Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/rEQo_rH65Xv51ksTVlH1ME65w_o.roa
File: rEQo_rH65Xv51ksTVlH1ME65w_o.roa (raw, json)
Hash identifier: xMmMrV5Tv/ikhz+BUN3Z8nHaqs4YSIZjIZN1xYi1PuM=
Subject key identifier: AC:44:28:FE:B1:FA:E5:7B:F9:D6:4B:13:56:51:F5:30:4E:B9:C3:FA
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 019379192068ADBC4A46B12AC3DAB33AC208
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/rEQo_rH65Xv51ksTVlH1ME65w_o.roa
Signing time: Fri 29 Nov 2024 18:05:10 +0000
ROA not before: Fri 29 Nov 2024 18:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213301
IP address blocks: 185.78.84.0/24 maxlen: 24
185.78.85.0/24 maxlen: 24
185.174.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:79:19:20:68:ad:bc:4a:46:b1:2a:c3:da:b3:3a:c2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Nov 29 18:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac4428feb1fae57bf9d64b135651f5304eb9c3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3c:c0:44:68:80:c2:34:23:9d:76:14:01:e2:
dc:88:65:9c:8a:d4:d6:8f:2c:2d:38:0c:60:e4:c9:
31:36:5e:2a:cf:41:fd:03:28:69:ac:c7:b2:b0:c4:
e3:27:11:b1:62:f7:67:f4:86:fc:59:f2:57:b1:fb:
b7:35:f2:35:8c:c8:a3:d5:1c:95:53:7c:ef:ee:66:
e3:b4:af:6c:88:f3:4d:30:a9:6c:af:d6:30:96:79:
87:77:f3:77:2c:cc:03:de:35:ca:59:38:8f:61:5c:
0e:8c:84:a0:96:6b:85:b4:c3:45:d2:e7:2d:92:00:
74:f7:03:50:83:48:db:67:66:60:f0:7c:6b:a0:b0:
05:6f:a0:2e:cb:95:aa:47:01:84:9d:28:ca:eb:a6:
4d:db:47:cd:e3:d4:b5:8d:d1:5a:15:72:77:80:be:
5e:24:dc:85:f8:10:83:88:87:a5:8b:69:af:3f:ba:
b5:be:7f:57:cb:32:b3:62:e6:cf:ce:3a:67:b1:11:
20:1b:cb:ad:af:ed:b2:5c:8b:3e:fa:a6:b2:de:17:
4d:1e:4d:43:14:b2:a2:16:43:33:30:c0:f3:e0:ec:
d8:a8:a0:f1:5a:ee:ae:1b:d9:c3:0a:06:f2:0e:b5:
0e:26:87:67:d5:ed:1e:28:38:ca:93:10:6c:54:f9:
4e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:44:28:FE:B1:FA:E5:7B:F9:D6:4B:13:56:51:F5:30:4E:B9:C3:FA
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/rEQo_rH65Xv51ksTVlH1ME65w_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.84.0/23
185.174.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:9d:01:a3:86:7c:e3:38:18:1d:ea:09:01:fc:ee:ed:4f:b6:
1e:24:37:bb:f6:80:c1:9f:91:60:56:63:1f:c7:08:79:66:1b:
82:68:8e:9a:c9:f8:81:ac:a9:a6:d3:3d:57:90:37:9a:56:ac:
b4:9a:84:f3:91:db:63:4e:d7:48:b1:58:6b:70:86:87:4e:34:
35:67:af:20:f3:09:9e:78:0f:60:ff:cb:5e:2c:8e:02:89:0a:
77:1a:a2:cc:8c:be:d8:26:55:d7:15:24:40:d8:e6:a3:20:d6:
71:04:e4:48:ba:68:ca:ec:3e:90:f9:05:0e:f3:9d:94:b0:78:
1d:f6:e8:d1:94:ab:9f:68:23:bc:b6:1a:e5:5d:0b:80:a2:cc:
fe:d8:11:f2:a5:f7:28:56:97:d1:f2:c5:99:d7:da:a9:6b:5f:
7b:68:fa:91:a5:45:7a:cd:33:97:c9:61:09:31:64:c7:e4:85:
cd:a8:36:bb:3c:cd:3d:7d:fc:c4:df:9c:51:ab:98:16:00:8d:
a7:15:d9:9f:fc:51:d8:e2:46:d5:0d:0c:59:a0:67:70:b9:88:
d0:55:f3:bd:86:81:16:48:86:a5:a6:b6:d6:7e:bb:98:3c:bb:
cc:9c:f1:e8:4a:46:89:73:bc:d2:e0:6c:c1:92:1e:77:dc:40:
99:32:ce:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN5GSBorbxKRrEqw9qzOsIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQxMTI5MTgwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQ0MjhmZWIxZmFlNTdiZjlkNjRiMTM1NjUxZjUzMDRlYjljM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzzARGiAwjQjnXYUAeLciGWcitTW
jywtOAxg5MkxNl4qz0H9AyhprMeysMTjJxGxYvdn9Ib8WfJXsfu3NfI1jMij1RyV
U3zv7mbjtK9siPNNMKlsr9YwlnmHd/N3LMwD3jXKWTiPYVwOjISglmuFtMNF0uct
kgB09wNQg0jbZ2Zg8HxroLAFb6Auy5WqRwGEnSjK66ZN20fN49S1jdFaFXJ3gL5e
JNyF+BCDiIeli2mvP7q1vn9XyzKzYubPzjpnsREgG8utr+2yXIs++qay3hdNHk1D
FLKiFkMzMMDz4OzYqKDxWu6uG9nDCgbyDrUOJodn1e0eKDjKkxBsVPlORQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKxEKP6x+uV7+dZLE1ZR9TBOucP6MB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvckVRb19ySDY1WHY1MWtzVFZsSDFNRTY1d19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuU5UAwQA
ua5EMA0GCSqGSIb3DQEBCwUAA4IBAQAtnQGjhnzjOBgd6gkB/O7tT7YeJDe79oDB
n5FgVmMfxwh5ZhuCaI6ayfiBrKmm0z1XkDeaVqy0moTzkdtjTtdIsVhrcIaHTjQ1
Z68g8wmeeA9g/8teLI4CiQp3GqLMjL7YJlXXFSRA2OajINZxBORIumjK7D6Q+QUO
852UsHgd9ujRlKufaCO8thrlXQuAosz+2BHypfcoVpfR8sWZ19qpa197aPqRpUV6
zTOXyWEJMWTH5IXNqDa7PM09ffzE35xRq5gWAI2nFdmf/FHY4kbVDQxZoGdwuYjQ
VfO9hoEWSIalprbWfruYPLvMnPHoSkaJc7zS4GzBkh533ECZMs5F
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:17 2025 by rpki-client