0c:47:ad:da:7c:05:43:f4:fd:
67:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:78:20:59:02:AE:8A:D4:39:C9:6C:55:B0:1A:E2:4E:8C:AB:70:A6
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/j3ggWQKuitQ5yWxVsBriToyrcKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.100.0/24
188.132.188.0/22
188.132.209.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
31:45:74:f7:86:60:cb:c6:84:c1:2c:82:1c:7d:b6:b4:3b:4d:
69:b3:33:73:b8:cb:e0:41:b5:97:c1:bd:47:74:13:b3:fd:34:
c2:cd:87:e5:e8:7a:05:65:04:f8:04:53:0e:02:dc:23:3a:47:
f3:90:22:93:4e:5c:b4:0a:7a:4d:af:6d:9d:9a:8c:f8:d0:ba:
1e:b0:43:ec:8c:66:0f:5b:ef:ed:71:6d:2b:7c:df:e8:ca:93:
3c:aa:79:c1:96:c7:7b:4a:d3:37:f0:48:11:fb:1f:12:19:9b:
c8:63:3e:41:94:ba:e6:c8:06:f2:8f:fb:6a:10:20:0a:ac:88:
ba:f9:57:b5:7b:f8:26:ac:02:6b:cc:de:a2:5e:62:25:36:43:
d9:f0:d9:aa:3a:12:7a:e4:d5:cf:11:4e:af:70:a4:2a:a3:10:
ab:0f:65:db:25:ab:ab:57:26:09:b6:34:a3:88:fb:04:d7:ef:
6b:22:a0:60:b3:bd:9a:d8:95:0c:4a:74:11:9d:aa:37:8a:1b:
95:b9:48:e1:4b:14:7b:7c:93:9d:8b:8d:d8:7b:5c:d7:72:54:
39:2d:b5:95:66:34:e6:5b:fc:e5:58:a2:a1:8c:d6:c2:94:39:
8c:ce:da:46:af:45:e2:a8:a8:cf:3b:2a:a8:ef:36:a9:b7:cb:
8a:67:f1:17
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZP5X2cWF8uiP/mQBnGjTBDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjI0MTU1MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc4MjA1OTAyYWU4YWQ0MzljOTZjNTViMDFhZTI0ZThjYWI3MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4kRVo2Zwvtt3igl5vsFZ6Yaar7o
4lt873ef0PrD9fEc5WKPib4uW9Kk6iQ2PRjXDihbxZ8DnmNBTrv52nxoIAPGIV+i
Jrom2tLe2loWIiftj04LiRDSK9Sk8sGk08d1J7LLAEr71T43AyCRYKE9f9efKaGR
ZOP6HFR0KVlCOUpuw4snX0wEE1s0WxD832pw7eHxypuAWi+D6CCL4vqAsqz93ADU
5Kw5ipAW4wTkU5Ub9XugJa2mIqI9AhtrfsKbWdT9PwsFy/eNjmICjP4ho8JWXeXq
+0Vbx7cDeUSTO6d/ZmsptdnUedYQrtsCkMRuFvq5nVkMR63afAVD9P1nUwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI94IFkCrorUOclsVbAa4k6Mq3CmMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvajNnZ1dRS3VpdFE1eVd4VnNCcmlUb3lyY0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATodkAwQC
vIS8AwQAvITRMAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBADFFdPeG
YMvGhMEsghx9trQ7TWmzM3O4y+BBtZfBvUd0E7P9NMLNh+XoegVlBPgEUw4C3CM6
R/OQIpNOXLQKek2vbZ2ajPjQuh6wQ+yMZg9b7+1xbSt83+jKkzyqecGWx3tK0zfw
SBH7HxIZm8hjPkGUuubIBvKP+2oQIAqsiLr5V7V7+CasAmvM3qJeYiU2Q9nw2ao6
Enrk1c8RTq9wpCqjEKsPZdslq6tXJgm2NKOI+wTX72sioGCzvZrYlQxKdBGdqjeK
G5W5SOFLFHt8k52Ljdh7XNdyVDkttZVmNOZb/OVYoqGM1sKUOYzO2kavReKoqM87
KqjvNqm3y4pn8Rc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:58:28 2025 by rpki-client