Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DCHZJUwxqtmw8pnsRS-xd6pb8B0.roa
File: DCHZJUwxqtmw8pnsRS-xd6pb8B0.roa (raw, json)
Hash identifier: k/alJVy8tuSfvFoFt5LJcI9xxkJoV2p2yChc3TaupV4=
Subject key identifier: 0C:21:D9:25:4C:31:AA:D9:B0:F2:99:EC:45:2F:B1:77:AA:5B:F0:1D
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019155336E5CD8C294920005FA9E1EF90B65
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DCHZJUwxqtmw8pnsRS-xd6pb8B0.roa
Signing time: Thu 15 Aug 2024 08:41:59 +0000
ROA not before: Thu 15 Aug 2024 08:41:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 15:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:33:6e:5c:d8:c2:94:92:00:05:fa:9e:1e:f9:0b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 15 08:41:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c21d9254c31aad9b0f299ec452fb177aa5bf01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:c2:14:73:ed:c3:77:d6:01:c8:21:7b:02:
a0:86:b9:03:0d:b8:e7:69:d2:be:b9:be:67:0f:70:
c3:72:92:9b:53:68:5d:89:a1:05:df:ba:b4:bd:d1:
25:ee:10:59:d6:dd:c9:2f:b8:a8:fe:f0:ae:79:31:
97:82:47:7e:e8:8f:ee:4b:1d:15:73:68:af:09:7d:
ad:a1:c4:74:ac:94:04:e4:7b:a9:37:73:75:75:7c:
bc:d5:7c:e5:5a:f5:f6:02:4c:32:ac:1e:69:de:05:
76:64:8d:02:5f:ff:67:34:5e:31:ee:27:a3:08:6b:
10:b1:b9:70:bd:ab:cd:49:d9:e8:38:d7:dd:50:da:
a2:2e:d0:ba:3e:51:9c:c0:36:19:9c:c3:77:dc:fe:
57:49:90:16:67:6a:05:15:7c:5d:57:4f:66:3b:b3:
a9:02:a9:28:96:55:d7:2b:33:b2:14:40:58:67:88:
31:39:73:4a:73:b6:d2:64:29:79:c6:fb:d8:f0:ff:
14:e8:5d:12:f2:90:63:d0:11:d0:8e:18:94:ae:23:
d1:6b:f7:c8:5d:24:85:5a:ac:b2:14:b3:9b:66:1e:
45:10:93:78:aa:19:d4:3c:70:92:63:da:80:63:8f:
aa:ed:d8:50:0a:8f:2b:83:a2:3e:48:9b:b6:da:c9:
cb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:21:D9:25:4C:31:AA:D9:B0:F2:99:EC:45:2F:B1:77:AA:5B:F0:1D
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DCHZJUwxqtmw8pnsRS-xd6pb8B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.252.0/23
79.135.102.0/23
Signature Algorithm: sha256WithRSAEncryption
79:2f:1e:d4:5a:4d:60:fd:3f:7b:cd:07:22:33:88:07:64:f4:
fe:65:3d:93:a5:70:90:85:85:1f:b1:9b:06:8f:91:f4:5b:e2:
4f:cd:40:68:15:c6:d4:a3:50:83:0e:45:a6:8f:f9:e2:af:27:
fb:e3:ef:4f:0e:97:c3:b4:37:64:30:fd:b8:aa:31:f6:e1:be:
4a:bf:0a:2b:69:cb:fe:91:0e:4b:d1:0c:5b:6c:f1:ee:03:70:
10:03:82:c1:28:8a:1a:bf:55:51:c8:42:1f:e1:26:53:9c:88:
aa:ff:8e:46:44:7f:77:eb:db:fc:d7:19:a5:fe:a5:83:fc:b7:
61:63:4a:0b:86:6d:56:ae:75:d8:14:47:b1:b2:a1:5c:d9:12:
dd:0d:49:ea:65:93:6a:4f:8e:9f:d2:11:20:fe:d3:55:bc:99:
8b:09:ab:1c:4f:2b:56:89:a2:c5:07:62:d7:d0:72:60:66:a2:
44:a2:8d:da:56:d1:3c:72:67:88:d4:93:a4:8d:d0:8f:64:df:
f4:ef:c4:32:03:31:2d:4a:85:c9:7a:b3:ea:43:b3:c9:63:8f:
b2:06:02:35:60:f8:eb:0f:83:b3:1f:0c:a6:5f:4b:1a:60:6f:
46:25:fe:45:17:1e:32:fb:1e:6b:18:3f:74:c2:d8:ea:7e:16:
df:ef:dd:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFVM25c2MKUkgAF+p4e+QtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODE1MDg0MTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzIxZDkyNTRjMzFhYWQ5YjBmMjk5ZWM0NTJmYjE3N2FhNWJmMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHPCFHPtw3fWAcghewKghrkDDbjn
adK+ub5nD3DDcpKbU2hdiaEF37q0vdEl7hBZ1t3JL7io/vCueTGXgkd+6I/uSx0V
c2ivCX2tocR0rJQE5HupN3N1dXy81XzlWvX2AkwyrB5p3gV2ZI0CX/9nNF4x7iej
CGsQsblwvavNSdnoONfdUNqiLtC6PlGcwDYZnMN33P5XSZAWZ2oFFXxdV09mO7Op
AqkollXXKzOyFEBYZ4gxOXNKc7bSZCl5xvvY8P8U6F0S8pBj0BHQjhiUriPRa/fI
XSSFWqyyFLObZh5FEJN4qhnUPHCSY9qAY4+q7dhQCo8rg6I+SJu22snLGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAwh2SVMMarZsPKZ7EUvsXeqW/AdMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvRENIWkpVd3hxdG13OHBuc1JTLXhkNnBiOEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTo/8AwQB
T4dmMA0GCSqGSIb3DQEBCwUAA4IBAQB5Lx7UWk1g/T97zQciM4gHZPT+ZT2TpXCQ
hYUfsZsGj5H0W+JPzUBoFcbUo1CDDkWmj/niryf74+9PDpfDtDdkMP24qjH24b5K
vworacv+kQ5L0QxbbPHuA3AQA4LBKIoav1VRyEIf4SZTnIiq/45GRH9369v81xml
/qWD/LdhY0oLhm1WrnXYFEexsqFc2RLdDUnqZZNqT46f0hEg/tNVvJmLCascTytW
iaLFB2LX0HJgZqJEoo3aVtE8cmeI1JOkjdCPZN/078QyAzEtSoXJerPqQ7PJY4+y
BgI1YPjrD4OzHwymX0saYG9GJf5FFx4y+x5rGD90wtjqfhbf791c
-----END CERTIFICATE-----
Generated at Mon Aug 26 18:39:40 2024 by rpki-client on console-fra.rpki-client.org