Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/E0WP6kB4aKE3W1amY_K7MTN275o.roa
File: E0WP6kB4aKE3W1amY_K7MTN275o.roa (raw, json)
Hash identifier: 3OTpLm/sZn9rxXGLt2SRAXERENK+pVqMUUyVpCN3ILE=
Subject key identifier: 13:45:8F:EA:40:78:68:A1:37:5B:56:A6:63:F2:BB:31:33:76:EF:9A
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01959084143D434BF50B900E707725EB9ABF
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/E0WP6kB4aKE3W1amY_K7MTN275o.roa
Signing time: Thu 13 Mar 2025 17:18:49 +0000
ROA not before: Thu 13 Mar 2025 17:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3266
IP address blocks: 78.24.73.0/24 maxlen: 24
78.24.74.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1908::/48 maxlen: 48
2a00:1909::/32 maxlen: 32
2a00:1909::/48 maxlen: 48
2a00:190a::/32 maxlen: 32
2a00:190a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 19:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:84:14:3d:43:4b:f5:0b:90:0e:70:77:25:eb:9a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Mar 13 17:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13458fea407868a1375b56a663f2bb313376ef9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:79:5d:2a:de:ac:37:33:9f:10:62:6a:db:
68:9d:e6:14:09:6f:86:57:51:07:a1:54:29:1c:93:
47:71:bb:0f:1d:0c:10:a2:54:af:52:e9:70:5f:f0:
cd:1c:fe:d6:35:d9:bd:37:01:49:c9:27:73:7c:9e:
42:55:8c:33:bb:d3:15:d0:66:fb:93:2c:b2:02:b2:
40:00:41:6b:5b:39:c6:82:8b:b8:d9:03:42:5a:cb:
9e:16:52:60:53:5d:f4:a9:c5:83:bb:f3:45:33:4d:
4c:8e:be:d8:c5:b4:20:97:d4:b0:e3:30:b5:77:84:
23:11:a5:5d:95:3a:e5:d1:e5:c6:f8:24:09:c6:16:
f8:c4:e3:0e:7e:89:0d:8f:87:b0:c2:6d:f2:11:7b:
0a:63:d9:b2:30:cc:51:a2:f7:fd:ad:21:4e:6a:c2:
9d:62:fa:b7:ef:e1:cd:13:13:52:b2:87:ec:91:4e:
bf:fd:86:73:cc:aa:4a:7b:78:68:5b:92:f6:97:de:
83:a6:9f:d2:b5:c9:23:da:90:bc:8a:25:58:ac:e1:
53:74:d1:e8:31:2b:bf:6d:e1:e4:fe:3e:c6:78:fc:
e3:55:c4:88:b7:19:e2:76:3f:05:d0:a8:ff:ee:41:
dc:49:08:d1:15:0d:ea:66:15:53:4a:1e:ed:6a:bb:
5b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:45:8F:EA:40:78:68:A1:37:5B:56:A6:63:F2:BB:31:33:76:EF:9A
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/E0WP6kB4aKE3W1amY_K7MTN275o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.73.0-78.24.74.255
78.24.79.0/24
IPv6:
2a00:1908::/48
2a00:1909::-2a00:190a:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:ec:58:67:ce:0f:07:b3:f4:f2:80:ac:fc:8b:02:73:24:21:
6f:18:e7:d3:aa:6a:d0:e9:5a:aa:cc:01:46:88:21:8e:c4:e7:
9a:ad:dc:2e:7c:a8:d0:12:05:6f:3d:d0:af:84:c5:d7:89:fb:
d2:9d:fa:43:23:36:58:dc:78:f7:2e:d9:cd:5c:f7:3c:3a:bd:
68:7e:4d:84:6c:f9:b1:41:08:ab:25:6d:f3:5a:96:ba:1d:43:
5d:7e:78:9c:73:3d:f4:45:de:a3:f3:2b:67:4e:f9:4d:f0:15:
2e:cf:19:b8:7c:7c:5f:9a:bc:e6:bd:0e:b9:92:30:fa:b3:5c:
7e:8d:df:ce:da:91:3b:b8:31:fe:ef:d1:d1:37:ad:a6:51:17:
66:be:ec:7a:1f:af:41:4c:95:ae:77:3a:0f:f1:ee:86:f8:b6:
33:b6:9c:fc:e1:45:61:5a:42:eb:17:90:aa:a7:47:09:79:e0:
fd:3d:5d:0b:ca:8e:59:08:38:ca:9b:65:be:be:ed:82:98:00:
86:98:1a:3a:ff:bf:c8:b0:b2:e3:73:62:75:4f:b0:07:24:1d:
10:bc:fc:5e:12:0e:01:71:05:2e:2c:23:45:ae:98:e5:30:9b:
2c:b1:cc:7a:82:e4:51:1f:e0:3e:ed:fb:4d:ef:29:13:38:68:
6b:ae:0b:94
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZWQhBQ9Q0v1C5AOcHcl65q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjUwMzEzMTcxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQ1OGZlYTQwNzg2OGExMzc1YjU2YTY2M2YyYmIzMTMzNzZlZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB95XSrerDcznxBiattoneYUCW+G
V1EHoVQpHJNHcbsPHQwQolSvUulwX/DNHP7WNdm9NwFJySdzfJ5CVYwzu9MV0Gb7
kyyyArJAAEFrWznGgou42QNCWsueFlJgU130qcWDu/NFM01Mjr7YxbQgl9Sw4zC1
d4QjEaVdlTrl0eXG+CQJxhb4xOMOfokNj4ewwm3yEXsKY9myMMxRovf9rSFOasKd
Yvq37+HNExNSsofskU6//YZzzKpKe3hoW5L2l96Dpp/Stckj2pC8iiVYrOFTdNHo
MSu/beHk/j7GePzjVcSItxnidj8F0Kj/7kHcSQjRFQ3qZhVTSh7tartbgwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBNFj+pAeGihN1tWpmPyuzEzdu+aMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvRTBXUDZrQjRhS0UzVzFhbVlfSzdNVE4yNzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAaBAIAATAUMAwDBABOGEkD
BABOGEoDBABOGE8wHwQCAAIwGQMHACoAGQgAADAOAwUAKgAZCQMFACoAGQowDQYJ
KoZIhvcNAQELBQADggEBACXsWGfODwez9PKArPyLAnMkIW8Y59OqatDpWqrMAUaI
IY7E55qt3C58qNASBW890K+ExdeJ+9Kd+kMjNljcePcu2c1c9zw6vWh+TYRs+bFB
CKslbfNalrodQ11+eJxzPfRF3qPzK2dO+U3wFS7PGbh8fF+avOa9DrmSMPqzXH6N
387akTu4Mf7v0dE3raZRF2a+7Hofr0FMla53Og/x7ob4tjO2nPzhRWFaQusXkKqn
Rwl54P09XQvKjlkIOMqbZb6+7YKYAIaYGjr/v8iwsuNzYnVPsAckHRC8/F4SDgFx
BS4sI0WumOUwmyyxzHqC5FEf4D7t+03vKRM4aGuuC5Q=
-----END CERTIFICATE-----
Generated at Sun May 11 12:22:25 2025 by rpki-client