Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/72BZwCU_BkuI-W6dTXTgm_zMfAA.roa
File: 72BZwCU_BkuI-W6dTXTgm_zMfAA.roa (raw, json)
Hash identifier: nLTrr9JbYI18ofAPoJb6Hn6P64h5ZbIP7jyn9LGmPUY=
Subject key identifier: EF:60:59:C0:25:3F:06:4B:88:F9:6E:9D:4D:74:E0:9B:FC:CC:7C:00
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193F95F678E9544D89BDFD6B2C79A354D86
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/72BZwCU_BkuI-W6dTXTgm_zMfAA.roa
Signing time: Tue 24 Dec 2024 15:53:19 +0000
ROA not before: Tue 24 Dec 2024 15:53:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.73.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
185.17.136.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 14:51:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f9:5f:67:8e:95:44:d8:9b:df:d6:b2:c7:9a:35:4d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 24 15:53:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef6059c0253f064b88f96e9d4d74e09bfccc7c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f7:fd:b5:37:87:ee:5e:41:c3:b3:2c:bc:bc:
14:24:bf:89:21:43:00:4e:22:4e:99:ae:b9:82:3e:
a1:8e:6a:11:09:63:9d:c4:07:2d:3a:ae:1e:c4:00:
9b:a3:7c:6a:9b:09:4c:15:77:33:bb:37:de:93:df:
da:79:23:48:64:7d:d5:2a:f2:3c:d2:b0:06:22:04:
f7:77:33:db:af:58:c6:c6:39:13:00:8b:a7:19:03:
b0:b3:2a:ce:37:f7:98:b9:c4:de:68:2a:06:fc:6c:
5a:c3:98:35:c2:05:f1:05:35:83:1d:82:61:c5:60:
5d:4d:f0:5c:ba:b1:69:2e:b0:34:4c:ce:7e:ee:4b:
e0:74:01:b8:12:d6:ff:30:8a:dc:9f:04:ca:e0:c7:
48:2c:0f:3d:32:1e:e6:58:5a:01:ba:41:66:59:f5:
0a:53:0f:2d:56:1f:62:4d:2c:cc:23:86:0a:df:f8:
d1:8c:09:7f:79:c1:74:6b:61:62:25:47:59:86:8f:
eb:6d:cf:e8:0a:57:60:10:7f:5a:df:c4:67:54:d0:
25:c7:3f:f7:f1:88:8c:5c:75:4e:c0:ce:0a:c4:29:
96:4d:ea:44:99:0f:1d:77:44:b4:46:0e:c8:dc:b9:
bf:47:ae:8d:bf:da:e7:22:8c:c0:31:83:a5:ba:4c:
af:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:60:59:C0:25:3F:06:4B:88:F9:6E:9D:4D:74:E0:9B:FC:CC:7C:00
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/72BZwCU_BkuI-W6dTXTgm_zMfAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.97.0/24
78.135.104.0/24
185.17.136.0/24
188.132.236.0/24
188.132.249.0/24
212.68.35.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b8:a9:1d:63:55:43:6c:81:4a:d3:0c:f3:cb:d9:14:1a:90:
bc:b8:e9:a6:64:8b:14:eb:c5:fe:da:12:cd:63:13:49:55:e7:
4a:89:fa:d5:bb:d9:82:4b:35:c4:98:15:8a:e2:44:a6:6c:59:
4e:eb:08:1a:95:66:58:0a:f6:c8:81:36:42:b0:94:f1:bf:a9:
af:89:1f:90:f7:89:3c:7e:f4:32:8b:a1:07:13:1c:21:57:b5:
a3:de:9d:b8:86:4d:4b:68:9d:d9:b5:14:46:97:6b:b9:53:fd:
59:df:c4:19:64:bb:af:4f:82:81:e7:ba:cb:c5:8f:06:d8:f2:
ec:66:4b:d0:90:95:80:63:ff:38:3e:35:9f:fe:0a:43:bb:dd:
69:0e:3f:82:5a:b1:47:c5:8a:5a:1c:0c:39:a9:bc:53:aa:36:
e0:e0:c5:05:bc:34:e4:cc:80:15:e8:15:48:5c:09:fd:ca:3c:
08:45:80:5c:b4:f0:7b:61:44:55:20:71:c9:c9:11:7c:c7:a6:
3a:2d:3b:98:48:c6:e3:50:d0:dd:a2:fe:12:e1:ed:28:f7:7d:
28:86:f2:a7:80:fe:4d:9a:f5:5f:31:f7:3f:cb:32:be:f7:69:
f9:2d:c3:0a:03:93:b4:ff:6d:f5:9f:27:af:38:e8:63:f5:a7:
7a:1f:f4:10
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZP5X2eOlUTYm9/WsseaNU2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjI0MTU1MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYwNTljMDI1M2YwNjRiODhmOTZlOWQ0ZDc0ZTA5YmZjY2M3YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPf9tTeH7l5Bw7MsvLwUJL+JIUMA
TiJOma65gj6hjmoRCWOdxActOq4exACbo3xqmwlMFXczuzfek9/aeSNIZH3VKvI8
0rAGIgT3dzPbr1jGxjkTAIunGQOwsyrON/eYucTeaCoG/Gxaw5g1wgXxBTWDHYJh
xWBdTfBcurFpLrA0TM5+7kvgdAG4Etb/MIrcnwTK4MdILA89Mh7mWFoBukFmWfUK
Uw8tVh9iTSzMI4YK3/jRjAl/ecF0a2FiJUdZho/rbc/oCldgEH9a38RnVNAlxz/3
8YiMXHVOwM4KxCmWTepEmQ8dd0S0Rg7I3Lm/R66Nv9rnIozAMYOlukyvPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO9gWcAlPwZLiPlunU104Jv8zHwAMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNzJCWndDVV9Ca3VJLVc2ZFRYVGdtX3pNZkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATodJAwQA
TodhAwQATodoAwQAuRGIAwQAvITsAwQAvIT5AwQA1EQjAwQA1EQ3MA0GCSqGSIb3
DQEBCwUAA4IBAQBsuKkdY1VDbIFK0wzzy9kUGpC8uOmmZIsU68X+2hLNYxNJVedK
ifrVu9mCSzXEmBWK4kSmbFlO6wgalWZYCvbIgTZCsJTxv6mviR+Q94k8fvQyi6EH
ExwhV7Wj3p24hk1LaJ3ZtRRGl2u5U/1Z38QZZLuvT4KB57rLxY8G2PLsZkvQkJWA
Y/84PjWf/gpDu91pDj+CWrFHxYpaHAw5qbxTqjbg4MUFvDTkzIAV6BVIXAn9yjwI
RYBctPB7YURVIHHJyRF8x6Y6LTuYSMbjUNDdov4S4e0o930ohvKngP5NmvVfMfc/
yzK+92n5LcMKA5O0/231nyevOOhj9ad6H/QQ
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:08:52 2025 by rpki-client