Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/5wJ2sxMfNxFtU5h6lC4EjQkvfm0.roa
File: 5wJ2sxMfNxFtU5h6lC4EjQkvfm0.roa (raw, json)
Hash identifier: YspWoab2Tn8NF/IemMWnbPm71tp8j/CDDtjtww60Nqg=
Subject key identifier: E7:02:76:B3:13:1F:37:11:6D:53:98:7A:94:2E:04:8D:09:2F:7E:6D
Certificate issuer: /CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Certificate serial: 01857067170BFF9EA505DB5D739101CED0E0
Authority key identifier: 1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/5wJ2sxMfNxFtU5h6lC4EjQkvfm0.roa
Signing time: Mon 02 Jan 2023 02:54:42 +0000
ROA not before: Mon 02 Jan 2023 02:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41897
IP address blocks: 78.109.97.0/24 maxlen: 24
78.109.98.0/24 maxlen: 24
78.109.99.0/24 maxlen: 24
78.109.100.0/23 maxlen: 23
78.109.102.0/23 maxlen: 23
193.42.20.0/24 maxlen: 24
185.90.134.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:17:0b:ff:9e:a5:05:db:5d:73:91:01:ce:d0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Validity
Not Before: Jan 2 02:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e70276b3131f37116d53987a942e048d092f7e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8d:fa:90:81:3b:2a:24:5c:2a:46:25:5a:b5:
38:23:f5:56:8b:26:e1:a7:73:fd:80:18:79:bf:36:
17:23:6f:4d:88:97:80:43:4e:4a:29:11:da:09:43:
9f:93:bc:49:10:2b:28:0b:df:6e:f7:61:d9:02:2f:
61:a7:cb:ac:19:a5:cb:be:00:3c:cb:0d:e1:01:2e:
94:c8:a6:6f:62:5f:e0:09:87:42:fd:c2:1c:92:8e:
b8:73:83:49:bb:8e:90:2c:8e:07:d8:76:06:9a:95:
21:52:1f:2a:ee:9c:a2:53:c2:9d:80:a4:36:49:85:
ea:48:af:0f:02:62:9d:3b:be:b7:e9:50:aa:0c:17:
0d:05:c7:be:1a:20:0c:1f:40:19:92:81:d1:2b:ea:
bb:c5:ff:33:e8:7f:1b:87:1b:24:f8:4a:a4:8f:07:
e4:dc:05:c8:d5:76:b5:09:95:55:f9:60:5a:24:83:
3c:6f:f7:c0:6e:ab:af:dd:c4:f3:05:7a:72:b6:df:
b1:38:f7:8e:be:98:c0:ca:c6:9a:44:80:f0:68:ba:
1a:f4:c2:c6:c2:ec:3f:9e:79:7e:d8:d4:2f:4b:20:
41:29:11:c5:e2:bd:4a:16:03:52:fe:a8:91:5f:89:
57:7c:55:0b:c6:23:39:76:d2:6c:f1:2a:ce:7e:24:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:02:76:B3:13:1F:37:11:6D:53:98:7A:94:2E:04:8D:09:2F:7E:6D
X509v3 Authority Key Identifier:
keyid:1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/5wJ2sxMfNxFtU5h6lC4EjQkvfm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.97.0-78.109.103.255
185.90.134.0/23
193.42.20.0/24
Signature Algorithm: sha256WithRSAEncryption
de:f0:aa:e7:67:c2:f4:7e:b4:82:be:96:32:39:de:6e:4b:e6:
91:a4:0f:30:17:2c:ce:3f:5d:41:6c:60:8c:8a:2e:c1:e3:9b:
17:c4:79:fb:f0:8d:c7:f3:7a:54:81:23:2d:61:b4:ed:f2:e6:
cd:3c:88:9e:65:77:c9:77:d1:77:c8:5e:20:0c:3f:37:c1:49:
55:1b:26:4a:43:53:8e:15:80:cb:63:fc:85:86:44:17:be:e7:
e4:a4:f9:10:c7:fa:fc:a2:62:95:a5:37:c2:bf:ed:27:df:a4:
23:c6:ba:62:70:a3:42:88:f4:d7:b3:11:23:8b:b7:22:40:93:
ea:85:e4:27:9a:63:f8:b7:15:b6:4e:ec:5b:48:ca:7f:f9:a2:
53:b0:7c:76:3a:e8:44:91:eb:86:50:cf:80:b3:3f:c3:01:7a:
d0:c8:e5:87:7c:ba:dc:c3:94:63:30:54:2c:27:ed:ee:35:94:
89:43:c1:46:0e:3e:14:83:5a:6f:6f:0e:79:02:30:f8:7b:d7:
6b:0c:5c:4e:9f:97:c6:fb:fd:c8:9b:13:28:0c:ea:85:51:d6:
d9:dd:f5:8c:45:4f:31:d8:a0:20:f9:3c:e5:79:18:77:3e:06:
4b:6d:2c:80:55:4b:fe:fe:ee:e8:b3:ac:3e:87:8b:1a:0d:f2:
b7:a1:ff:0d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwZxcL/56lBdtdc5EBztDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYzE5OTRlYTYzZDUwZGJjOGI0M2FjZWNhZDI4NDJiNGRj
MTU3NTkwHhcNMjMwMTAyMDI1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAyNzZiMzEzMWYzNzExNmQ1Mzk4N2E5NDJlMDQ4ZDA5MmY3ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI36kIE7KiRcKkYlWrU4I/VWiybh
p3P9gBh5vzYXI29NiJeAQ05KKRHaCUOfk7xJECsoC99u92HZAi9hp8usGaXLvgA8
yw3hAS6UyKZvYl/gCYdC/cIcko64c4NJu46QLI4H2HYGmpUhUh8q7pyiU8KdgKQ2
SYXqSK8PAmKdO7636VCqDBcNBce+GiAMH0AZkoHRK+q7xf8z6H8bhxsk+Eqkjwfk
3AXI1Xa1CZVV+WBaJIM8b/fAbquv3cTzBXpytt+xOPeOvpjAysaaRIDwaLoa9MLG
wuw/nnl+2NQvSyBBKRHF4r1KFgNS/qiRX4lXfFULxiM5dtJs8SrOfiQsjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOcCdrMTHzcRbVOYepQuBI0JL35tMB8GA1UdIwQY
MBaAFBvBmU6mPVDbyLQ6zsrShCtNwVdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYt
YWY1ODY3NDc2MzA5LzEvNXdKMnN4TWZOeEZ0VTVoNmxDNEVqUWt2Zm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYtYWY1ODY3NDc2MzA5
LzEvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABObWED
BANObWADBAG5WoYDBADBKhQwDQYJKoZIhvcNAQELBQADggEBAN7wqudnwvR+tIK+
ljI53m5L5pGkDzAXLM4/XUFsYIyKLsHjmxfEefvwjcfzelSBIy1htO3y5s08iJ5l
d8l30XfIXiAMPzfBSVUbJkpDU44VgMtj/IWGRBe+5+Sk+RDH+vyiYpWlN8K/7Sff
pCPGumJwo0KI9NezESOLtyJAk+qF5CeaY/i3FbZO7FtIyn/5olOwfHY66ESR64ZQ
z4CzP8MBetDI5Yd8utzDlGMwVCwn7e41lIlDwUYOPhSDWm9vDnkCMPh712sMXE6f
l8b7/cibEygM6oVR1tnd9YxFTzHYoCD5POV5GHc+BkttLIBVS/7+7uizrD6HixoN
8reh/w0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:19 2024 by rpki-client on console-ams.rpki-client.org