Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/iw_JQ1qQkVy9P7sgn4OuWH14NnY.roa
File: iw_JQ1qQkVy9P7sgn4OuWH14NnY.roa (raw, json)
Hash identifier: IUpzAHUC6FZBbcn+vsKee6t6ZnKiO4yxVeuxmc2qjCY=
Subject key identifier: 8B:0F:C9:43:5A:90:91:5C:BD:3F:BB:20:9F:83:AE:58:7D:78:36:76
Certificate issuer: /CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
Certificate serial: 018570397EBFD52B058E17F388B39D137D59
Authority key identifier: 2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/iw_JQ1qQkVy9P7sgn4OuWH14NnY.roa
Signing time: Mon 02 Jan 2023 02:04:54 +0000
ROA not before: Mon 02 Jan 2023 02:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 78.111.48.0/21 maxlen: 21
78.111.48.0/20 maxlen: 20
185.81.82.0/23 maxlen: 23
185.81.80.0/22 maxlen: 22
185.81.80.0/23 maxlen: 23
78.111.56.0/21 maxlen: 21
2a03:7740::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:7e:bf:d5:2b:05:8e:17:f3:88:b3:9d:13:7d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
Validity
Not Before: Jan 2 02:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b0fc9435a90915cbd3fbb209f83ae587d783676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:42:d6:ce:f5:5e:0d:2d:83:f3:a4:c3:84:a7:
2b:a7:67:d5:df:99:6c:9e:85:3e:92:9f:f2:ee:bd:
b6:68:76:a3:3e:86:fc:51:0d:4f:c7:75:58:54:7f:
4d:34:3f:b6:7d:52:56:f4:19:79:10:4f:67:32:40:
b9:10:6e:4d:f6:99:43:6d:68:f5:f4:d5:d7:f4:e1:
c7:7b:60:0a:17:71:d0:f4:14:4a:36:f6:28:c5:5f:
ca:94:5c:52:d5:d6:24:31:e8:1a:b9:f8:f2:13:e9:
c9:26:af:8b:3a:fd:7c:2c:f9:87:6a:00:d7:28:09:
d6:42:e9:9c:dc:81:00:1a:a7:9a:7f:3c:3e:1d:9b:
8a:96:e0:20:86:c3:fc:57:be:cb:36:55:20:ca:9e:
f7:aa:9b:d7:a8:47:42:14:6d:e2:ad:13:53:77:4d:
14:e9:e9:b4:73:f3:01:43:9c:97:b2:e8:fc:d7:c5:
39:15:35:6d:7d:20:19:1e:d9:db:25:f4:41:54:47:
5a:ba:4a:e9:fc:00:fd:a0:fc:3c:85:e6:57:09:c7:
e2:55:da:f4:12:94:17:c6:70:dc:bc:84:08:22:1c:
39:61:53:41:cd:95:b8:76:0d:7b:95:82:a9:1d:d5:
62:64:71:ea:3c:07:1f:b2:e0:84:e5:75:bd:d4:f9:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0F:C9:43:5A:90:91:5C:BD:3F:BB:20:9F:83:AE:58:7D:78:36:76
X509v3 Authority Key Identifier:
keyid:2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/iw_JQ1qQkVy9P7sgn4OuWH14NnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.48.0/20
185.81.80.0/22
IPv6:
2a03:7740::/32
Signature Algorithm: sha256WithRSAEncryption
21:e0:c9:aa:bd:e3:62:a9:ce:25:e3:8a:76:75:08:ea:15:74:
99:f5:e4:c4:9e:83:87:64:d7:45:47:d6:f6:9c:bd:c1:82:cd:
61:c2:16:da:5e:78:53:ca:af:b2:9d:82:cf:24:2a:db:e2:27:
a8:02:1b:01:93:c6:f1:81:99:52:f3:26:c1:49:63:46:c0:41:
44:cc:a7:e9:c3:ec:bf:e4:0f:11:84:ee:df:50:c0:93:ff:92:
5f:85:44:9f:53:d8:73:0c:7d:a0:ee:6a:7f:a0:4e:79:f5:45:
ec:f9:fb:8a:2a:02:41:dc:b6:ab:fd:2d:a0:fc:ba:2b:f0:11:
bd:74:2e:c3:b9:30:68:4b:a4:60:d0:f2:a3:da:a5:f6:05:62:
29:fe:3f:2a:0c:d1:d3:a0:44:30:ed:a7:eb:c0:55:f9:c9:a6:
a5:65:82:89:d9:53:4c:e4:a3:1b:4f:19:a3:31:39:ff:44:81:
19:49:1c:f3:90:f4:4c:57:48:65:7f:87:24:8d:55:35:46:f0:
09:81:a1:5e:85:77:f7:7b:a3:ef:21:2b:64:f2:39:ae:9b:53:
c9:f4:45:90:0a:9f:2d:92:21:31:1e:70:2f:9d:b1:73:52:95:
24:06:f1:ef:5c:e1:a6:9d:8e:38:27:56:b5:5f:f1:e8:35:85:
31:5a:cf:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwOX6/1SsFjhfziLOdE31ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI3Yzg3Y2JiZmMyNjFhMjc0ZTljYjFiMDk1MDI2YTgw
YzYxMzYwHhcNMjMwMTAyMDIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBmYzk0MzVhOTA5MTVjYmQzZmJiMjA5ZjgzYWU1ODdkNzgzNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjELWzvVeDS2D86TDhKcrp2fV35ls
noU+kp/y7r22aHajPob8UQ1Px3VYVH9NND+2fVJW9Bl5EE9nMkC5EG5N9plDbWj1
9NXX9OHHe2AKF3HQ9BRKNvYoxV/KlFxS1dYkMegaufjyE+nJJq+LOv18LPmHagDX
KAnWQumc3IEAGqeafzw+HZuKluAghsP8V77LNlUgyp73qpvXqEdCFG3irRNTd00U
6em0c/MBQ5yXsuj818U5FTVtfSAZHtnbJfRBVEdaukrp/AD9oPw8heZXCcfiVdr0
EpQXxnDcvIQIIhw5YVNBzZW4dg17lYKpHdViZHHqPAcfsuCE5XW91PnYvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIsPyUNakJFcvT+7IJ+Drlh9eDZ2MB8GA1UdIwQY
MBaAFC6CfIfLv8JhonTpyxsJUCaoDGE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWIt
MjRmYTEwOTY1ZTg1LzEvaXdfSlExcVFrVnk5UDdzZ240T3VXSDE0Tm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWItMjRmYTEwOTY1ZTg1
LzEvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm8wAwQC
uVFQMA0EAgACMAcDBQAqA3dAMA0GCSqGSIb3DQEBCwUAA4IBAQAh4MmqveNiqc4l
44p2dQjqFXSZ9eTEnoOHZNdFR9b2nL3Bgs1hwhbaXnhTyq+ynYLPJCrb4ieoAhsB
k8bxgZlS8ybBSWNGwEFEzKfpw+y/5A8RhO7fUMCT/5JfhUSfU9hzDH2g7mp/oE55
9UXs+fuKKgJB3Lar/S2g/Lor8BG9dC7DuTBoS6Rg0PKj2qX2BWIp/j8qDNHToEQw
7afrwFX5yaalZYKJ2VNM5KMbTxmjMTn/RIEZSRzzkPRMV0hlf4ckjVU1RvAJgaFe
hXf3e6PvIStk8jmum1PJ9EWQCp8tkiExHnAvnbFzUpUkBvHvXOGmnY44J1a1X/Ho
NYUxWs9V
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:43 2024 by rpki-client on console-ams.rpki-client.org