Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/VwjHPHUdOLgneVFyXKydMhOANWY.roa
File: VwjHPHUdOLgneVFyXKydMhOANWY.roa (raw, json)
Hash identifier: vnU5u+NT/chcoUW5JezQCGC6phl/HHohqLsAP+2Cq8E=
Subject key identifier: 57:08:C7:3C:75:1D:38:B8:27:79:51:72:5C:AC:9D:32:13:80:35:66
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 018CC94E3F041589570AD9E3EA0F80B4B6CD
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/VwjHPHUdOLgneVFyXKydMhOANWY.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30902
IP address blocks: 78.111.3.0/24 maxlen: 24
78.111.0.0/23 maxlen: 23
78.111.0.0/24 maxlen: 24
78.111.2.0/23 maxlen: 23
78.111.0.0/22 maxlen: 22
78.111.2.0/24 maxlen: 24
87.247.177.0/24 maxlen: 24
87.247.176.0/23 maxlen: 23
87.247.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:04:15:89:57:0a:d9:e3:ea:0f:80:b4:b6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5708c73c751d38b8277951725cac9d3213803566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:55:02:78:68:c6:ff:5e:bd:c6:2d:7e:27:af:
95:da:a4:7a:62:7c:d8:dc:b4:d9:02:7c:5f:9f:57:
04:4d:c4:56:fb:a8:3c:54:f4:c6:5e:17:16:b1:8d:
5c:97:ac:47:0e:65:d4:f0:c1:5f:b5:a9:03:61:36:
98:e8:66:0c:f2:a8:a6:27:81:50:55:74:a9:f0:2b:
c8:52:2f:e4:fb:93:d6:01:7c:93:74:23:b6:11:59:
51:bc:ab:80:93:61:6d:35:ff:8e:6e:5d:ac:14:3b:
53:6e:65:5c:72:9a:92:e4:ef:9d:50:48:bc:8d:aa:
1e:4f:a9:e6:89:bd:2a:8c:02:f6:04:d7:5a:c8:34:
c5:cd:e8:fb:bf:d5:ed:54:43:05:73:ca:c2:e9:d3:
93:83:be:c6:e6:e9:cc:10:11:76:fe:fe:cd:27:a3:
46:9d:39:47:71:c6:10:a2:e2:4c:74:27:79:22:c9:
23:46:db:db:03:1b:27:7d:25:32:ee:c9:ee:4c:c3:
27:bd:b5:57:76:22:4f:ca:d8:94:38:7a:88:0b:ee:
2e:b3:1a:77:e6:14:60:71:00:c5:88:81:a5:f8:43:
e3:b4:90:b0:b2:b2:34:25:87:ec:d7:7b:07:f2:4e:
4e:3b:56:42:4f:36:b4:4e:43:21:c7:2c:7c:f6:cb:
a7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:08:C7:3C:75:1D:38:B8:27:79:51:72:5C:AC:9D:32:13:80:35:66
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/VwjHPHUdOLgneVFyXKydMhOANWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.0.0/22
87.247.176.0/23
Signature Algorithm: sha256WithRSAEncryption
09:7e:e2:e1:fa:74:c0:d6:81:2c:5f:05:60:ef:48:a0:74:61:
1f:c1:da:d6:91:7a:cc:b0:07:34:84:67:13:c0:f4:4c:bb:41:
30:a5:74:0c:80:a2:4b:17:dc:ac:58:06:1b:ef:09:21:46:be:
0a:b8:70:8e:3b:f4:04:8c:ac:77:43:f2:a5:2d:77:ac:14:52:
99:3a:35:1b:f5:a3:f9:b0:49:13:74:0f:f0:20:1e:67:7e:3f:
12:b0:39:63:d7:6f:6e:00:1f:bf:6a:82:8a:7d:cb:7b:ca:24:
cf:a6:8d:f1:da:00:07:b0:7f:3a:6f:ca:5c:be:05:0d:9b:a6:
52:c5:3c:2c:7b:8d:f1:4b:4f:70:91:f8:2c:b5:dc:a6:34:11:
e8:5a:f5:b0:21:04:34:34:99:0d:4a:7b:54:44:61:78:38:0c:
56:8f:89:e1:34:15:90:b9:f3:05:1c:bf:49:b9:3b:95:27:e9:
75:47:a5:4e:65:34:84:a2:38:9a:38:f3:53:32:b8:45:af:1c:
f9:71:99:bf:94:59:73:4e:59:f8:14:a2:0f:19:b8:06:c8:61:
2c:8e:e9:83:47:7e:80:ca:dc:7b:22:e4:9f:02:2f:ea:3b:e0:
05:52:cf:1a:c4:f1:3d:fe:ab:6b:69:bd:a5:ee:7e:6e:86:60:
22:b5:7f:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTj8EFYlXCtnj6g+AtLbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NDk3ODc3OWU5MzBlMDFmYmZlN2UwYzVmY2I0MTYxMTEy
OWQ0ZTgwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA4YzczYzc1MWQzOGI4Mjc3OTUxNzI1Y2FjOWQzMjEzODAzNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1UCeGjG/169xi1+J6+V2qR6YnzY
3LTZAnxfn1cETcRW+6g8VPTGXhcWsY1cl6xHDmXU8MFftakDYTaY6GYM8qimJ4FQ
VXSp8CvIUi/k+5PWAXyTdCO2EVlRvKuAk2FtNf+Obl2sFDtTbmVccpqS5O+dUEi8
jaoeT6nmib0qjAL2BNdayDTFzej7v9XtVEMFc8rC6dOTg77G5unMEBF2/v7NJ6NG
nTlHccYQouJMdCd5IskjRtvbAxsnfSUy7snuTMMnvbVXdiJPytiUOHqIC+4usxp3
5hRgcQDFiIGl+EPjtJCwsrI0JYfs13sH8k5OO1ZCTza0TkMhxyx89sunXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFcIxzx1HTi4J3lRclysnTITgDVmMB8GA1UdIwQY
MBaAFOlJeHeekw4B+/5+DF/LQWERKdToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3Yzct
OTVjNDJlNGE4NGMwLzEvVndqSFBIVWRPTGduZVZGeVhLeWRNaE9BTldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3YzctOTVjNDJlNGE4NGMw
LzEvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTm8AAwQB
V/ewMA0GCSqGSIb3DQEBCwUAA4IBAQAJfuLh+nTA1oEsXwVg70igdGEfwdrWkXrM
sAc0hGcTwPRMu0EwpXQMgKJLF9ysWAYb7wkhRr4KuHCOO/QEjKx3Q/KlLXesFFKZ
OjUb9aP5sEkTdA/wIB5nfj8SsDlj129uAB+/aoKKfct7yiTPpo3x2gAHsH86b8pc
vgUNm6ZSxTwse43xS09wkfgstdymNBHoWvWwIQQ0NJkNSntURGF4OAxWj4nhNBWQ
ufMFHL9JuTuVJ+l1R6VOZTSEojiaOPNTMrhFrxz5cZm/lFlzTln4FKIPGbgGyGEs
jumDR36Aytx7IuSfAi/qO+AFUs8axPE9/qtrab2l7n5uhmAitX+R
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:17:35 2025 by rpki-client