Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/xeLD4GOhrTzN7laqdSP-lmELsIc.roa
File: xeLD4GOhrTzN7laqdSP-lmELsIc.roa (raw, json)
Hash identifier: l0wcjLYJOl0F53G5Yc/STloFDZ1s8vLudMhVOMqB1R4=
Subject key identifier: C5:E2:C3:E0:63:A1:AD:3C:CD:EE:56:AA:75:23:FE:96:61:0B:B0:87
Certificate issuer: /CN=8181440a367a34d306bc0f685ae9cd86952f7f95
Certificate serial: 019523A136830806231E23361D5603A01A42
Authority key identifier: 81:81:44:0A:36:7A:34:D3:06:BC:0F:68:5A:E9:CD:86:95:2F:7F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYFECjZ6NNMGvA9oWunNhpUvf5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/xeLD4GOhrTzN7laqdSP-lmELsIc.roa
Signing time: Thu 20 Feb 2025 13:52:02 +0000
ROA not before: Thu 20 Feb 2025 13:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215691
IP address blocks: 78.40.111.0/24 maxlen: 24
2a14:8880::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 16:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:a1:36:83:08:06:23:1e:23:36:1d:56:03:a0:1a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8181440a367a34d306bc0f685ae9cd86952f7f95
Validity
Not Before: Feb 20 13:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5e2c3e063a1ad3ccdee56aa7523fe96610bb087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:57:10:69:f3:a0:36:d1:28:c7:47:cd:f9:
d0:9d:8f:9b:0e:f0:3b:bd:61:de:d1:bb:ee:66:7f:
96:d5:93:12:6d:d3:cd:49:fd:9a:b4:e1:c1:ac:2a:
48:aa:5b:69:79:30:ec:a9:1c:f8:07:61:17:44:85:
8c:f5:a4:a4:4d:72:5f:e4:8b:3b:4a:27:d2:81:05:
c8:cb:19:9e:22:07:7d:95:67:23:eb:49:f2:b6:96:
50:4b:62:44:1b:41:ba:90:c8:45:50:8e:3c:a8:a2:
1d:5c:c0:e4:88:fb:88:af:5b:cf:a6:b8:a0:6e:d4:
f3:4d:5a:30:d4:c4:5c:10:63:24:4a:9d:87:a5:43:
40:08:12:20:46:a7:87:58:69:09:1c:d7:d1:c3:8d:
ef:c1:66:c7:eb:fc:78:7c:ac:e0:2c:bd:43:82:85:
08:bd:66:24:bb:17:0c:49:bd:39:40:d1:dd:b7:5a:
d2:27:af:82:c4:54:f5:f5:32:db:31:fd:0a:97:ef:
bf:a5:4a:8d:73:75:42:22:a6:26:ca:21:64:1e:aa:
55:dd:e7:e0:6a:6a:a4:3b:37:d0:9a:bc:2d:0a:c0:
19:2b:1c:20:85:d7:d1:55:02:6b:62:12:88:61:04:
c9:2c:27:d8:34:1f:b1:5a:3e:c9:9b:8d:de:97:22:
02:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E2:C3:E0:63:A1:AD:3C:CD:EE:56:AA:75:23:FE:96:61:0B:B0:87
X509v3 Authority Key Identifier:
keyid:81:81:44:0A:36:7A:34:D3:06:BC:0F:68:5A:E9:CD:86:95:2F:7F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYFECjZ6NNMGvA9oWunNhpUvf5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/xeLD4GOhrTzN7laqdSP-lmELsIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/gYFECjZ6NNMGvA9oWunNhpUvf5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.111.0/24
IPv6:
2a14:8880::/29
Signature Algorithm: sha256WithRSAEncryption
79:e7:da:11:1a:e0:4e:a8:56:87:9b:da:40:e5:49:17:f8:ac:
13:ab:d5:fa:7d:94:d1:f6:0a:fe:43:1d:6c:ca:d9:5e:81:25:
09:eb:af:cf:e4:96:3e:89:df:fb:40:03:00:52:e0:dc:63:c1:
8c:6b:6c:88:43:50:5b:85:44:a9:01:a0:b5:45:a1:d4:61:d2:
7e:70:98:da:eb:f2:1c:40:24:16:87:1c:e0:b7:b3:bd:28:43:
fa:04:86:c4:85:58:ed:68:72:7a:45:64:4b:b6:62:3e:47:dd:
37:a6:71:fe:d9:77:6b:0f:bd:8e:26:78:52:51:53:14:f4:a5:
dd:44:e0:c1:e2:cd:d7:c8:f5:17:bf:9c:fd:3e:ef:50:d6:c2:
e8:92:1f:b7:f0:1a:80:be:c8:28:e4:66:ba:ad:92:91:cd:6e:
2d:28:4b:bd:99:42:b4:40:c9:a2:df:d7:46:06:05:9b:64:7d:
83:ea:92:36:1f:7d:7b:12:1f:07:65:4d:b6:b1:7f:16:50:32:
46:39:f4:bb:46:3c:aa:17:11:e5:76:eb:97:b5:db:46:a9:7b:
19:fa:bd:8e:ba:3a:c3:c2:6f:9b:32:22:45:1e:04:4b:de:d1:
4d:a8:b7:17:04:50:0b:49:70:de:b6:24:ba:01:4c:3a:42:b1:
85:e8:77:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUjoTaDCAYjHiM2HVYDoBpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODE0NDBhMzY3YTM0ZDMwNmJjMGY2ODVhZTljZDg2OTUy
ZjdmOTUwHhcNMjUwMjIwMTM1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUyYzNlMDYzYTFhZDNjY2RlZTU2YWE3NTIzZmU5NjYxMGJiMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0ZXEGnzoDbRKMdHzfnQnY+bDvA7
vWHe0bvuZn+W1ZMSbdPNSf2atOHBrCpIqltpeTDsqRz4B2EXRIWM9aSkTXJf5Is7
SifSgQXIyxmeIgd9lWcj60nytpZQS2JEG0G6kMhFUI48qKIdXMDkiPuIr1vPprig
btTzTVow1MRcEGMkSp2HpUNACBIgRqeHWGkJHNfRw43vwWbH6/x4fKzgLL1DgoUI
vWYkuxcMSb05QNHdt1rSJ6+CxFT19TLbMf0Kl++/pUqNc3VCIqYmyiFkHqpV3efg
amqkOzfQmrwtCsAZKxwghdfRVQJrYhKIYQTJLCfYNB+xWj7Jm43elyIC2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMXiw+Bjoa08ze5WqnUj/pZhC7CHMB8GA1UdIwQY
MBaAFIGBRAo2ejTTBrwPaFrpzYaVL3+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lGRUNqWjZOTk1HdkE5b1d1bk5ocFV2ZjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8xNjJmOGYtNjg3Zi00NjcxLWE1MjQt
NTU2OTFhNTY5NzIwLzEveGVMRDRHT2hyVHpON2xhcWRTUC1sbUVMc0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8xNjJmOGYtNjg3Zi00NjcxLWE1MjQtNTU2OTFhNTY5NzIw
LzEvZ1lGRUNqWjZOTk1HdkE5b1d1bk5ocFV2ZjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATihvMA0E
AgACMAcDBQMqFIiAMA0GCSqGSIb3DQEBCwUAA4IBAQB559oRGuBOqFaHm9pA5UkX
+KwTq9X6fZTR9gr+Qx1sytlegSUJ66/P5JY+id/7QAMAUuDcY8GMa2yIQ1BbhUSp
AaC1RaHUYdJ+cJja6/IcQCQWhxzgt7O9KEP6BIbEhVjtaHJ6RWRLtmI+R903pnH+
2XdrD72OJnhSUVMU9KXdRODB4s3XyPUXv5z9Pu9Q1sLokh+38BqAvsgo5Ga6rZKR
zW4tKEu9mUK0QMmi39dGBgWbZH2D6pI2H317Eh8HZU22sX8WUDJGOfS7RjyqFxHl
duuXtdtGqXsZ+r2OujrDwm+bMiJFHgRL3tFNqLcXBFALSXDetiS6AUw6QrGF6Hfh
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:20 2025 by rpki-client