Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/dREllz8QJz32KuP-LmXSq8y3q30.roa
File: dREllz8QJz32KuP-LmXSq8y3q30.roa (raw, json)
Hash identifier: y5tkQqvUyv//BnQp5mLn/i0i9w4zSFnKWyqqkugZue0=
Subject key identifier: 75:11:25:97:3F:10:27:3D:F6:2A:E3:FE:2E:65:D2:AB:CC:B7:AB:7D
Certificate issuer: /CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Certificate serial: 0194988341E67906E488C242B592DAB1C6EB
Authority key identifier: 71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/dREllz8QJz32KuP-LmXSq8y3q30.roa
Signing time: Fri 24 Jan 2025 13:32:06 +0000
ROA not before: Fri 24 Jan 2025 13:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47164
IP address blocks: 78.41.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 11:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:83:41:e6:79:06:e4:88:c2:42:b5:92:da:b1:c6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Validity
Not Before: Jan 24 13:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751125973f10273df62ae3fe2e65d2abccb7ab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:12:1f:9f:3a:d1:16:ff:32:98:28:da:ed:62:
6d:0c:59:c8:8b:78:9c:f0:28:89:7c:b7:4c:be:ce:
d9:33:e5:a6:a2:50:bd:84:4c:a2:dd:be:04:bb:a1:
f6:07:a3:56:ce:48:cd:4b:c1:0a:2e:a0:fb:ad:98:
5d:99:50:00:99:e5:0b:ac:d2:0d:0c:02:13:ac:e5:
17:54:7b:12:41:75:e6:68:db:b2:3b:a1:db:d5:08:
4c:ed:3a:b4:02:cf:04:97:24:29:e1:54:ad:30:cc:
c7:10:c4:1b:eb:5c:ae:9b:ef:a8:7d:a9:77:2b:b0:
72:74:5a:cc:ae:1c:98:31:45:b2:51:80:be:2f:dc:
e0:11:06:7f:07:ce:fa:4c:5d:59:fc:a6:a7:f5:50:
bb:2f:df:55:85:b1:75:4b:63:c7:2f:0d:b3:db:d7:
1f:50:92:dd:1a:01:62:a8:fd:bc:a4:83:01:e1:23:
c3:dc:16:d2:78:53:e0:eb:30:3d:fe:a5:db:e6:39:
c1:77:50:17:c3:64:33:d9:04:73:14:cb:ac:96:ab:
66:28:8d:02:b2:33:8b:bd:a6:ae:e7:ef:41:05:44:
b0:28:5b:ed:fd:3b:44:02:39:b6:64:dd:32:e5:6f:
9d:10:d8:ea:dd:be:ba:09:74:7c:ef:59:72:62:7b:
5c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:11:25:97:3F:10:27:3D:F6:2A:E3:FE:2E:65:D2:AB:CC:B7:AB:7D
X509v3 Authority Key Identifier:
keyid:71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/dREllz8QJz32KuP-LmXSq8y3q30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.59.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a1:91:79:90:f3:2d:63:b4:b6:8e:ba:17:d6:5b:cd:5b:35:
02:33:b7:a0:d5:df:ae:9c:96:3a:c7:2d:ba:88:90:15:19:bb:
96:15:4c:de:b6:a2:75:8b:28:8c:b1:b6:a9:e0:b1:ec:d3:28:
e8:ed:a5:e1:72:fe:3d:e5:ce:7a:d8:a1:2b:0b:27:83:9b:0c:
95:4b:d1:7d:52:55:11:39:fe:91:26:9a:38:50:7a:b9:15:58:
59:23:ed:4e:b9:1c:10:6d:43:17:78:f2:a9:60:91:d1:15:2a:
41:22:37:d6:86:ab:46:49:e0:6d:a3:4c:9c:f1:d3:d8:2c:21:
6a:9b:a8:d8:ba:fc:46:29:8d:92:5b:67:f8:9e:f0:b6:d5:75:
3b:dd:9f:32:dc:69:bf:88:78:24:8e:b4:c4:38:19:0d:48:e3:
0d:23:49:88:a7:f9:83:1e:07:69:de:c3:4b:72:b5:a5:21:eb:
62:5d:88:f9:e5:77:52:31:b4:3e:1f:e2:04:3b:76:f1:30:9a:
0d:bd:f8:74:ef:3d:96:1b:4b:5b:04:4f:11:e2:d4:ef:8f:40:
ab:bc:cb:ae:0e:cc:08:1d:2e:8a:e8:bb:3a:c0:aa:2a:6b:d9:
a8:cc:3b:21:a3:82:bc:e6:f2:e2:09:03:3f:c3:f9:6c:2d:c9:
42:6c:c9:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSYg0HmeQbkiMJCtZLascbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDgzZmQ4ZGFiZmUxNGIxNzRjY2NkMzViMzViODA3MTMz
MzRiYTUwHhcNMjUwMTI0MTMzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTExMjU5NzNmMTAyNzNkZjYyYWUzZmUyZTY1ZDJhYmNjYjdhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRIfnzrRFv8ymCja7WJtDFnIi3ic
8CiJfLdMvs7ZM+WmolC9hEyi3b4Eu6H2B6NWzkjNS8EKLqD7rZhdmVAAmeULrNIN
DAITrOUXVHsSQXXmaNuyO6Hb1QhM7Tq0As8ElyQp4VStMMzHEMQb61yum++ofal3
K7BydFrMrhyYMUWyUYC+L9zgEQZ/B876TF1Z/Kan9VC7L99VhbF1S2PHLw2z29cf
UJLdGgFiqP28pIMB4SPD3BbSeFPg6zA9/qXb5jnBd1AXw2Qz2QRzFMuslqtmKI0C
sjOLvaau5+9BBUSwKFvt/TtEAjm2ZN0y5W+dENjq3b66CXR871lyYntcoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHURJZc/ECc99irj/i5l0qvMt6t9MB8GA1UdIwQY
MBaAFHHYP9jav+FLF0zM01s1uAcTM0ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAt
MDY0ZDdhZGY0YmUzLzEvZFJFbGx6OFFKejMyS3VQLUxtWFNxOHkzcTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAtMDY0ZDdhZGY0YmUz
LzEvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATik7MA0G
CSqGSIb3DQEBCwUAA4IBAQCJoZF5kPMtY7S2jroX1lvNWzUCM7eg1d+unJY6xy26
iJAVGbuWFUzetqJ1iyiMsbap4LHs0yjo7aXhcv495c562KErCyeDmwyVS9F9UlUR
Of6RJpo4UHq5FVhZI+1OuRwQbUMXePKpYJHRFSpBIjfWhqtGSeBto0yc8dPYLCFq
m6jYuvxGKY2SW2f4nvC21XU73Z8y3Gm/iHgkjrTEOBkNSOMNI0mIp/mDHgdp3sNL
crWlIetiXYj55XdSMbQ+H+IEO3bxMJoNvfh07z2WG0tbBE8R4tTvj0CrvMuuDswI
HS6K6Ls6wKoqa9mozDsho4K85vLiCQM/w/lsLclCbMnt
-----END CERTIFICATE-----
Generated at Mon May 12 15:51:54 2025 by rpki-client