Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/9tDdYuHUqnbs887YJK0371DmZ2I.roa
File: 9tDdYuHUqnbs887YJK0371DmZ2I.roa (raw, json)
Hash identifier: 01WdjHnwJRUGplwvM76/jT+M0qQ3VyiWQXqOBws9G8M=
Subject key identifier: F6:D0:DD:62:E1:D4:AA:76:EC:F3:CE:D8:24:AD:37:EF:50:E6:67:62
Certificate issuer: /CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Certificate serial: 0194FA8623E630626C914AF8E875E85C5C3C
Authority key identifier: 02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/9tDdYuHUqnbs887YJK0371DmZ2I.roa
Signing time: Wed 12 Feb 2025 14:18:02 +0000
ROA not before: Wed 12 Feb 2025 14:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208731
IP address blocks: 147.78.192.0/23 maxlen: 24
147.78.192.0/24 maxlen: 24
147.78.193.0/24 maxlen: 24
185.42.161.0/24 maxlen: 24
185.203.112.0/24 maxlen: 24
2a0f:98c0::/29 maxlen: 48
2a0f:98c0:d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Feb 2025 09:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:86:23:e6:30:62:6c:91:4a:f8:e8:75:e8:5c:5c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Validity
Not Before: Feb 12 14:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6d0dd62e1d4aa76ecf3ced824ad37ef50e66762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fb:67:bc:76:09:e7:10:e1:aa:bb:c8:d5:c5:
0d:3c:d9:99:ec:2c:78:08:a9:0c:46:a2:32:aa:54:
bf:43:9e:ab:d3:00:ec:0a:6c:cb:19:9b:1d:a3:ed:
35:9f:2a:8f:26:e9:4c:a0:ab:90:81:2a:6a:fb:21:
55:86:6e:2d:f3:ca:32:75:01:c0:60:63:c9:6f:9e:
1a:4a:5d:12:15:9f:c7:e0:ec:4d:69:d7:15:34:85:
30:26:17:b3:f9:0e:67:a3:50:b2:c3:41:cd:26:1a:
fd:42:ab:0d:a4:94:4e:0d:a8:70:d5:7c:39:22:2b:
a0:7b:f8:d9:e7:fd:c5:41:50:18:04:01:3f:e7:f6:
83:0f:28:d4:16:b7:1c:43:8b:47:66:18:8b:c7:ab:
38:70:8c:02:29:81:59:2f:a6:fc:44:fd:d8:f8:7f:
51:ab:23:fe:65:5d:78:b6:49:96:98:bf:95:63:94:
83:75:64:14:d2:0d:2c:e7:f8:95:aa:45:32:a0:a3:
c5:1c:e2:c0:a1:ea:a4:42:57:0f:b4:24:e6:94:55:
71:35:b3:84:d8:93:f8:6e:16:74:12:11:37:12:8f:
59:fb:a0:7e:39:df:e8:e6:7c:9f:11:19:15:c8:1d:
4e:52:60:a3:ca:55:9f:c9:9f:52:79:0f:6a:3c:05:
14:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D0:DD:62:E1:D4:AA:76:EC:F3:CE:D8:24:AD:37:EF:50:E6:67:62
X509v3 Authority Key Identifier:
keyid:02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/9tDdYuHUqnbs887YJK0371DmZ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/AvxcBk9RWcih-kBmyMuP9wFnHdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/23
185.42.161.0/24
185.203.112.0/24
IPv6:
2a0f:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:a1:95:e8:6b:60:ef:03:58:57:fc:02:75:f7:26:e4:fb:6b:
30:18:63:56:44:a5:ef:cd:ba:2f:23:ed:bc:93:bf:22:05:6b:
27:71:cc:73:f8:7d:3e:bf:8c:67:99:a5:79:a6:9e:cd:31:ca:
ac:20:6e:b1:c4:6b:05:a4:0b:8f:00:67:c3:cd:af:8b:fe:81:
14:0c:58:c6:de:e8:74:4c:a8:d1:84:a4:30:03:2a:fb:2c:71:
62:df:07:9f:bc:d4:a8:11:ae:d1:03:c2:89:d9:37:dc:55:63:
5d:6c:96:53:17:d1:0f:8f:fd:a1:13:a8:8d:ba:f2:38:74:5a:
33:37:cf:e4:8c:00:bb:cd:a5:7f:fc:50:23:1d:0d:d9:ef:16:
4e:ab:1c:66:ad:4a:73:f5:5f:ae:3a:0e:04:9c:1b:c2:6b:48:
fe:2d:c8:df:5f:8b:ac:a7:34:49:1a:ec:99:ab:25:5d:ba:3f:
4b:d1:db:3f:29:9d:83:71:b4:89:c5:c4:9b:cc:42:93:61:5d:
8a:85:f0:ea:40:89:91:2f:9d:53:69:ed:91:51:32:b3:6c:a5:
8a:18:a6:61:88:a2:92:ca:aa:78:0e:d7:9b:6a:26:ca:61:11:
53:90:a8:41:2c:b2:34:e2:17:c9:05:8c:1a:21:24:8d:a4:c1:
d5:0b:da:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZT6hiPmMGJskUr46HXoXFw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmM1YzA2NGY1MTU5YzhhMWZhNDA2NmM4Y2I4ZmY3MDE2
NzFkZDIwHhcNMjUwMjEyMTQxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQwZGQ2MmUxZDRhYTc2ZWNmM2NlZDgyNGFkMzdlZjUwZTY2NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/tnvHYJ5xDhqrvI1cUNPNmZ7Cx4
CKkMRqIyqlS/Q56r0wDsCmzLGZsdo+01nyqPJulMoKuQgSpq+yFVhm4t88oydQHA
YGPJb54aSl0SFZ/H4OxNadcVNIUwJhez+Q5no1Cyw0HNJhr9QqsNpJRODahw1Xw5
Iiuge/jZ5/3FQVAYBAE/5/aDDyjUFrccQ4tHZhiLx6s4cIwCKYFZL6b8RP3Y+H9R
qyP+ZV14tkmWmL+VY5SDdWQU0g0s5/iVqkUyoKPFHOLAoeqkQlcPtCTmlFVxNbOE
2JP4bhZ0EhE3Eo9Z+6B+Od/o5nyfERkVyB1OUmCjylWfyZ9SeQ9qPAUUQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPbQ3WLh1Kp27PPO2CStN+9Q5mdiMB8GA1UdIwQY
MBaAFAL8XAZPUVnIofpAZsjLj/cBZx3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEt
NzkyYTkxYzVjYTJiLzEvOXREZFl1SFVxbmJzODg3WUpLMDM3MURtWjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEtNzkyYTkxYzVjYTJi
LzEvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBk07AAwQA
uSqhAwQAuctwMA0EAgACMAcDBQMqD5jAMA0GCSqGSIb3DQEBCwUAA4IBAQCEoZXo
a2DvA1hX/AJ19ybk+2swGGNWRKXvzbovI+28k78iBWsnccxz+H0+v4xnmaV5pp7N
McqsIG6xxGsFpAuPAGfDza+L/oEUDFjG3uh0TKjRhKQwAyr7LHFi3wefvNSoEa7R
A8KJ2TfcVWNdbJZTF9EPj/2hE6iNuvI4dFozN8/kjAC7zaV//FAjHQ3Z7xZOqxxm
rUpz9V+uOg4EnBvCa0j+LcjfX4uspzRJGuyZqyVduj9L0ds/KZ2DcbSJxcSbzEKT
YV2KhfDqQImRL51Tae2RUTKzbKWKGKZhiKKSyqp4DtebaibKYRFTkKhBLLI04hfJ
BYwaISSNpMHVC9rR
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:42:03 2025 by rpki-client