Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/KzZ9iESw8MVcG-P2O1HydaKvaP8.roa
File: KzZ9iESw8MVcG-P2O1HydaKvaP8.roa (raw, json)
Hash identifier: jvn8L6nxE6sDtm0I6IcuFn5PadT+RGXuCNoyvDnCip8=
Subject key identifier: 2B:36:7D:88:44:B0:F0:C5:5C:1B:E3:F6:3B:51:F2:75:A2:AF:68:FF
Certificate issuer: /CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850
Certificate serial: 018CC649B87B2EDC6A97CD776450898EF2C7
Authority key identifier: 5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/KzZ9iESw8MVcG-P2O1HydaKvaP8.roa
Signing time: Mon 01 Jan 2024 18:29:29 +0000
ROA not before: Mon 01 Jan 2024 18:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43709
IP address blocks: 78.157.176.0/21 maxlen: 21
78.157.176.0/20 maxlen: 20
78.157.184.0/21 maxlen: 21
78.157.160.0/19 maxlen: 19
78.157.160.0/20 maxlen: 20
78.157.160.0/21 maxlen: 21
78.157.168.0/21 maxlen: 21
2a02:d8a0:c000::/34 maxlen: 34
2a02:d8a0:8000::/34 maxlen: 34
2a02:d8a0:4000::/34 maxlen: 34
2a02:d8a0::/34 maxlen: 34
2a02:d8a0::/32 maxlen: 32
2a02:d8a0:8000::/33 maxlen: 33
2a02:d8a0::/33 maxlen: 33
Validation: Failed, certificate revoked on Sun 28 Apr 2024 16:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:b8:7b:2e:dc:6a:97:cd:77:64:50:89:8e:f2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850
Validity
Not Before: Jan 1 18:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b367d8844b0f0c55c1be3f63b51f275a2af68ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:a0:c7:a9:b7:e4:b7:12:52:1f:ed:57:52:
e2:1a:e7:a1:a1:5b:e3:ed:17:47:66:f1:98:3f:b3:
28:c5:1f:a2:12:d9:e1:4e:c9:5e:2f:d4:65:dd:4e:
4d:86:5d:29:b0:b7:82:63:a3:33:e3:b6:6c:ab:19:
35:03:8e:22:ed:dd:07:a1:09:ce:fd:33:6c:d7:12:
f5:56:e3:00:5b:ac:1e:c1:ce:62:18:16:5a:76:85:
fb:64:c4:ec:94:0d:80:cc:3e:65:7d:62:79:fb:4b:
fc:c7:a7:a9:8c:77:3c:5b:bd:02:67:04:f7:57:2b:
89:c6:44:0f:3e:43:3a:dd:9f:1a:5a:1b:83:36:70:
e4:80:17:f9:56:2a:63:97:1b:23:ae:a9:de:52:a7:
f9:50:cf:17:5d:82:f3:89:ae:e2:7c:4d:27:0a:e7:
90:c4:83:86:5e:56:b3:35:a7:95:20:33:d9:30:2e:
df:7f:d6:52:5f:62:a7:36:1e:a3:89:84:07:b0:e6:
f7:3e:05:1a:86:5c:87:7c:02:f8:e3:b8:be:a3:0f:
18:c1:f3:e8:3b:7f:0f:f8:6f:d6:4f:b7:e3:e8:44:
8d:63:9f:7a:67:70:28:e1:39:5d:1c:12:a5:c6:ca:
73:39:c4:7c:39:a6:eb:e9:33:03:67:bb:a6:13:11:
6a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:36:7D:88:44:B0:F0:C5:5C:1B:E3:F6:3B:51:F2:75:A2:AF:68:FF
X509v3 Authority Key Identifier:
keyid:5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/KzZ9iESw8MVcG-P2O1HydaKvaP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/XB3W7EouHzdshVxYMSGVoAXNuFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.160.0/19
IPv6:
2a02:d8a0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:6f:66:70:94:b4:c6:7b:3b:a6:19:fe:ba:45:9f:82:ce:0f:
db:53:e6:9f:44:46:f1:13:b3:45:1d:c9:54:9c:a5:e6:2a:65:
ef:9d:da:9f:f4:b1:1a:95:4e:88:f6:c3:96:b0:fa:75:7d:6d:
56:0b:f9:fc:0e:e4:da:1e:ed:0f:4c:84:8c:30:9f:1c:71:ab:
6a:27:49:97:b8:f6:2a:53:f6:1f:cd:a8:4c:29:1d:89:4b:82:
25:f1:aa:cf:7b:53:58:20:04:d2:75:25:4a:3e:e0:b1:6b:d1:
d0:19:3f:38:19:79:99:cb:90:23:a1:71:82:cc:05:8f:ed:2f:
65:73:dc:f0:49:79:b0:7c:e5:c0:2a:89:db:ee:11:01:5d:32:
1e:bd:08:06:b6:d3:b6:03:b9:51:91:04:72:1f:8d:a1:eb:e9:
5c:50:72:a9:78:c5:ff:88:0b:ab:5b:66:a0:05:b9:38:83:a6:
a5:d9:d3:81:fd:04:7b:23:1a:c4:cf:ae:88:61:56:e2:83:fa:
2a:86:62:ec:41:fc:68:44:dd:e6:c4:8b:c1:e5:92:8f:1e:ec:
fb:7b:15:56:e3:bb:07:9a:da:5b:8b:bb:cc:0e:c4:44:14:24:
04:e6:3f:6a:07:65:12:ec:03:1c:77:63:cf:fa:15:8a:bd:9c:
68:04:07:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSbh7Ltxql813ZFCJjvLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMWRkNmVjNGEyZTFmMzc2Yzg1NWM1ODMxMjE5NWEwMDVj
ZGI4NTAwHhcNMjQwMTAxMTgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM2N2Q4ODQ0YjBmMGM1NWMxYmUzZjYzYjUxZjI3NWEyYWY2OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/+gx6m35LcSUh/tV1LiGuehoVvj
7RdHZvGYP7MoxR+iEtnhTsleL9Rl3U5Nhl0psLeCY6Mz47Zsqxk1A44i7d0HoQnO
/TNs1xL1VuMAW6wewc5iGBZadoX7ZMTslA2AzD5lfWJ5+0v8x6epjHc8W70CZwT3
VyuJxkQPPkM63Z8aWhuDNnDkgBf5VipjlxsjrqneUqf5UM8XXYLzia7ifE0nCueQ
xIOGXlazNaeVIDPZMC7ff9ZSX2KnNh6jiYQHsOb3PgUahlyHfAL447i+ow8YwfPo
O38P+G/WT7fj6ESNY596Z3Ao4TldHBKlxspzOcR8Oabr6TMDZ7umExFqcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCs2fYhEsPDFXBvj9jtR8nWir2j/MB8GA1UdIwQY
MBaAFFwd1uxKLh83bIVcWDEhlaAFzbhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYt
Mzk2NzFlMGI2MjY2LzEvS3paOWlFU3c4TVZjRy1QMk8xSHlkYUt2YVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYtMzk2NzFlMGI2MjY2
LzEvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTp2gMA0E
AgACMAcDBQAqAtigMA0GCSqGSIb3DQEBCwUAA4IBAQBub2ZwlLTGezumGf66RZ+C
zg/bU+afREbxE7NFHclUnKXmKmXvndqf9LEalU6I9sOWsPp1fW1WC/n8DuTaHu0P
TISMMJ8ccatqJ0mXuPYqU/YfzahMKR2JS4Il8arPe1NYIATSdSVKPuCxa9HQGT84
GXmZy5AjoXGCzAWP7S9lc9zwSXmwfOXAKonb7hEBXTIevQgGttO2A7lRkQRyH42h
6+lcUHKpeMX/iAurW2agBbk4g6al2dOB/QR7IxrEz66IYVbig/oqhmLsQfxoRN3m
xIvB5ZKPHuz7exVW47sHmtpbi7vMDsREFCQE5j9qB2US7AMcd2PP+hWKvZxoBAfC
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:17 2025 by rpki-client