Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/V2Bo0d0mEMKVY0GrdfdnQV6t4K4.roa
File: V2Bo0d0mEMKVY0GrdfdnQV6t4K4.roa (raw, json)
Hash identifier: efbTbjXk1x4y2eSJ2YluPSopTXQz7ufUJa/lVb8XciA=
Subject key identifier: 57:60:68:D1:DD:26:10:C2:95:63:41:AB:75:F7:67:41:5E:AD:E0:AE
Certificate issuer: /CN=36451a2ea40af1715e6313169468996aca71bb8a
Certificate serial: 018D3E1EF0DEF6AD08B4BA536C7D11BA1450
Authority key identifier: 36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/V2Bo0d0mEMKVY0GrdfdnQV6t4K4.roa
Signing time: Thu 25 Jan 2024 00:57:11 +0000
ROA not before: Thu 25 Jan 2024 00:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31383
IP address blocks: 78.41.72.0/21 maxlen: 21
78.41.72.0/24 maxlen: 24
83.137.16.0/21 maxlen: 21
83.137.23.0/24 maxlen: 24
2001:4038::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Jan 2024 10:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3e:1e:f0:de:f6:ad:08:b4:ba:53:6c:7d:11:ba:14:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36451a2ea40af1715e6313169468996aca71bb8a
Validity
Not Before: Jan 25 00:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=576068d1dd2610c2956341ab75f767415eade0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:91:c9:d7:49:60:b1:2d:ff:6b:a0:86:7c:
b6:28:29:e9:3a:50:0f:bd:98:2c:d0:b0:71:73:4c:
7a:69:a5:70:69:87:b3:93:f0:b5:db:76:bb:a3:15:
5b:ba:3e:ef:ac:7a:e8:83:67:6d:f7:1e:38:82:03:
01:e9:9d:80:81:f5:c9:89:21:d9:b4:a0:16:65:32:
cd:bd:6f:73:4d:a3:2a:7c:84:d8:bb:b2:bf:bc:df:
19:62:81:db:2e:d0:90:c5:01:a9:6a:b2:60:ff:69:
cd:e3:8d:34:f8:5a:e8:ff:0f:72:56:3e:fb:86:e7:
34:a9:cf:96:64:68:d1:5e:4e:a4:64:5a:69:7e:7b:
60:d6:59:ba:9d:c3:eb:0c:8f:36:53:1a:21:c7:0c:
72:a2:90:60:d7:8e:be:1a:5e:88:cc:59:20:ad:b4:
3e:c7:cc:69:63:aa:40:f6:d5:fe:9e:06:49:3e:d9:
24:b1:7d:4f:95:c5:64:42:3b:f3:46:72:23:4e:70:
f4:db:a8:87:75:02:88:31:3b:12:e5:46:a2:f1:cc:
0f:6b:f9:42:f8:3b:36:13:40:3b:7e:42:69:fa:63:
03:15:67:a5:58:98:c3:16:a4:d2:67:40:7f:84:cc:
83:9b:0c:fd:07:aa:03:52:88:de:7a:aa:0b:04:af:
4e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:60:68:D1:DD:26:10:C2:95:63:41:AB:75:F7:67:41:5E:AD:E0:AE
X509v3 Authority Key Identifier:
keyid:36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/V2Bo0d0mEMKVY0GrdfdnQV6t4K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/NkUaLqQK8XFeYxMWlGiZaspxu4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.72.0/21
83.137.16.0/21
IPv6:
2001:4038::/32
Signature Algorithm: sha256WithRSAEncryption
82:58:35:4a:9c:8d:53:76:10:75:74:85:0a:18:76:0e:d1:dc:
70:f3:b6:25:e3:3d:95:a0:11:b2:65:30:15:ee:6d:9c:3e:ec:
5c:fe:72:49:4e:9b:a8:5e:44:be:d1:66:ad:07:87:d1:6d:2d:
60:b6:bb:94:0e:c6:fa:c3:cb:27:58:a0:38:dd:ab:e9:df:e2:
af:c2:2d:9b:b7:6e:b1:05:47:0b:cf:2f:69:6d:85:dc:b1:f9:
d9:0b:fc:70:8e:c7:70:77:cb:de:d1:12:8c:59:5d:ef:f3:a5:
f2:42:9d:6a:90:5c:de:bf:4e:9c:b9:a3:db:a3:95:0d:fa:08:
b8:9f:b6:5c:46:90:70:5c:6b:9b:1a:b0:b6:6d:02:60:0e:64:
46:81:84:85:d4:77:bc:56:e4:c0:26:cf:41:40:a2:7e:ef:00:
f6:b5:33:8e:4d:7a:d7:96:46:78:c0:95:aa:e2:db:50:0b:c0:
2d:9b:3a:6f:8a:b2:af:2b:3b:93:b2:01:00:e9:db:97:a2:63:
f3:bf:12:26:57:ab:67:99:0a:b9:9b:5d:ff:6e:9d:c6:02:17:
7c:9e:e8:7a:99:6c:cf:d5:9c:53:b8:8d:08:bf:23:73:3b:73:
38:0f:43:7c:2b:0a:84:cc:20:2d:b7:9a:fb:72:07:38:a1:85:
80:79:91:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0+HvDe9q0ItLpTbH0RuhRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDUxYTJlYTQwYWYxNzE1ZTYzMTMxNjk0Njg5OTZhY2E3
MWJiOGEwHhcNMjQwMTI1MDA1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzYwNjhkMWRkMjYxMGMyOTU2MzQxYWI3NWY3Njc0MTVlYWRlMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF2RyddJYLEt/2ughny2KCnpOlAP
vZgs0LBxc0x6aaVwaYezk/C123a7oxVbuj7vrHrog2dt9x44ggMB6Z2AgfXJiSHZ
tKAWZTLNvW9zTaMqfITYu7K/vN8ZYoHbLtCQxQGparJg/2nN4400+Fro/w9yVj77
huc0qc+WZGjRXk6kZFppfntg1lm6ncPrDI82UxohxwxyopBg146+Gl6IzFkgrbQ+
x8xpY6pA9tX+ngZJPtkksX1PlcVkQjvzRnIjTnD026iHdQKIMTsS5Uai8cwPa/lC
+Ds2E0A7fkJp+mMDFWelWJjDFqTSZ0B/hMyDmwz9B6oDUojeeqoLBK9O4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFdgaNHdJhDClWNBq3X3Z0FereCuMB8GA1UdIwQY
MBaAFDZFGi6kCvFxXmMTFpRomWrKcbuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzIt
YmUzMDhjMTJmN2JjLzEvVjJCbzBkMG1FTUtWWTBHcmRmZG5RVjZ0NEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzItYmUzMDhjMTJmN2Jj
LzEvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTilIAwQD
U4kQMA0EAgACMAcDBQAgAUA4MA0GCSqGSIb3DQEBCwUAA4IBAQCCWDVKnI1TdhB1
dIUKGHYO0dxw87Yl4z2VoBGyZTAV7m2cPuxc/nJJTpuoXkS+0WatB4fRbS1gtruU
Dsb6w8snWKA43avp3+Kvwi2bt26xBUcLzy9pbYXcsfnZC/xwjsdwd8ve0RKMWV3v
86XyQp1qkFzev06cuaPbo5UN+gi4n7ZcRpBwXGubGrC2bQJgDmRGgYSF1He8VuTA
Js9BQKJ+7wD2tTOOTXrXlkZ4wJWq4ttQC8AtmzpvirKvKzuTsgEA6duXomPzvxIm
V6tnmQq5m13/bp3GAhd8nuh6mWzP1ZxTuI0IvyNzO3M4D0N8KwqEzCAtt5r7cgc4
oYWAeZEx
-----END CERTIFICATE-----
Generated at Thu May 8 02:36:23 2025 by rpki-client