Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/nbwlcQ8LuVn_QHmx7i_-omwhZWQ.roa
File: nbwlcQ8LuVn_QHmx7i_-omwhZWQ.roa (raw, json)
Hash identifier: Pyi/an8bRm2iaOZdYn28mzpvL7U+n3U1DXtFz0IsVbA=
Subject key identifier: 9D:BC:25:71:0F:0B:B9:59:FF:40:79:B1:EE:2F:FE:A2:6C:21:65:64
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01963A6A5ABA6AF6E1D26F8972694D669F40
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/nbwlcQ8LuVn_QHmx7i_-omwhZWQ.roa
Signing time: Tue 15 Apr 2025 17:06:10 +0000
ROA not before: Tue 15 Apr 2025 17:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Apr 2025 17:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:6a:5a:ba:6a:f6:e1:d2:6f:89:72:69:4d:66:9f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 15 17:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dbc25710f0bb959ff4079b1ee2ffea26c216564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:73:bc:63:18:1e:c3:d7:eb:cd:e1:6f:f0:df:
91:58:62:06:b1:e7:b3:c3:e8:9f:8b:52:a3:5b:fa:
f0:65:78:27:7e:11:0a:5a:b2:e6:fc:70:77:d9:19:
2a:d3:91:c9:de:ef:79:08:30:48:e3:f8:6b:88:6f:
fd:22:c5:95:d9:29:8a:a7:70:f9:89:9f:7f:21:35:
52:ba:d2:e7:61:bc:01:f0:45:69:05:08:1d:6d:75:
1d:15:d2:28:2e:71:28:77:76:f7:66:b8:ba:5c:24:
50:3c:ce:d7:dd:90:65:3b:20:5f:45:07:11:3c:07:
3c:ae:f2:2d:02:d4:89:65:1a:23:8d:7c:41:09:79:
79:9e:30:99:0b:b4:b5:51:3c:24:28:c8:69:ed:2f:
d7:46:9b:e9:85:e7:49:fa:a2:58:40:fd:c7:63:2f:
fe:08:62:92:a7:1b:19:ae:4e:9d:72:e1:ca:d5:61:
bb:bb:c1:55:82:c7:f5:62:15:d9:b1:04:c8:e6:5b:
b3:f1:4e:96:eb:8a:d2:11:1b:5f:73:3f:c5:67:ea:
8e:d2:a4:b2:c9:cf:5b:cc:03:ab:39:6c:4a:8b:4b:
33:f7:9f:7c:aa:bc:70:7f:65:05:9c:96:6b:48:d7:
72:c1:08:de:a9:cd:14:3d:72:9a:6b:7a:62:4e:50:
bc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BC:25:71:0F:0B:B9:59:FF:40:79:B1:EE:2F:FE:A2:6C:21:65:64
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/nbwlcQ8LuVn_QHmx7i_-omwhZWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.78.0/24
188.132.188.0/23
188.132.191.0/24
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
9b:b3:45:05:9d:89:f8:fa:4a:8e:df:a5:94:3a:64:5a:30:ee:
53:fa:32:90:47:b6:65:97:53:fd:da:e2:15:6c:ce:51:d9:ad:
b4:97:8b:77:3c:94:e2:66:cb:53:07:94:4b:c0:51:94:7f:ff:
c7:da:a4:9a:bc:83:87:40:ad:2a:fb:02:5f:a6:c5:10:9e:a6:
5a:e4:57:13:40:8c:ec:86:4c:b3:7a:f6:c5:0b:a1:1e:2f:04:
d2:6f:cf:9c:5d:5c:9c:5d:8e:6b:b3:6a:25:67:bf:23:86:d4:
7e:31:80:88:b5:0e:33:b6:ae:c2:a2:41:51:2b:5e:4c:75:ab:
01:1f:ea:d1:49:76:73:19:28:6f:3f:4e:93:3b:27:a3:cc:cc:
6d:c5:d3:bc:26:98:3e:94:a7:44:05:ea:73:21:bf:25:3f:f1:
78:b7:5d:82:b8:16:4d:85:fa:08:7a:7a:1a:cd:e2:4e:7f:05:
e6:f2:d6:db:3e:84:f6:9a:2e:98:a4:b5:93:7c:5a:7f:98:e6:
30:2d:88:df:17:05:4d:d6:e4:42:98:7b:9e:64:d3:55:d0:e5:
1f:11:7a:52:f9:18:5f:14:60:6a:2c:5e:ab:f4:74:94:ca:60:
a0:4c:16:db:ab:59:07:be:04:40:b0:61:f8:07:e5:08:48:d3:
3c:e8:0d:40
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZY6alq6avbh0m+JcmlNZp9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNDE1MTcwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGJjMjU3MTBmMGJiOTU5ZmY0MDc5YjFlZTJmZmVhMjZjMjE2NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13O8Yxgew9frzeFv8N+RWGIGseez
w+ifi1KjW/rwZXgnfhEKWrLm/HB32Rkq05HJ3u95CDBI4/hriG/9IsWV2SmKp3D5
iZ9/ITVSutLnYbwB8EVpBQgdbXUdFdIoLnEod3b3Zri6XCRQPM7X3ZBlOyBfRQcR
PAc8rvItAtSJZRojjXxBCXl5njCZC7S1UTwkKMhp7S/XRpvphedJ+qJYQP3HYy/+
CGKSpxsZrk6dcuHK1WG7u8FVgsf1YhXZsQTI5luz8U6W64rSERtfcz/FZ+qO0qSy
yc9bzAOrOWxKi0sz9598qrxwf2UFnJZrSNdywQjeqc0UPXKaa3piTlC8bQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJ28JXEPC7lZ/0B5se4v/qJsIWVkMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbmJ3bGNROEx1Vm5fUUhteDdpXy1vbXdoWldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATodIAwQA
TodOAwQBvIS8AwQAvIS/AwQAvITlAwQAvITsAwQA1EQ3MAwDBADURDsDBADURDww
DQYJKoZIhvcNAQELBQADggEBAJuzRQWdifj6So7fpZQ6ZFow7lP6MpBHtmWXU/3a
4hVszlHZrbSXi3c8lOJmy1MHlEvAUZR//8fapJq8g4dArSr7Al+mxRCeplrkVxNA
jOyGTLN69sULoR4vBNJvz5xdXJxdjmuzaiVnvyOG1H4xgIi1DjO2rsKiQVErXkx1
qwEf6tFJdnMZKG8/TpM7J6PMzG3F07wmmD6Up0QF6nMhvyU/8Xi3XYK4Fk2F+gh6
ehrN4k5/Beby1ts+hPaaLpiktZN8Wn+Y5jAtiN8XBU3W5EKYe55k01XQ5R8RelL5
GF8UYGosXqv0dJTKYKBMFturWQe+BECwYfgH5QhI0zzoDUA=
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:10:07 2025 by rpki-client