Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/w03rR2rDLzMyMtOeVtWOI8iD0lE.roa
File: w03rR2rDLzMyMtOeVtWOI8iD0lE.roa (raw, json)
Hash identifier: oig01aPAMn2BMQE8fiUB6AdeO844ZCyh4fpwERZvbB0=
Subject key identifier: C3:4D:EB:47:6A:C3:2F:33:32:32:D3:9E:56:D5:8E:23:C8:83:D2:51
Certificate issuer: /CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Certificate serial: 018570798A708655D5C4F178D8FAB8885ED1
Authority key identifier: 33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/w03rR2rDLzMyMtOeVtWOI8iD0lE.roa
Signing time: Mon 02 Jan 2023 03:14:51 +0000
ROA not before: Mon 02 Jan 2023 03:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34409
IP address blocks: 78.24.161.0/24 maxlen: 24
78.24.160.0/21 maxlen: 21
78.24.162.0/24 maxlen: 24
78.24.166.0/24 maxlen: 24
78.24.160.0/24 maxlen: 24
78.24.165.0/24 maxlen: 24
78.24.163.0/24 maxlen: 24
78.24.164.0/24 maxlen: 24
78.24.167.0/24 maxlen: 24
193.151.36.0/24 maxlen: 24
193.151.38.0/24 maxlen: 24
193.151.37.0/24 maxlen: 24
195.8.99.0/24 maxlen: 24
2a02:1320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:8a:70:86:55:d5:c4:f1:78:d8:fa:b8:88:5e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Validity
Not Before: Jan 2 03:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c34deb476ac32f333232d39e56d58e23c883d251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:d2:e1:a2:b0:ed:66:f9:b7:b7:5f:57:10:
89:97:8b:47:dc:75:8c:e3:df:8c:60:46:5a:38:2b:
3a:22:74:26:8e:6f:04:0d:5c:1e:4b:bd:f1:98:a9:
2a:40:f3:fc:e9:ef:cb:e2:4b:8a:e5:31:70:34:5a:
93:b8:23:b9:85:55:5b:0d:26:a4:f1:88:bf:d9:36:
4a:04:0c:3c:2c:ff:04:6b:1b:c8:39:93:35:4c:06:
b2:9a:a6:47:3a:2b:5b:6c:f8:03:64:b9:20:49:9a:
6e:69:0d:d9:6b:f9:cd:2a:6c:98:69:70:39:4a:1a:
b1:a8:3e:ad:af:ff:f7:24:dc:aa:20:6f:aa:6b:cc:
5f:57:15:7d:f9:af:86:d4:97:6e:80:d1:1f:51:88:
d6:74:91:08:6b:06:3c:53:b2:ef:17:c7:03:c0:21:
c7:a4:13:39:24:6a:ae:13:53:72:9c:35:c0:0f:ce:
a1:85:ff:4d:29:ed:fc:04:88:41:77:75:66:88:84:
9a:7e:af:ff:97:1a:9f:e7:80:1b:b9:ae:24:3d:15:
93:07:a1:7d:a9:bd:f9:5d:42:10:2d:f1:0e:2b:c4:
d5:13:ae:a4:da:1c:e4:a2:a1:01:20:8f:12:23:5d:
9c:d0:92:4b:b1:2b:93:67:cb:e8:ab:4b:92:f1:92:
1b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:4D:EB:47:6A:C3:2F:33:32:32:D3:9E:56:D5:8E:23:C8:83:D2:51
X509v3 Authority Key Identifier:
keyid:33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/w03rR2rDLzMyMtOeVtWOI8iD0lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.160.0/21
193.151.36.0-193.151.38.255
195.8.99.0/24
IPv6:
2a02:1320::/32
Signature Algorithm: sha256WithRSAEncryption
a9:2e:c3:28:7f:10:92:18:1b:24:f6:01:80:d3:01:6c:59:10:
b4:eb:6c:54:e3:97:38:dd:d8:07:c3:a5:36:ec:ea:89:09:87:
27:20:99:44:e9:ed:61:dc:76:a1:41:75:d3:10:4f:2c:d2:99:
fb:e6:1e:f8:11:35:23:7b:f2:84:ea:8a:b5:95:0f:ad:75:2f:
b1:6a:6a:02:3f:3a:b7:eb:c8:1a:70:59:8e:89:f5:a8:3d:9a:
d6:41:a1:50:c6:3d:4b:31:8a:de:29:f6:97:73:ee:bf:b7:e9:
83:bb:74:af:77:7c:a7:38:27:d6:2c:9e:f2:46:08:b6:ea:8b:
a2:90:b4:23:f6:5f:b0:6f:13:ee:d0:66:cd:fc:07:96:66:23:
48:ad:51:2a:57:49:9d:86:7b:2c:fe:9b:df:cd:55:f7:cb:de:
67:5f:a0:6c:d6:5b:48:15:19:01:40:82:80:a5:52:82:56:da:
28:8a:a9:d1:c3:54:c0:e2:48:3e:0e:89:73:84:60:40:06:01:
9f:36:ef:07:61:13:76:83:98:f5:14:58:db:4f:10:a4:f1:e2:
7b:25:69:a7:28:03:fb:86:b2:4e:dc:3f:72:6c:c8:5e:8f:bb:
07:8b:1b:de:e0:4a:e1:e4:73:5d:4c:48:ea:26:66:f2:ce:bc:
7f:2b:94:4c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVweYpwhlXVxPF42Pq4iF7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOWNiYjFlNDM5YTNhNzFlYjg3OTY2OTJmNjIyYmY4Mzhm
ODQ4OGMwHhcNMjMwMTAyMDMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzRkZWI0NzZhYzMyZjMzMzIzMmQzOWU1NmQ1OGUyM2M4ODNkMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0nS4aKw7Wb5t7dfVxCJl4tH3HWM
49+MYEZaOCs6InQmjm8EDVweS73xmKkqQPP86e/L4kuK5TFwNFqTuCO5hVVbDSak
8Yi/2TZKBAw8LP8EaxvIOZM1TAaymqZHOitbbPgDZLkgSZpuaQ3Za/nNKmyYaXA5
ShqxqD6tr//3JNyqIG+qa8xfVxV9+a+G1JdugNEfUYjWdJEIawY8U7LvF8cDwCHH
pBM5JGquE1NynDXAD86hhf9NKe38BIhBd3VmiISafq//lxqf54Abua4kPRWTB6F9
qb35XUIQLfEOK8TVE66k2hzkoqEBII8SI12c0JJLsSuTZ8voq0uS8ZIbRwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMNN60dqwy8zMjLTnlbVjiPIg9JRMB8GA1UdIwQY
MBaAFDOcux5Dmjpx64eWaS9iK/g4+EiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTV5N0hrT2FPbkhyaDVacEwySXItRGo0U0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83ZTUwMGQtNTU1Mi00YjgyLWEzYmQt
YWEwMDcxYjdiZjg0LzEvdzAzclIyckRMek15TXRPZVZ0V09JOGlEMGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83ZTUwMGQtNTU1Mi00YjgyLWEzYmQtYWEwMDcxYjdiZjg0
LzEvTTV5N0hrT2FPbkhyaDVacEwySXItRGo0U0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDThigMAwD
BALBlyQDBADBlyYDBADDCGMwDQQCAAIwBwMFACoCEyAwDQYJKoZIhvcNAQELBQAD
ggEBAKkuwyh/EJIYGyT2AYDTAWxZELTrbFTjlzjd2AfDpTbs6okJhycgmUTp7WHc
dqFBddMQTyzSmfvmHvgRNSN78oTqirWVD611L7FqagI/OrfryBpwWY6J9ag9mtZB
oVDGPUsxit4p9pdz7r+36YO7dK93fKc4J9YsnvJGCLbqi6KQtCP2X7BvE+7QZs38
B5ZmI0itUSpXSZ2Geyz+m9/NVffL3mdfoGzWW0gVGQFAgoClUoJW2iiKqdHDVMDi
SD4OiXOEYEAGAZ827wdhE3aDmPUUWNtPEKTx4nslaacoA/uGsk7cP3JsyF6PuweL
G97gSuHkc11MSOomZvLOvH8rlEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:02 2024 by rpki-client on console-ams.rpki-client.org