Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/aUxX45Qo7oRb9m3YmMpxJdl7h3M.roa
File: aUxX45Qo7oRb9m3YmMpxJdl7h3M.roa (raw, json)
Hash identifier: qCHaFk/hhUTp5kMHCJpWwh1JwmP40ZKdPw1FBvJcsfQ=
Subject key identifier: 69:4C:57:E3:94:28:EE:84:5B:F6:6D:D8:98:CA:71:25:D9:7B:87:73
Certificate issuer: /CN=36451a2ea40af1715e6313169468996aca71bb8a
Certificate serial: 018D38AD836BB76F4E67E0237F6CCFBDFEEC
Authority key identifier: 36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/aUxX45Qo7oRb9m3YmMpxJdl7h3M.roa
Signing time: Tue 23 Jan 2024 23:35:11 +0000
ROA not before: Tue 23 Jan 2024 23:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31383
IP address blocks: 78.41.72.0/21 maxlen: 21
83.137.16.0/21 maxlen: 21
83.137.23.0/24 maxlen: 24
2001:4038::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Jan 2024 00:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:38:ad:83:6b:b7:6f:4e:67:e0:23:7f:6c:cf:bd:fe:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36451a2ea40af1715e6313169468996aca71bb8a
Validity
Not Before: Jan 23 23:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=694c57e39428ee845bf66dd898ca7125d97b8773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:88:0f:e4:1d:03:68:c6:4d:ea:dd:45:c9:d0:
41:bb:e4:77:eb:e0:72:c7:dc:99:4c:7e:c5:f5:fc:
4f:6b:3c:4c:3c:8d:ae:73:74:45:d9:a6:63:0d:34:
65:94:f2:78:27:77:e4:ea:82:ac:e4:fc:95:86:98:
43:0e:3b:e8:ac:39:96:a3:c6:7e:e5:c4:86:ba:76:
0f:df:f7:8f:71:39:3d:00:61:2e:31:d2:79:3d:d8:
ff:af:9d:e6:8a:13:f4:5c:a5:12:79:73:c0:7b:e9:
04:1a:40:7b:76:7e:a8:46:18:ad:ad:43:8c:b8:ad:
0e:c5:3f:20:9f:06:9d:18:b8:22:4d:80:f3:52:32:
49:79:12:30:68:7a:eb:d3:d2:57:a0:57:de:4c:69:
77:d7:e3:36:a9:19:11:2d:6b:31:e7:4c:fc:8e:4c:
f4:3a:40:68:bb:57:83:28:a3:df:32:69:d8:15:4e:
25:65:d5:ce:98:72:09:f2:09:cc:12:fd:0b:7a:14:
de:d0:ca:9f:4c:65:66:f1:6a:84:fa:f4:7b:dc:57:
5a:60:10:83:18:d9:f6:d0:49:17:00:73:97:9f:98:
21:60:66:e7:7f:27:5e:e2:4a:e7:6b:43:5e:4d:a3:
b3:33:cf:f9:cb:85:25:08:52:f8:40:18:45:3b:ef:
0b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4C:57:E3:94:28:EE:84:5B:F6:6D:D8:98:CA:71:25:D9:7B:87:73
X509v3 Authority Key Identifier:
keyid:36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/aUxX45Qo7oRb9m3YmMpxJdl7h3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/NkUaLqQK8XFeYxMWlGiZaspxu4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.72.0/21
83.137.16.0/21
IPv6:
2001:4038::/32
Signature Algorithm: sha256WithRSAEncryption
1d:e3:4b:f3:32:ab:81:3b:13:23:ed:5f:68:99:da:64:03:54:
42:1c:cd:03:a2:d7:6b:c9:ba:88:74:bd:a8:dc:c3:2d:4b:c2:
5b:9b:7b:68:d9:a6:5c:34:c9:65:16:17:02:50:c8:9a:29:1d:
b5:1d:94:f8:99:1b:4e:bf:db:d7:62:1a:22:e5:af:67:f6:1e:
fe:c7:57:2d:80:18:c3:cb:51:4e:e7:11:92:8c:18:f3:9b:50:
d3:b4:e8:33:d1:48:53:81:03:01:b5:7e:78:81:58:ff:f3:26:
ae:80:28:e2:df:77:e1:c9:0e:74:a0:48:a6:20:ba:c9:b1:a0:
df:86:2b:25:e4:ba:1b:f9:ba:46:95:b0:14:b9:37:f4:c4:c9:
09:68:0b:b7:ac:1d:1c:59:6c:98:ea:72:26:45:65:10:93:17:
03:c8:f3:ac:10:e3:4c:76:7d:c4:3b:3a:5f:dc:5c:d1:c7:a6:
e0:01:8b:bf:6b:e6:bd:7e:e3:3f:c3:cd:fd:e1:fe:a7:34:fb:
3e:fc:93:4b:13:e6:79:ef:a1:ce:1f:fb:ab:41:f2:5d:c4:b6:
23:5e:97:81:7d:89:a3:b7:15:19:a3:f5:2c:fb:ad:32:40:ce:
37:68:3f:94:09:a6:ea:4e:ba:e1:78:32:f5:2d:2d:b6:b2:74:
14:10:67:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY04rYNrt29OZ+Ajf2zPvf7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDUxYTJlYTQwYWYxNzE1ZTYzMTMxNjk0Njg5OTZhY2E3
MWJiOGEwHhcNMjQwMTIzMjMzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRjNTdlMzk0MjhlZTg0NWJmNjZkZDg5OGNhNzEyNWQ5N2I4NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgogP5B0DaMZN6t1FydBBu+R36+By
x9yZTH7F9fxPazxMPI2uc3RF2aZjDTRllPJ4J3fk6oKs5PyVhphDDjvorDmWo8Z+
5cSGunYP3/ePcTk9AGEuMdJ5Pdj/r53mihP0XKUSeXPAe+kEGkB7dn6oRhitrUOM
uK0OxT8gnwadGLgiTYDzUjJJeRIwaHrr09JXoFfeTGl31+M2qRkRLWsx50z8jkz0
OkBou1eDKKPfMmnYFU4lZdXOmHIJ8gnMEv0LehTe0MqfTGVm8WqE+vR73FdaYBCD
GNn20EkXAHOXn5ghYGbnfyde4krna0NeTaOzM8/5y4UlCFL4QBhFO+8LUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGlMV+OUKO6EW/Zt2JjKcSXZe4dzMB8GA1UdIwQY
MBaAFDZFGi6kCvFxXmMTFpRomWrKcbuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzIt
YmUzMDhjMTJmN2JjLzEvYVV4WDQ1UW83b1JiOW0zWW1NcHhKZGw3aDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzItYmUzMDhjMTJmN2Jj
LzEvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTilIAwQD
U4kQMA0EAgACMAcDBQAgAUA4MA0GCSqGSIb3DQEBCwUAA4IBAQAd40vzMquBOxMj
7V9omdpkA1RCHM0DotdrybqIdL2o3MMtS8Jbm3to2aZcNMllFhcCUMiaKR21HZT4
mRtOv9vXYhoi5a9n9h7+x1ctgBjDy1FO5xGSjBjzm1DTtOgz0UhTgQMBtX54gVj/
8yaugCji33fhyQ50oEimILrJsaDfhisl5Lob+bpGlbAUuTf0xMkJaAu3rB0cWWyY
6nImRWUQkxcDyPOsEONMdn3EOzpf3FzRx6bgAYu/a+a9fuM/w8394f6nNPs+/JNL
E+Z576HOH/urQfJdxLYjXpeBfYmjtxUZo/Us+60yQM43aD+UCabqTrrheDL1LS22
snQUEGcG
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:07:09 2025 by rpki-client