Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3zv6bv0i10s6AH2xkX2x65Cq-tg.roa
File: 3zv6bv0i10s6AH2xkX2x65Cq-tg.roa (raw, json)
Hash identifier: TBDIXaTt3vegoMfPPey9RB9NOoYcnMryliWUNX/vatQ=
Subject key identifier: DF:3B:FA:6E:FD:22:D7:4B:3A:00:7D:B1:91:7D:B1:EB:90:AA:FA:D8
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0193027E729D4F7E6C47D2514296ED20AE5A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3zv6bv0i10s6AH2xkX2x65Cq-tg.roa
Signing time: Wed 06 Nov 2024 17:21:01 +0000
ROA not before: Wed 06 Nov 2024 17:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 78.40.208.0/22 maxlen: 22
88.214.52.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:7e:72:9d:4f:7e:6c:47:d2:51:42:96:ed:20:ae:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Nov 6 17:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df3bfa6efd22d74b3a007db1917db1eb90aafad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:fa:d3:71:8c:9b:72:2a:d5:5e:43:3e:80:
f9:c1:58:ac:ef:28:c7:6f:00:97:1a:37:45:2d:d4:
0d:99:fe:fd:f2:03:70:98:c1:4c:6c:8e:dc:59:0f:
99:be:a9:eb:bf:0c:37:03:ec:f4:52:72:1b:7e:dd:
0a:07:0a:1f:f0:0a:70:10:d3:a6:36:a5:d5:8c:fb:
3a:9b:08:61:0c:ac:de:f7:ff:86:91:3c:af:1b:74:
0f:00:19:16:ac:0a:d2:80:36:f3:ee:66:a0:86:ca:
fe:dd:df:a0:60:87:25:e7:17:23:fe:0a:be:1b:b2:
4d:e9:f3:54:28:97:85:21:d0:4d:90:33:2b:25:ec:
b5:8b:d9:43:98:38:1a:b7:d2:82:8a:8b:70:cc:ee:
32:19:68:56:05:27:42:41:8f:89:56:6b:f8:6a:62:
18:0b:99:a7:07:ba:69:4d:29:ac:11:c9:9a:1b:76:
af:97:09:3f:61:51:5e:88:5f:78:1a:9c:bf:0f:db:
e5:f9:d6:58:fc:47:fc:f9:03:b4:6b:66:d8:f4:1c:
a3:9e:cc:17:4b:7e:c1:a9:f2:c9:ce:4c:96:e2:ac:
8b:73:c6:9a:a6:e0:61:da:a2:28:dc:9d:b7:08:ab:
b0:e4:e4:1d:74:0b:a4:83:2c:d4:16:fa:80:a5:f4:
d1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3B:FA:6E:FD:22:D7:4B:3A:00:7D:B1:91:7D:B1:EB:90:AA:FA:D8
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/3zv6bv0i10s6AH2xkX2x65Cq-tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.208.0/22
88.214.52.0/22
Signature Algorithm: sha256WithRSAEncryption
28:42:a2:a2:11:b6:1b:f3:bc:7d:d7:40:37:d0:01:d9:b5:af:
73:94:75:f8:bc:51:ab:7d:3d:49:fe:47:f2:aa:06:5d:40:98:
95:80:22:6a:05:e2:8c:d7:79:1a:f7:35:b8:51:35:72:0e:70:
c4:c0:e1:7f:66:ae:72:a9:59:eb:da:a7:a3:02:54:88:96:ea:
d3:d7:a3:65:83:51:f9:88:3d:f4:15:38:71:68:b9:eb:a7:66:
08:f3:fe:1d:a1:e5:62:16:45:3d:47:04:b2:26:b5:3d:aa:14:
9e:66:a3:f7:c5:cb:74:6a:ce:f3:fe:2d:19:12:88:3a:e1:09:
cf:20:a4:7f:37:be:40:93:4f:12:4d:5e:ff:d0:7f:9b:72:73:
0c:88:ec:79:58:05:86:7a:0c:20:21:68:59:82:03:72:cb:f8:
55:8d:87:4d:c4:da:cf:ac:81:45:9b:c8:36:61:cf:31:42:46:
81:54:b1:ad:5d:d9:2c:21:75:bf:f8:61:49:5d:fd:ed:db:0d:
0e:02:ad:31:71:f7:e6:86:1a:a7:d2:cf:71:54:00:28:54:e1:
44:64:33:e0:e3:09:48:9b:75:93:47:5e:e4:01:38:a4:97:1f:
fe:48:66:71:cd:df:92:70:38:e2:3a:8d:40:e6:ce:14:d7:ad:
92:44:c6:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMCfnKdT35sR9JRQpbtIK5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQxMTA2MTcyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNiZmE2ZWZkMjJkNzRiM2EwMDdkYjE5MTdkYjFlYjkwYWFmYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho3603GMm3Iq1V5DPoD5wVis7yjH
bwCXGjdFLdQNmf798gNwmMFMbI7cWQ+Zvqnrvww3A+z0UnIbft0KBwof8ApwENOm
NqXVjPs6mwhhDKze9/+GkTyvG3QPABkWrArSgDbz7maghsr+3d+gYIcl5xcj/gq+
G7JN6fNUKJeFIdBNkDMrJey1i9lDmDgat9KCiotwzO4yGWhWBSdCQY+JVmv4amIY
C5mnB7ppTSmsEcmaG3avlwk/YVFeiF94Gpy/D9vl+dZY/Ef8+QO0a2bY9ByjnswX
S37BqfLJzkyW4qyLc8aapuBh2qIo3J23CKuw5OQddAukgyzUFvqApfTR1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN87+m79ItdLOgB9sZF9seuQqvrYMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvM3p2NmJ2MGkxMHM2QUgyeGtYMng2NUNxLXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTijQAwQC
WNY0MA0GCSqGSIb3DQEBCwUAA4IBAQAoQqKiEbYb87x910A30AHZta9zlHX4vFGr
fT1J/kfyqgZdQJiVgCJqBeKM13ka9zW4UTVyDnDEwOF/Zq5yqVnr2qejAlSIlurT
16Nlg1H5iD30FThxaLnrp2YI8/4doeViFkU9RwSyJrU9qhSeZqP3xct0as7z/i0Z
Eog64QnPIKR/N75Ak08STV7/0H+bcnMMiOx5WAWGegwgIWhZggNyy/hVjYdNxNrP
rIFFm8g2Yc8xQkaBVLGtXdksIXW/+GFJXf3t2w0OAq0xcffmhhqn0s9xVAAoVOFE
ZDPg4wlIm3WTR17kATiklx/+SGZxzd+ScDjiOo1A5s4U162SRMZu
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:28 2025 by rpki-client