Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/kdmPDqC8up3JJypgHgni39rYc5I.roa
File: kdmPDqC8up3JJypgHgni39rYc5I.roa (raw, json)
Hash identifier: fSuCp0gpLQrXIkTnp+j5YxxxnW3j5sPOBwEzZ9kDjjk=
Subject key identifier: 91:D9:8F:0E:A0:BC:BA:9D:C9:27:2A:60:1E:09:E2:DF:DA:D8:73:92
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01967C957004DC8B7CF91FFD87F3D2F665DC
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/kdmPDqC8up3JJypgHgni39rYc5I.roa
Signing time: Mon 28 Apr 2025 13:28:10 +0000
ROA not before: Mon 28 Apr 2025 13:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 16:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:95:70:04:dc:8b:7c:f9:1f:fd:87:f3:d2:f6:65:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 28 13:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91d98f0ea0bcba9dc9272a601e09e2dfdad87392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:84:13:e4:d7:91:29:60:af:d2:52:38:1c:64:
55:0a:64:ac:a6:12:67:77:9c:ce:37:62:e3:5d:02:
48:16:bf:99:39:5e:8a:f8:a0:12:b0:af:58:28:20:
88:e0:77:58:b6:7a:a7:69:2d:4c:94:8f:36:35:c1:
d8:ae:b4:fe:53:cc:a4:97:ff:63:e3:76:19:e7:60:
98:21:8b:0f:cf:f1:87:62:b6:92:57:b7:fc:9c:b8:
df:aa:06:76:3c:eb:9f:df:c0:60:7e:db:56:a4:2d:
13:56:1a:30:38:2a:07:8e:87:40:97:9a:5c:b4:7c:
58:44:91:c4:dc:e7:62:88:fd:14:fb:53:e9:ee:2d:
5d:23:eb:ed:a0:03:88:28:4f:01:8e:69:92:ea:df:
7e:7f:88:dd:c1:ad:9d:f7:d5:71:e5:75:69:a2:e5:
79:50:4c:60:6d:06:79:88:9c:ad:e7:e5:c7:98:98:
60:b0:14:27:b2:98:14:3f:7f:5b:af:0a:0b:30:ef:
42:d1:1a:28:65:ca:55:dd:de:3f:02:7b:d3:79:8c:
50:2c:87:ff:43:62:5a:a2:bc:4f:de:95:0f:73:ee:
da:13:e6:cf:9d:df:ad:48:71:7e:dd:75:fb:91:27:
6f:9f:0e:e1:77:93:48:22:c1:3e:d7:3d:06:4e:cc:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D9:8F:0E:A0:BC:BA:9D:C9:27:2A:60:1E:09:E2:DF:DA:D8:73:92
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/kdmPDqC8up3JJypgHgni39rYc5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.78.0/24
78.135.88.0/24
188.132.163.0/24
188.132.188.0/23
188.132.191.0/24
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
06:ca:23:b6:37:73:6c:24:9b:05:fb:07:da:3f:a2:d4:96:ad:
9b:09:8e:13:3d:af:3c:1d:6e:52:91:b5:3c:68:59:b6:01:fe:
82:dd:67:5e:94:63:ed:67:73:00:7e:80:71:53:39:d4:f4:19:
49:1c:94:ad:fd:8f:61:da:67:37:ff:94:c2:5e:ea:b8:3c:18:
3d:67:7a:6e:16:58:1d:f7:21:11:c9:a7:10:b1:2a:df:e2:65:
de:79:49:8d:1d:20:4a:ee:2b:1f:0e:01:b9:70:d1:c6:f3:f4:
d3:cb:c8:11:a6:7c:bc:1f:b8:d4:7d:67:fd:5e:14:a8:24:75:
46:aa:2d:b2:7b:46:67:01:81:53:85:1c:78:fc:73:82:ed:4c:
65:26:5e:b9:74:51:b4:f1:d1:b3:ef:ef:0f:1a:95:e0:94:08:
c3:d0:8a:71:5f:45:d2:96:d6:6e:26:c4:eb:d8:6d:fc:b2:20:
5a:46:2f:75:64:77:bf:55:82:59:5f:c4:a9:d2:cd:41:69:7c:
18:7c:d0:39:fe:a4:86:99:cc:b9:ff:55:91:c4:93:c0:a7:88:
95:66:3d:4a:32:2d:c9:a5:5d:0b:08:73:e4:48:61:8d:b0:8f:
ee:ca:36:c6:5d:bd:73:ab:f3:14:ce:c6:85:ac:bb:ee:60:af:
ed:78:de:4a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZZ8lXAE3It8+R/9h/PS9mXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNDI4MTMyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ5OGYwZWEwYmNiYTlkYzkyNzJhNjAxZTA5ZTJkZmRhZDg3MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloQT5NeRKWCv0lI4HGRVCmSsphJn
d5zON2LjXQJIFr+ZOV6K+KASsK9YKCCI4HdYtnqnaS1MlI82NcHYrrT+U8ykl/9j
43YZ52CYIYsPz/GHYraSV7f8nLjfqgZ2POuf38BgfttWpC0TVhowOCoHjodAl5pc
tHxYRJHE3OdiiP0U+1Pp7i1dI+vtoAOIKE8BjmmS6t9+f4jdwa2d99Vx5XVpouV5
UExgbQZ5iJyt5+XHmJhgsBQnspgUP39brwoLMO9C0RooZcpV3d4/AnvTeYxQLIf/
Q2JaorxP3pUPc+7aE+bPnd+tSHF+3XX7kSdvnw7hd5NIIsE+1z0GTsxYpQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJHZjw6gvLqdyScqYB4J4t/a2HOSMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEva2RtUERxQzh1cDNKSnlwZ0hnbmkzOXJZYzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQATodIAwQA
TodOAwQATodYAwQAvISjAwQBvIS8AwQAvIS/AwQAvITlAwQAvITsAwQA1EQ3MAwD
BADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAAbKI7Y3c2wkmwX7B9o/otSW
rZsJjhM9rzwdblKRtTxoWbYB/oLdZ16UY+1ncwB+gHFTOdT0GUkclK39j2HaZzf/
lMJe6rg8GD1nem4WWB33IRHJpxCxKt/iZd55SY0dIEruKx8OAblw0cbz9NPLyBGm
fLwfuNR9Z/1eFKgkdUaqLbJ7RmcBgVOFHHj8c4LtTGUmXrl0UbTx0bPv7w8aleCU
CMPQinFfRdKW1m4mxOvYbfyyIFpGL3Vkd79VgllfxKnSzUFpfBh80Dn+pIaZzLn/
VZHEk8CniJVmPUoyLcmlXQsIc+RIYY2wj+7KNsZdvXOr8xTOxoWsu+5gr+143ko=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:09:09 2025 by rpki-client