Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/enY6nRKHECTSgaMgvQPRD1-lQOI.roa
File: enY6nRKHECTSgaMgvQPRD1-lQOI.roa (raw, json)
Hash identifier: KLd2SukjROGn7L/Sm8rxTAhYBcqnm2wJE5hw2BGFO18=
Subject key identifier: 7A:76:3A:9D:12:87:10:24:D2:81:A3:20:BD:03:D1:0F:5F:A5:40:E2
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01900AFA000B40BDFA59B0CBE1D7974C0F19
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/enY6nRKHECTSgaMgvQPRD1-lQOI.roa
Signing time: Wed 12 Jun 2024 05:44:34 +0000
ROA not before: Wed 12 Jun 2024 05:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39650
IP address blocks: 178.239.147.0/24 maxlen: 24
178.239.150.0/24 maxlen: 24
178.239.153.0/24 maxlen: 24
185.212.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 17:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0a:fa:00:0b:40:bd:fa:59:b0:cb:e1:d7:97:4c:0f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 12 05:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a763a9d12871024d281a320bd03d10f5fa540e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:7c:11:9b:e9:40:64:a8:49:03:e7:2b:2c:
05:a4:50:77:7b:8f:15:10:27:11:23:35:05:28:66:
11:2f:82:48:10:7e:83:32:d8:9b:70:f1:31:c4:76:
b7:32:a0:af:1a:fe:64:66:69:91:8e:f0:51:8f:00:
dc:f2:2b:5a:3d:51:94:80:aa:c9:ea:aa:31:a6:ab:
77:ec:59:2e:27:c5:20:87:44:0f:25:40:30:0b:a2:
bb:b5:8c:a7:35:cf:9d:e4:cf:43:e2:76:3a:d0:b1:
64:c3:e1:c4:b8:59:3a:7e:cb:36:21:7e:c2:29:1f:
1d:58:a2:5f:90:f7:1f:c2:1f:7d:4d:52:19:94:67:
a1:db:71:82:ed:5d:fe:bd:91:ab:9b:92:61:3d:db:
f1:e9:e3:bc:9f:e8:57:0b:83:59:58:35:67:50:0a:
bf:5d:c5:04:eb:97:39:80:a4:ae:30:05:ae:76:54:
ca:66:dd:05:f8:1e:79:85:fd:d1:65:fe:c4:3a:b1:
de:79:0d:40:71:45:8c:bb:20:ae:05:d3:52:11:d1:
87:20:24:c9:62:28:58:d9:89:4e:88:c9:5a:40:fa:
05:ac:1c:a7:8f:b1:87:4e:28:5a:7d:5d:a1:48:d0:
50:bb:07:53:08:ab:78:a1:e3:ba:c2:81:fe:63:90:
cc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:76:3A:9D:12:87:10:24:D2:81:A3:20:BD:03:D1:0F:5F:A5:40:E2
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/enY6nRKHECTSgaMgvQPRD1-lQOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.147.0/24
178.239.150.0/24
178.239.153.0/24
185.212.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ae:0c:f9:a8:59:14:d7:1e:63:55:69:7e:02:e8:70:20:af:
60:3b:f6:d9:b1:3b:6d:04:a6:dc:c8:a7:28:15:2e:92:18:22:
61:6c:25:b6:39:97:3b:13:eb:35:4d:2e:89:c1:e4:a0:0b:5b:
83:ec:02:13:c8:ee:1e:4f:71:54:07:f6:f8:c0:eb:84:fc:69:
a7:84:37:d2:9d:b4:ed:f0:60:7b:81:a0:6a:7f:80:bb:22:80:
e3:c2:c3:4b:14:d3:9b:1a:66:6f:89:0e:06:0a:b9:60:db:1f:
a5:2f:7a:b9:ec:5f:4e:7a:63:0e:70:a4:0a:2a:63:38:ea:f7:
f1:74:c9:24:2c:53:35:ff:4c:5a:3c:aa:6d:48:17:0e:3f:d2:
0b:84:19:dd:61:d6:65:61:ed:84:60:6c:a6:6a:7e:f0:53:cd:
fe:3e:78:72:65:9a:02:e7:05:36:a3:14:f6:1d:e7:32:37:69:
67:64:0a:5a:12:a7:2e:f9:04:69:0a:a2:2e:42:62:9e:5b:ef:
b9:b6:42:73:b5:f1:53:4e:0e:f9:d3:21:4d:16:ca:23:98:45:
9a:f5:53:51:39:25:b1:9b:9a:4e:22:fe:1b:40:18:ee:ed:8e:
13:88:ad:2d:1e:6d:f5:7e:a7:0c:0f:63:6c:39:e4:da:36:ed:
99:7d:99:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAK+gALQL36WbDL4deXTA8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwNjEyMDU0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTc2M2E5ZDEyODcxMDI0ZDI4MWEzMjBiZDAzZDEwZjVmYTU0MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP58EZvpQGSoSQPnKywFpFB3e48V
ECcRIzUFKGYRL4JIEH6DMtibcPExxHa3MqCvGv5kZmmRjvBRjwDc8itaPVGUgKrJ
6qoxpqt37FkuJ8Ugh0QPJUAwC6K7tYynNc+d5M9D4nY60LFkw+HEuFk6fss2IX7C
KR8dWKJfkPcfwh99TVIZlGeh23GC7V3+vZGrm5JhPdvx6eO8n+hXC4NZWDVnUAq/
XcUE65c5gKSuMAWudlTKZt0F+B55hf3RZf7EOrHeeQ1AcUWMuyCuBdNSEdGHICTJ
YihY2YlOiMlaQPoFrBynj7GHTihafV2hSNBQuwdTCKt4oeO6woH+Y5DMwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHp2Op0ShxAk0oGjIL0D0Q9fpUDiMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvZW5ZNm5SS0hFQ1RTZ2FNZ3ZRUFJEMS1sUU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsu+TAwQA
su+WAwQAsu+ZAwQAudQyMA0GCSqGSIb3DQEBCwUAA4IBAQC3rgz5qFkU1x5jVWl+
AuhwIK9gO/bZsTttBKbcyKcoFS6SGCJhbCW2OZc7E+s1TS6JweSgC1uD7AITyO4e
T3FUB/b4wOuE/GmnhDfSnbTt8GB7gaBqf4C7IoDjwsNLFNObGmZviQ4GCrlg2x+l
L3q57F9OemMOcKQKKmM46vfxdMkkLFM1/0xaPKptSBcOP9ILhBndYdZlYe2EYGym
an7wU83+PnhyZZoC5wU2oxT2HecyN2lnZApaEqcu+QRpCqIuQmKeW++5tkJztfFT
Tg750yFNFsojmEWa9VNROSWxm5pOIv4bQBju7Y4TiK0tHm31fqcMD2NsOeTaNu2Z
fZnb
-----END CERTIFICATE-----
Generated at Mon May 12 20:50:24 2025 by rpki-client