Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/GtHJJ5lNtGLWrijO2iaxgieE1GA.roa
File: GtHJJ5lNtGLWrijO2iaxgieE1GA.roa (raw, json)
Hash identifier: 8czFw1eEDPbuEhqCL7FvjKvBVoFsCk/ewD1wk5bgEn0=
Subject key identifier: 1A:D1:C9:27:99:4D:B4:62:D6:AE:28:CE:DA:26:B1:82:27:84:D4:60
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018CC6B83416FAA9A7C2ADAB99E7767CB465
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/GtHJJ5lNtGLWrijO2iaxgieE1GA.roa
Signing time: Mon 01 Jan 2024 20:30:09 +0000
ROA not before: Mon 01 Jan 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211715
IP address blocks: 78.142.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 17:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:34:16:fa:a9:a7:c2:ad:ab:99:e7:76:7c:b4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ad1c927994db462d6ae28ceda26b1822784d460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:38:8a:b9:31:48:79:b3:3d:4c:bf:d4:85:9e:
97:6d:8a:6b:8a:e2:d4:1c:8e:95:97:dc:b8:cd:4a:
85:4b:5f:35:82:29:bf:1f:33:7c:a6:f7:f0:ef:75:
6e:dd:5a:94:ac:11:0f:9d:08:d0:a2:ce:df:db:66:
66:19:4a:16:11:ee:7a:50:56:7e:3d:bd:5c:46:2d:
29:7a:19:f9:b3:e8:23:74:23:1a:65:ce:2c:e1:52:
6d:63:a5:c8:fc:be:9f:59:a5:7e:59:91:81:77:46:
7d:5e:e0:5f:3e:e2:7b:bf:8f:cf:73:76:3c:a1:c8:
d4:fa:14:77:17:c2:26:8f:a3:6d:9a:5f:b0:4a:46:
07:40:9f:d8:2a:0f:b2:a0:01:56:3b:43:a2:b0:cd:
ef:7e:d2:c9:0c:dc:26:75:eb:9d:d6:86:9c:03:9c:
a1:6b:09:23:84:7d:68:51:d2:fa:d7:db:7a:0b:89:
a6:88:22:27:7c:64:c3:c0:b8:e9:67:41:be:de:6e:
5c:bd:b1:78:2a:85:bf:1f:0b:20:b7:14:5b:34:a5:
1b:65:47:89:ac:84:6a:5d:c0:35:78:db:0d:2a:f0:
f8:45:9e:86:74:99:8d:6f:35:18:e5:86:73:89:c5:
45:7d:f7:4b:56:40:34:af:cc:69:15:12:30:4d:3b:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D1:C9:27:99:4D:B4:62:D6:AE:28:CE:DA:26:B1:82:27:84:D4:60
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/GtHJJ5lNtGLWrijO2iaxgieE1GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.216.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:e7:a3:c8:f4:d5:af:cb:f3:85:36:35:e3:79:d1:9d:89:36:
9b:b1:b9:7b:8f:7c:2e:6b:e1:28:98:02:71:79:65:19:01:9d:
5b:71:1e:a7:37:fd:31:4e:77:73:b8:92:55:02:38:df:eb:bf:
73:45:3c:5e:16:18:51:18:e3:2f:d4:b3:20:8f:16:64:d9:21:
a2:4d:8f:f4:a0:57:7d:71:e8:fa:fa:1e:26:bc:0d:e4:bb:c2:
87:39:22:40:0d:b7:63:a7:a8:2d:2e:4e:05:af:98:fc:b7:d5:
29:21:cd:5a:82:30:01:5c:67:8a:c6:64:44:2e:15:9b:10:92:
15:d2:b6:81:3e:70:e5:e1:c8:0e:9e:41:64:a0:b6:e0:27:0b:
93:2a:47:08:9c:94:15:d6:b3:20:37:4e:47:f4:99:5e:21:23:
84:d3:4a:1b:de:0a:1e:65:78:4f:f4:7a:e5:57:82:0b:f7:cb:
2a:df:2e:ae:d2:f4:06:25:1d:72:ba:8d:17:e6:a7:59:75:29:
d7:bf:69:83:99:fc:53:73:13:fb:4a:c9:1e:79:6d:de:9e:4a:
38:0e:d4:21:d9:a1:10:dd:b2:47:29:23:29:97:2c:d5:8d:00:
cb:19:11:37:e4:cf:74:52:76:17:02:b1:16:13:a7:1b:8c:e6:
55:0e:e1:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuDQW+qmnwq2rmed2fLRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMTAxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQxYzkyNzk5NGRiNDYyZDZhZTI4Y2VkYTI2YjE4MjI3ODRkNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojiKuTFIebM9TL/UhZ6XbYpriuLU
HI6Vl9y4zUqFS181gim/HzN8pvfw73Vu3VqUrBEPnQjQos7f22ZmGUoWEe56UFZ+
Pb1cRi0pehn5s+gjdCMaZc4s4VJtY6XI/L6fWaV+WZGBd0Z9XuBfPuJ7v4/Pc3Y8
ocjU+hR3F8Imj6Ntml+wSkYHQJ/YKg+yoAFWO0OisM3vftLJDNwmdeud1oacA5yh
awkjhH1oUdL619t6C4mmiCInfGTDwLjpZ0G+3m5cvbF4KoW/HwsgtxRbNKUbZUeJ
rIRqXcA1eNsNKvD4RZ6GdJmNbzUY5YZzicVFffdLVkA0r8xpFRIwTTsdIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrRySeZTbRi1q4oztomsYInhNRgMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvR3RISko1bE50R0xXcmlqTzJpYXhnaWVFMUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATo7YMA0G
CSqGSIb3DQEBCwUAA4IBAQCp56PI9NWvy/OFNjXjedGdiTabsbl7j3wua+EomAJx
eWUZAZ1bcR6nN/0xTndzuJJVAjjf679zRTxeFhhRGOMv1LMgjxZk2SGiTY/0oFd9
cej6+h4mvA3ku8KHOSJADbdjp6gtLk4Fr5j8t9UpIc1agjABXGeKxmRELhWbEJIV
0raBPnDl4cgOnkFkoLbgJwuTKkcInJQV1rMgN05H9JleISOE00ob3goeZXhP9Hrl
V4IL98sq3y6u0vQGJR1yuo0X5qdZdSnXv2mDmfxTcxP7SskeeW3enko4DtQh2aEQ
3bJHKSMplyzVjQDLGRE35M90UnYXArEWE6cbjOZVDuFK
-----END CERTIFICATE-----
Generated at Tue Mar 12 21:11:42 2024 by rpki-client on console-ams.rpki-client.org