Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/fejzcXIODccko2Q32ybk8zgSmzc.roa
File: fejzcXIODccko2Q32ybk8zgSmzc.roa (raw, json)
Hash identifier: XDm0efGpY8duaFbQARXYPs5JHVrTpj+sY9mmpw9tL9Y=
Subject key identifier: 7D:E8:F3:71:72:0E:0D:C7:24:A3:64:37:DB:26:E4:F3:38:12:9B:37
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01856C9CA5E6EDE242F00B00D879222FFDC5
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/fejzcXIODccko2Q32ybk8zgSmzc.roa
Signing time: Sun 01 Jan 2023 09:14:43 +0000
ROA not before: Sun 01 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43586
IP address blocks: 78.24.75.0/24 maxlen: 24
78.24.76.0/24 maxlen: 24
78.24.77.0/24 maxlen: 24
78.24.72.0/24 maxlen: 24
78.24.78.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1908:e47::/48 maxlen: 48
2a00:1908:6000::/35 maxlen: 35
2a00:1908:8000::/35 maxlen: 35
2a00:1908::/35 maxlen: 35
2a00:1908:2000::/35 maxlen: 35
2a00:1908:4000::/35 maxlen: 35
2a00:1908:c000::/35 maxlen: 35
2a00:1908:a000::/35 maxlen: 35
2a00:1908:d000::/36 maxlen: 36
2a00:1908:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 01 Sep 2023 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:a5:e6:ed:e2:42:f0:0b:00:d8:79:22:2f:fd:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7de8f371720e0dc724a36437db26e4f338129b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4c:a2:61:36:b9:3f:da:b5:24:d5:e8:32:74:
96:f5:76:90:29:34:b0:dc:b8:95:5c:fe:b6:5d:39:
a7:95:1d:28:8c:2c:4f:81:43:c1:88:6b:6b:aa:20:
52:8b:97:84:ad:0a:47:3e:28:53:13:7d:c3:c8:7a:
9a:c3:f6:70:a3:77:97:ea:3a:5f:8d:dd:39:1c:45:
c6:9c:26:7f:b5:02:92:77:77:dc:55:3e:4b:75:b9:
16:50:13:c8:2e:10:d2:ac:a8:55:43:b5:90:c7:9c:
84:f8:d3:2a:ca:f4:d6:38:d6:6e:22:0d:aa:11:d3:
b3:9c:52:bc:18:ef:c7:15:04:45:f9:d1:9a:d9:d5:
6d:96:b2:04:c6:32:2a:c5:ac:69:43:bf:be:1c:bc:
a0:3d:ce:f1:14:a7:b1:1c:2d:db:60:fa:33:f1:f3:
54:a5:68:69:b9:a5:03:21:d9:b0:e8:a2:b7:04:80:
68:eb:08:9b:92:c4:54:a2:2c:d7:5f:47:0c:e3:8f:
d3:ae:35:a1:2b:a5:18:38:40:e1:d8:a4:86:15:ea:
00:35:59:c0:61:20:96:27:29:6e:d2:36:d6:90:3e:
43:dc:0d:48:78:00:0c:e5:76:fd:ff:25:9c:27:ac:
27:a6:f4:72:5d:bd:30:4d:06:48:d5:84:ac:c4:35:
0d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E8:F3:71:72:0E:0D:C7:24:A3:64:37:DB:26:E4:F3:38:12:9B:37
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/fejzcXIODccko2Q32ybk8zgSmzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.72.0/24
78.24.75.0-78.24.79.255
IPv6:
2a00:1908::-2a00:1908:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b9:51:a2:42:0e:22:0a:b7:fc:a0:be:d9:7a:da:72:bc:b5:1c:
72:1d:46:82:0d:7c:c8:34:7c:0a:ab:00:c3:83:8b:75:e0:52:
77:39:6b:c9:2a:f3:f9:be:45:85:40:7a:37:1e:7c:02:57:8a:
43:77:3f:3d:b4:7e:29:ff:d4:43:89:d0:3c:0c:cd:d1:5e:75:
92:5e:14:3d:af:49:71:c2:b0:7a:e4:26:1d:2b:13:f1:0f:87:
ce:03:c5:a5:6f:85:7e:cc:5d:0d:63:44:69:b5:47:22:94:4a:
06:82:d5:61:2b:a6:2c:8c:ee:50:91:02:26:f8:80:b1:33:a8:
8b:c2:ec:49:3d:01:1d:32:f3:d6:29:0a:fd:ab:71:bb:1d:e3:
74:ff:e1:73:3f:84:bb:34:b4:28:1d:f9:4d:34:69:66:29:63:
f7:d1:16:f2:08:43:72:26:1f:de:13:a5:45:5d:71:b7:11:d3:
77:0e:b0:7e:99:e4:78:cb:39:e6:56:fb:48:80:41:25:3d:e4:
c6:33:f6:fa:8d:55:b9:30:5e:58:0c:9b:82:03:94:27:81:19:
1f:6f:4a:a4:01:c0:a7:4c:76:eb:a9:30:0f:25:e7:cc:d9:43:
1f:57:b9:4b:81:ed:02:f3:9a:4e:95:90:03:c8:fc:73:3d:c4:
93:aa:3f:a2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsnKXm7eJC8AsA2HkiL/3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwMTAxMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGU4ZjM3MTcyMGUwZGM3MjRhMzY0MzdkYjI2ZTRmMzM4MTI5YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkyiYTa5P9q1JNXoMnSW9XaQKTSw
3LiVXP62XTmnlR0ojCxPgUPBiGtrqiBSi5eErQpHPihTE33DyHqaw/Zwo3eX6jpf
jd05HEXGnCZ/tQKSd3fcVT5LdbkWUBPILhDSrKhVQ7WQx5yE+NMqyvTWONZuIg2q
EdOznFK8GO/HFQRF+dGa2dVtlrIExjIqxaxpQ7++HLygPc7xFKexHC3bYPoz8fNU
pWhpuaUDIdmw6KK3BIBo6wibksRUoizXX0cM44/TrjWhK6UYOEDh2KSGFeoANVnA
YSCWJylu0jbWkD5D3A1IeAAM5Xb9/yWcJ6wnpvRyXb0wTQZI1YSsxDUNDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH3o83FyDg3HJKNkN9sm5PM4Eps3MB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvZmVqemNYSU9EY2NrbzJRMzJ5Yms4emdTbXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAaBAIAATAUAwQAThhIMAwD
BABOGEsDBAROGEAwFwQCAAIwETAPAwUDKgAZCAMGBSoAGQjAMA0GCSqGSIb3DQEB
CwUAA4IBAQC5UaJCDiIKt/ygvtl62nK8tRxyHUaCDXzINHwKqwDDg4t14FJ3OWvJ
KvP5vkWFQHo3HnwCV4pDdz89tH4p/9RDidA8DM3RXnWSXhQ9r0lxwrB65CYdKxPx
D4fOA8Wlb4V+zF0NY0RptUcilEoGgtVhK6YsjO5QkQIm+ICxM6iLwuxJPQEdMvPW
KQr9q3G7HeN0/+FzP4S7NLQoHflNNGlmKWP30RbyCENyJh/eE6VFXXG3EdN3DrB+
meR4yznmVvtIgEElPeTGM/b6jVW5MF5YDJuCA5QngRkfb0qkAcCnTHbrqTAPJefM
2UMfV7lLge0C85pOlZADyPxzPcSTqj+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org