Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xx1ZNJ7ORGmDHmrjLCw5PBEhTck.roa
File: xx1ZNJ7ORGmDHmrjLCw5PBEhTck.roa (raw, json)
Hash identifier: 9UiAO1+ADNm9ggaMb/rrFwYiuXxwsxs6FQZmQfBB6fo=
Subject key identifier: C7:1D:59:34:9E:CE:44:69:83:1E:6A:E3:2C:2C:39:3C:11:21:4D:C9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01940899DE97B7867ECB5D009FC087CF1A8D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xx1ZNJ7ORGmDHmrjLCw5PBEhTck.roa
Signing time: Fri 27 Dec 2024 14:51:29 +0000
ROA not before: Fri 27 Dec 2024 14:51:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.73.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
185.17.136.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:99:de:97:b7:86:7e:cb:5d:00:9f:c0:87:cf:1a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 27 14:51:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c71d59349ece4469831e6ae32c2c393c11214dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:7d:06:aa:73:df:08:78:01:96:9d:b6:5c:
8e:54:44:20:e3:a7:67:e7:8b:d7:46:ea:91:55:c9:
1d:46:df:a5:48:7a:80:bf:78:2f:30:82:82:6b:bb:
17:a6:9d:0c:30:7b:56:23:18:80:1b:f4:0d:96:47:
57:1a:a1:d2:bb:e8:7b:86:65:14:b7:b8:ad:f1:80:
69:ab:dc:d8:20:cd:30:85:b4:31:54:63:70:a0:dd:
19:52:7b:9a:37:11:40:73:c1:00:26:cf:85:4f:1f:
75:15:15:3d:65:92:28:06:49:ff:3d:85:fa:f9:d2:
39:e3:41:74:8f:72:f0:3f:d0:b5:45:b7:95:0c:35:
5b:75:4a:27:2b:32:5a:75:5e:12:3c:ca:d1:59:9d:
18:a2:b0:73:b5:40:ab:bb:e1:b6:2c:11:fd:7c:2d:
77:52:99:8b:4b:81:e4:30:2d:51:ef:8f:91:a8:83:
8b:57:61:2c:44:c3:d0:a4:23:65:7c:0a:c4:6f:5f:
ab:84:50:48:0f:df:5d:30:1f:fd:f3:18:cb:e5:3a:
25:09:79:b3:91:ff:16:ee:c4:cb:67:9d:b0:c2:af:
46:da:7c:36:2f:cf:63:c1:3e:56:57:b3:19:05:f1:
0c:c7:0a:45:cd:9f:74:aa:0e:82:cd:ac:df:32:56:
49:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1D:59:34:9E:CE:44:69:83:1E:6A:E3:2C:2C:39:3C:11:21:4D:C9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xx1ZNJ7ORGmDHmrjLCw5PBEhTck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.97.0/24
78.135.104.0/24
185.17.136.0/24
188.132.229.0/24
188.132.236.0/24
188.132.249.0/24
212.68.35.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
20:56:48:63:77:0d:4f:08:8f:2d:9a:a5:bc:79:41:23:88:7b:
8b:3a:06:70:2b:d3:4d:2a:79:d8:ec:66:07:6e:bb:3c:56:9f:
05:d1:46:54:2a:e8:24:4e:fb:65:82:af:fd:0c:65:75:95:47:
a8:05:a5:29:62:78:69:9f:d9:b1:2a:f6:9a:2d:7a:03:6e:f7:
ff:b6:83:c4:be:46:67:67:c9:c8:59:85:98:d5:cb:35:ca:ed:
b6:39:84:c6:2d:58:18:cd:06:0e:25:cc:ef:59:cd:ee:80:f6:
a8:12:a6:00:14:72:21:f6:22:40:30:82:36:a5:ce:98:2a:9a:
83:58:b6:49:ba:42:b8:e7:ef:ed:32:cc:2d:aa:4a:22:a0:78:
6a:49:07:89:67:1a:e4:a1:d6:d0:a7:78:68:ca:93:84:d3:86:
8d:0c:4a:2e:13:bc:cf:84:79:b8:82:a6:b3:a9:f4:27:fd:96:
97:1e:31:16:bd:ef:6f:03:09:a2:49:c6:3a:37:29:74:dc:61:
5f:13:01:71:04:db:9c:66:1f:78:b4:5f:b4:fa:f3:13:38:1a:
be:d2:72:9f:1d:b1:1b:dc:5b:e7:98:fe:c0:4a:89:ee:80:3f:
f0:4c:85:b0:b9:05:35:b5:5d:8d:93:46:89:ab:3f:28:75:24:
e9:3a:d0:0f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQImd6Xt4Z+y10An8CHzxqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjI3MTQ1MTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFkNTkzNDllY2U0NDY5ODMxZTZhZTMyYzJjMzkzYzExMjE0ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDp9Bqpz3wh4AZadtlyOVEQg46dn
54vXRuqRVckdRt+lSHqAv3gvMIKCa7sXpp0MMHtWIxiAG/QNlkdXGqHSu+h7hmUU
t7it8YBpq9zYIM0whbQxVGNwoN0ZUnuaNxFAc8EAJs+FTx91FRU9ZZIoBkn/PYX6
+dI540F0j3LwP9C1RbeVDDVbdUonKzJadV4SPMrRWZ0YorBztUCru+G2LBH9fC13
UpmLS4HkMC1R74+RqIOLV2EsRMPQpCNlfArEb1+rhFBID99dMB/98xjL5TolCXmz
kf8W7sTLZ52wwq9G2nw2L89jwT5WV7MZBfEMxwpFzZ90qg6CzazfMlZJ6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMcdWTSezkRpgx5q4ywsOTwRIU3JMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEveHgxWk5KN09SR21ESG1yakxDdzVQQkVoVGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATodJAwQA
TodhAwQATodoAwQAuRGIAwQAvITlAwQAvITsAwQAvIT5AwQA1EQjAwQA1EQ3MA0G
CSqGSIb3DQEBCwUAA4IBAQAgVkhjdw1PCI8tmqW8eUEjiHuLOgZwK9NNKnnY7GYH
brs8Vp8F0UZUKugkTvtlgq/9DGV1lUeoBaUpYnhpn9mxKvaaLXoDbvf/toPEvkZn
Z8nIWYWY1cs1yu22OYTGLVgYzQYOJczvWc3ugPaoEqYAFHIh9iJAMII2pc6YKpqD
WLZJukK45+/tMswtqkoioHhqSQeJZxrkodbQp3hoypOE04aNDEouE7zPhHm4gqaz
qfQn/ZaXHjEWve9vAwmiScY6Nyl03GFfEwFxBNucZh94tF+0+vMTOBq+0nKfHbEb
3FvnmP7ASonugD/wTIWwuQU1tV2Nk0aJqz8odSTpOtAP
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:04:34 2025 by rpki-client