Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/TnaMWvb7a7VeYSC71M1VeRRWVfk.roa
File: TnaMWvb7a7VeYSC71M1VeRRWVfk.roa (raw, json)
Hash identifier: 4r9EL/j9G3rYxbWOoAPZGAi6eCA+as8vWcI7w48K7J4=
Subject key identifier: 4E:76:8C:5A:F6:FB:6B:B5:5E:61:20:BB:D4:CD:55:79:14:56:55:F9
Certificate issuer: /CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Certificate serial: 019076B346AA316F50D88353C6D08E65B70B
Authority key identifier: 67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/TnaMWvb7a7VeYSC71M1VeRRWVfk.roa
Signing time: Wed 03 Jul 2024 03:46:18 +0000
ROA not before: Wed 03 Jul 2024 03:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204206
IP address blocks: 185.78.245.0/24 maxlen: 24
185.78.246.0/24 maxlen: 24
185.78.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 13:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:b3:46:aa:31:6f:50:d8:83:53:c6:d0:8e:65:b7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Validity
Not Before: Jul 3 03:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e768c5af6fb6bb55e6120bbd4cd5579145655f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7d:cf:d5:bd:56:63:b8:59:33:a5:92:33:36:
0f:ce:07:44:80:08:68:e1:b1:64:8d:bd:e6:b3:c2:
eb:41:b0:45:6f:3b:e0:2e:9a:11:5d:a0:76:8e:99:
97:ad:ba:b5:d1:6e:59:c0:e3:55:52:86:2c:be:38:
0d:cb:a4:2f:94:1f:b0:b9:f7:38:a3:58:38:fd:35:
b0:9e:7b:50:97:87:8b:60:3b:63:59:6c:03:f3:7d:
ed:bb:d3:c3:17:90:42:bd:d2:3f:f2:8f:7d:2d:8b:
6d:69:4a:94:12:95:35:99:4c:3a:4c:90:72:cf:3b:
da:39:0a:4a:3d:5b:65:a7:3d:67:1d:ab:93:ab:33:
a8:5e:d6:35:1a:82:66:b7:ef:a0:d7:09:9c:3e:3a:
e5:01:dd:fb:98:65:17:be:35:7b:90:80:45:d2:49:
8e:a4:80:fc:fc:9a:1c:5a:1d:a8:ce:be:59:e6:1d:
10:1b:24:b3:fa:2c:04:e9:5a:01:b1:e1:09:95:9d:
9e:70:59:ce:d4:ff:c0:c2:3e:86:2b:40:36:99:1f:
54:41:86:90:84:68:e1:a9:6d:00:ca:b0:52:0c:6a:
c4:ed:08:6a:f9:cb:68:be:1b:49:48:74:1d:72:3a:
d8:90:dd:08:9b:ad:de:9c:13:7a:63:a0:5f:60:2c:
78:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:76:8C:5A:F6:FB:6B:B5:5E:61:20:BB:D4:CD:55:79:14:56:55:F9
X509v3 Authority Key Identifier:
keyid:67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/TnaMWvb7a7VeYSC71M1VeRRWVfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.245.0-185.78.247.255
Signature Algorithm: sha256WithRSAEncryption
a6:e0:35:dd:77:2c:e8:d1:d5:21:2e:f3:86:d7:48:fd:9c:9d:
31:7b:ad:a0:87:2f:46:a9:0c:da:e5:c7:f0:e4:7a:4e:91:98:
87:08:a1:39:bd:0f:89:31:29:de:bf:94:51:3d:d7:13:17:eb:
f8:48:49:ff:bc:2c:c2:04:48:99:87:90:fc:0f:28:75:5f:ce:
52:71:44:a2:ad:b3:41:9a:20:28:ec:a0:fe:d8:38:e3:22:62:
40:0e:3f:e5:5c:9d:e8:7b:ff:7e:54:38:ca:24:e2:05:03:61:
06:37:04:59:27:91:35:19:0d:10:97:54:36:fe:96:14:b6:a0:
50:a3:56:db:8d:91:b0:0b:24:dd:94:f3:4c:ad:04:9e:18:5b:
12:7e:55:2b:0a:a1:4b:e2:c3:ac:b5:ae:d9:28:21:bd:14:aa:
ad:2b:6a:5f:57:30:7e:64:2e:95:28:44:9d:6f:09:2b:0c:86:
27:d7:4b:7e:6b:b5:70:9b:fc:ec:fa:fc:47:d8:cc:cb:30:90:
0a:92:ff:ab:e2:3a:3d:e3:99:6e:fa:36:49:ac:8a:06:b4:57:
31:4f:81:45:6c:ad:f0:96:12:8d:a1:2a:01:23:48:e2:3f:29:
1a:85:7d:31:cb:8e:47:64:71:66:6b:84:b1:f5:28:0d:2b:a0:
ec:e4:da:e1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZB2s0aqMW9Q2INTxtCOZbcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGU2MDc3OWYzY2Q0ZDAzZDVlNTA3ODQwZjVmYTJhMzFh
NmFiOGQwHhcNMjQwNzAzMDM0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc2OGM1YWY2ZmI2YmI1NWU2MTIwYmJkNGNkNTU3OTE0NTY1NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX3P1b1WY7hZM6WSMzYPzgdEgAho
4bFkjb3ms8LrQbBFbzvgLpoRXaB2jpmXrbq10W5ZwONVUoYsvjgNy6QvlB+wufc4
o1g4/TWwnntQl4eLYDtjWWwD833tu9PDF5BCvdI/8o99LYttaUqUEpU1mUw6TJBy
zzvaOQpKPVtlpz1nHauTqzOoXtY1GoJmt++g1wmcPjrlAd37mGUXvjV7kIBF0kmO
pID8/JocWh2ozr5Z5h0QGySz+iwE6VoBseEJlZ2ecFnO1P/Awj6GK0A2mR9UQYaQ
hGjhqW0AyrBSDGrE7Qhq+ctovhtJSHQdcjrYkN0Im63enBN6Y6BfYCx4XQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE52jFr2+2u1XmEgu9TNVXkUVlX5MB8GA1UdIwQY
MBaAFGcOYHefPNTQPV5QeED1+ioxpquNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUt
MzUwMDRhNjcxZWIzLzEvVG5hTVd2YjdhN1ZlWVNDNzFNMVZlUlJXVmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUtMzUwMDRhNjcxZWIz
LzEvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5TvUD
BAO5TvAwDQYJKoZIhvcNAQELBQADggEBAKbgNd13LOjR1SEu84bXSP2cnTF7raCH
L0apDNrlx/Dkek6RmIcIoTm9D4kxKd6/lFE91xMX6/hISf+8LMIESJmHkPwPKHVf
zlJxRKKts0GaICjsoP7YOOMiYkAOP+Vcneh7/35UOMok4gUDYQY3BFknkTUZDRCX
VDb+lhS2oFCjVtuNkbALJN2U80ytBJ4YWxJ+VSsKoUviw6y1rtkoIb0Uqq0ral9X
MH5kLpUoRJ1vCSsMhifXS35rtXCb/Oz6/EfYzMswkAqS/6viOj3jmW76Nkmsiga0
VzFPgUVsrfCWEo2hKgEjSOI/KRqFfTHLjkdkcWZrhLH1KA0roOzk2uE=
-----END CERTIFICATE-----
Generated at Thu Jul 4 15:31:05 2024 by rpki-client on console-fra.rpki-client.org