Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/OYt0vLkX6OSggiu7xA6buW43y4Y.roa
File: OYt0vLkX6OSggiu7xA6buW43y4Y.roa (raw, json)
Hash identifier: /BssRMoBliULqAx+A273NPslV6XomZwucx0A88FFZfE=
Subject key identifier: 39:8B:74:BC:B9:17:E8:E4:A0:82:2B:BB:C4:0E:9B:B9:6E:37:CB:86
Certificate issuer: /CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850
Certificate serial: 018F259268DFE3490D6BE002A54CAA122CB1
Authority key identifier: 5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/OYt0vLkX6OSggiu7xA6buW43y4Y.roa
Signing time: Sun 28 Apr 2024 16:38:23 +0000
ROA not before: Sun 28 Apr 2024 16:38:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43709
IP address blocks: 78.157.160.0/19 maxlen: 21
2a02:d8a0::/32 maxlen: 34
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:92:68:df:e3:49:0d:6b:e0:02:a5:4c:aa:12:2c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850
Validity
Not Before: Apr 28 16:38:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=398b74bcb917e8e4a0822bbbc40e9bb96e37cb86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:50:37:85:3b:ac:8c:03:41:6c:ff:13:9d:eb:
d4:4f:98:b3:87:f6:c1:88:09:47:8f:ed:0e:7d:53:
5c:cd:e5:cb:76:8a:87:0b:41:35:fc:7f:2a:f8:c5:
fb:13:31:54:a3:ee:f0:80:c4:9a:70:9d:a6:99:8e:
ba:41:43:c5:5f:2f:39:2c:f5:f8:89:22:6f:b2:20:
4d:41:9f:b4:02:2d:26:58:ba:17:df:18:c6:26:f5:
35:15:e0:b7:db:3d:29:28:6d:4c:20:e4:f3:f0:fa:
03:d5:2c:16:45:b8:10:de:d5:77:ad:43:4c:75:2f:
9f:98:a0:17:f1:56:45:c9:40:98:af:65:62:7e:25:
4a:01:ca:29:39:a1:ac:17:53:98:3a:b4:47:ce:05:
2f:b2:f0:01:cb:de:17:59:2d:f7:9f:22:7d:20:c9:
c5:60:d7:08:c0:7f:89:e7:8e:1b:f0:9a:f1:47:a6:
ea:99:bf:79:4f:79:f3:e5:cd:dc:31:a1:9b:25:36:
de:92:b9:26:56:62:6c:03:ea:d8:8c:a0:c5:53:0b:
58:2b:2c:0d:f4:5b:f4:d4:e1:0a:d7:7d:f0:1d:92:
6e:34:ea:8e:3e:e3:93:4c:7e:97:c7:00:e7:f7:6b:
bb:4b:a6:76:7c:a2:e8:82:4f:dc:dd:69:ad:d6:ca:
4c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:74:BC:B9:17:E8:E4:A0:82:2B:BB:C4:0E:9B:B9:6E:37:CB:86
X509v3 Authority Key Identifier:
keyid:5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/OYt0vLkX6OSggiu7xA6buW43y4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/XB3W7EouHzdshVxYMSGVoAXNuFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.160.0/19
IPv6:
2a02:d8a0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:34:c2:d0:80:28:5c:eb:6f:2d:92:ff:85:e9:c7:97:0f:ba:
7e:f2:4f:d8:01:69:9a:eb:e6:67:a0:f9:42:5c:d5:1a:94:77:
f0:4c:95:7b:d1:c2:f0:2e:0f:2b:ae:f9:f7:78:01:6e:2a:6b:
02:71:35:01:a7:36:0d:16:42:c6:26:ac:40:7c:fe:94:fe:d9:
78:41:0b:ea:70:b4:12:eb:3e:ae:ae:53:28:84:15:f2:9a:85:
63:7f:04:74:97:86:e8:65:d7:e8:f7:16:bd:e2:cb:a1:62:9c:
10:c8:26:42:95:20:e3:3b:8c:76:e7:cd:14:f7:a6:ce:d4:3e:
79:04:7a:0f:d4:b5:bc:3b:ae:13:cc:41:a7:ec:42:39:85:de:
35:7d:ff:07:29:46:9f:ed:c3:a9:d8:f8:b0:4a:3b:47:23:82:
dc:43:79:f5:c0:b7:f4:0c:00:33:c9:da:85:18:3f:3c:dd:76:
80:92:41:05:18:04:9d:07:d4:90:d8:f6:cc:25:5b:7a:c4:ba:
59:9a:ae:41:bc:60:32:b4:0f:cc:f5:69:f1:55:9e:c4:e2:6e:
dd:0c:a1:0c:1f:ba:68:1b:0a:34:63:b1:e4:09:79:2b:2c:07:
f2:89:5b:1a:4f:50:42:86:ec:05:f3:a4:3d:88:e2:6f:4c:b2:
45:eb:81:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8lkmjf40kNa+ACpUyqEiyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMWRkNmVjNGEyZTFmMzc2Yzg1NWM1ODMxMjE5NWEwMDVj
ZGI4NTAwHhcNMjQwNDI4MTYzODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThiNzRiY2I5MTdlOGU0YTA4MjJiYmJjNDBlOWJiOTZlMzdjYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VA3hTusjANBbP8TnevUT5izh/bB
iAlHj+0OfVNczeXLdoqHC0E1/H8q+MX7EzFUo+7wgMSacJ2mmY66QUPFXy85LPX4
iSJvsiBNQZ+0Ai0mWLoX3xjGJvU1FeC32z0pKG1MIOTz8PoD1SwWRbgQ3tV3rUNM
dS+fmKAX8VZFyUCYr2VifiVKAcopOaGsF1OYOrRHzgUvsvABy94XWS33nyJ9IMnF
YNcIwH+J544b8JrxR6bqmb95T3nz5c3cMaGbJTbekrkmVmJsA+rYjKDFUwtYKywN
9Fv01OEK133wHZJuNOqOPuOTTH6XxwDn92u7S6Z2fKLogk/c3Wmt1spM1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDmLdLy5F+jkoIIru8QOm7luN8uGMB8GA1UdIwQY
MBaAFFwd1uxKLh83bIVcWDEhlaAFzbhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYt
Mzk2NzFlMGI2MjY2LzEvT1l0MHZMa1g2T1NnZ2l1N3hBNmJ1VzQzeTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYtMzk2NzFlMGI2MjY2
LzEvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTp2gMA0E
AgACMAcDBQAqAtigMA0GCSqGSIb3DQEBCwUAA4IBAQB6NMLQgChc628tkv+F6ceX
D7p+8k/YAWma6+ZnoPlCXNUalHfwTJV70cLwLg8rrvn3eAFuKmsCcTUBpzYNFkLG
JqxAfP6U/tl4QQvqcLQS6z6urlMohBXymoVjfwR0l4boZdfo9xa94suhYpwQyCZC
lSDjO4x2580U96bO1D55BHoP1LW8O64TzEGn7EI5hd41ff8HKUaf7cOp2PiwSjtH
I4LcQ3n1wLf0DAAzydqFGD883XaAkkEFGASdB9SQ2PbMJVt6xLpZmq5BvGAytA/M
9WnxVZ7E4m7dDKEMH7poGwo0Y7HkCXkrLAfyiVsaT1BChuwF86Q9iOJvTLJF64E0
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:58 2025 by rpki-client