Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/Q0dDV7dNc0KhqVR6BfX6iHh2-R0.roa
File: Q0dDV7dNc0KhqVR6BfX6iHh2-R0.roa (raw, json)
Hash identifier: 2L3C6YG5V7ooxUTLzQUeKu3Sg22Q2c+PEvlZMfhondM=
Subject key identifier: 43:47:43:57:B7:4D:73:42:A1:A9:54:7A:05:F5:FA:88:78:76:F9:1D
Certificate issuer: /CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Certificate serial: 01857067185D960F1D69ADE15D52660B067C
Authority key identifier: 1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/Q0dDV7dNc0KhqVR6BfX6iHh2-R0.roa
Signing time: Mon 02 Jan 2023 02:54:42 +0000
ROA not before: Mon 02 Jan 2023 02:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43277
IP address blocks: 78.109.96.0/24 maxlen: 24
78.109.104.0/22 maxlen: 22
78.109.108.0/22 maxlen: 22
185.90.132.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:18:5d:96:0f:1d:69:ad:e1:5d:52:66:0b:06:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Validity
Not Before: Jan 2 02:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43474357b74d7342a1a9547a05f5fa887876f91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c6:1b:9d:58:9b:7a:11:2f:4a:9a:20:1d:03:
72:67:2b:fb:4e:26:a8:51:b1:a8:cc:49:92:32:fa:
49:0a:c5:d8:b3:08:48:df:cb:19:85:e9:e2:93:ab:
b2:5a:51:34:aa:b5:dd:9a:f8:94:33:72:79:b4:32:
d2:ad:27:47:8a:19:70:e5:c6:28:9b:1e:b3:c4:cd:
5f:7e:a5:7c:23:c2:1f:58:88:4a:51:3b:07:3b:8a:
60:94:49:f2:cb:89:60:21:b4:b0:06:37:e5:f6:b9:
c7:6a:6b:a6:44:24:7c:e6:fd:fa:8c:c7:4a:1a:ee:
ab:46:d5:a8:7a:e5:8d:1e:a8:9b:e1:7d:43:e0:cf:
36:99:58:5a:c1:00:05:41:0e:8c:1c:58:2c:2a:69:
2a:a4:09:e6:f3:5f:0f:1d:07:22:cf:e7:dc:eb:43:
5a:f2:40:b5:f7:39:a3:e8:c1:6f:94:5f:4d:51:63:
b1:6a:85:52:bc:b0:66:ed:50:63:dd:1d:0b:0f:14:
d2:43:1e:98:64:dc:26:67:8c:11:15:39:ee:c2:92:
34:78:9c:6b:28:ba:80:47:dc:fc:a2:f8:99:11:eb:
cf:50:db:dc:d6:16:df:4c:6c:36:c6:61:fd:c6:e0:
f8:b8:b8:cc:a3:98:dc:dd:3a:68:bd:2b:2f:90:ed:
c5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:47:43:57:B7:4D:73:42:A1:A9:54:7A:05:F5:FA:88:78:76:F9:1D
X509v3 Authority Key Identifier:
keyid:1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/Q0dDV7dNc0KhqVR6BfX6iHh2-R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.96.0/24
78.109.104.0/21
185.90.132.0/23
Signature Algorithm: sha256WithRSAEncryption
39:2e:ff:49:0c:38:eb:84:bf:1f:78:98:1a:57:c2:40:ae:0f:
ba:35:3d:91:99:3e:dc:40:f6:80:a2:d4:6e:0d:4a:e4:f2:20:
06:0c:a5:f1:f6:24:bd:71:b2:c9:d4:76:27:f4:e0:65:63:5b:
b4:76:04:f2:31:da:30:be:ba:68:9d:46:6d:77:cd:cf:c5:a1:
05:66:ce:c2:97:cf:8b:e4:7f:69:d5:b5:85:08:95:09:6e:4e:
ef:ff:13:ea:9b:93:17:5c:de:be:c2:89:af:78:e4:d3:85:8f:
ac:22:b1:dc:0b:fc:d0:d8:a5:5c:18:1f:c0:6c:17:0a:7b:d4:
31:f8:68:e4:ed:6a:e3:0d:49:8b:0c:44:43:d0:1c:68:a1:e6:
c6:e8:1e:e8:c8:1e:ad:2e:e4:ea:21:9d:5e:96:cc:52:0f:82:
f9:66:07:e3:21:21:89:01:02:f9:48:4a:4a:82:05:91:80:50:
c5:17:63:77:91:ea:4b:b2:cd:2e:44:a4:87:3c:62:0a:ce:da:
27:e0:c7:d4:a8:df:23:09:c6:a9:a9:53:9b:f2:f1:2c:5d:7f:
bd:e0:97:e7:b6:08:8f:3f:0c:75:cd:9e:5b:03:b3:f6:18:52:
8e:34:68:ef:e8:8f:68:38:7b:0e:9c:e9:5b:fb:42:be:b7:56:
b3:ae:29:7d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwZxhdlg8daa3hXVJmCwZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYzE5OTRlYTYzZDUwZGJjOGI0M2FjZWNhZDI4NDJiNGRj
MTU3NTkwHhcNMjMwMTAyMDI1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ3NDM1N2I3NGQ3MzQyYTFhOTU0N2EwNWY1ZmE4ODc4NzZmOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsYbnVibehEvSpogHQNyZyv7Tiao
UbGozEmSMvpJCsXYswhI38sZhenik6uyWlE0qrXdmviUM3J5tDLSrSdHihlw5cYo
mx6zxM1ffqV8I8IfWIhKUTsHO4pglEnyy4lgIbSwBjfl9rnHamumRCR85v36jMdK
Gu6rRtWoeuWNHqib4X1D4M82mVhawQAFQQ6MHFgsKmkqpAnm818PHQciz+fc60Na
8kC19zmj6MFvlF9NUWOxaoVSvLBm7VBj3R0LDxTSQx6YZNwmZ4wRFTnuwpI0eJxr
KLqAR9z8oviZEevPUNvc1hbfTGw2xmH9xuD4uLjMo5jc3TpovSsvkO3F1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFENHQ1e3TXNCoalUegX1+oh4dvkdMB8GA1UdIwQY
MBaAFBvBmU6mPVDbyLQ6zsrShCtNwVdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYt
YWY1ODY3NDc2MzA5LzEvUTBkRFY3ZE5jMEtocVZSNkJmWDZpSGgyLVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xM2JkYmEtMDcxNS00ZTI2LWIwNzYtYWY1ODY3NDc2MzA5
LzEvRzhHWlRxWTlVTnZJdERyT3l0S0VLMDNCVjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATm1gAwQD
Tm1oAwQBuVqEMA0GCSqGSIb3DQEBCwUAA4IBAQA5Lv9JDDjrhL8feJgaV8JArg+6
NT2RmT7cQPaAotRuDUrk8iAGDKXx9iS9cbLJ1HYn9OBlY1u0dgTyMdowvrponUZt
d83PxaEFZs7Cl8+L5H9p1bWFCJUJbk7v/xPqm5MXXN6+womveOTThY+sIrHcC/zQ
2KVcGB/AbBcKe9Qx+Gjk7WrjDUmLDERD0BxooebG6B7oyB6tLuTqIZ1elsxSD4L5
ZgfjISGJAQL5SEpKggWRgFDFF2N3kepLss0uRKSHPGIKzton4MfUqN8jCcapqVOb
8vEsXX+94JfntgiPPwx1zZ5bA7P2GFKONGjv6I9oOHsOnOlb+0K+t1azril9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:35 2024 by rpki-client on console-ams.rpki-client.org