Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MhZ3MxIslKtcD0B5b4e1FPbsAAs.roa
File: MhZ3MxIslKtcD0B5b4e1FPbsAAs.roa (raw, json)
Hash identifier: eTu3S74sVevk/+jCIiRopMPEJc94nOH4HYkrUZvHI3k=
Subject key identifier: 32:16:77:33:12:2C:94:AB:5C:0F:40:79:6F:87:B5:14:F6:EC:00:0B
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019141BC997F7B879355A3346A2EB5EA6A32
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MhZ3MxIslKtcD0B5b4e1FPbsAAs.roa
Signing time: Sun 11 Aug 2024 13:59:24 +0000
ROA not before: Sun 11 Aug 2024 13:59:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 13:50:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:bc:99:7f:7b:87:93:55:a3:34:6a:2e:b5:ea:6a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 11 13:59:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32167733122c94ab5c0f40796f87b514f6ec000b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:f6:1c:51:14:b3:52:61:e7:86:a2:63:11:
f8:cc:5d:0f:b8:b7:a1:db:08:d1:57:e6:1a:d7:ce:
1f:c1:4a:3c:68:27:d2:29:56:6d:80:2f:53:40:48:
f8:6d:ce:fc:c4:99:1c:7f:47:eb:8f:2d:20:d9:4c:
f5:7f:f3:02:3e:a1:b9:1a:36:d0:4e:da:2a:d3:32:
9c:4f:a0:fb:1b:e3:e9:f9:3f:c2:0d:62:61:41:4e:
05:38:84:5f:3f:0a:cb:42:ef:6b:d5:29:ad:d7:61:
c2:81:5a:53:a5:38:60:cc:91:f6:5c:4a:53:24:71:
a2:ca:5d:5c:14:ad:ce:e6:d4:6c:a6:23:ee:b9:50:
dd:49:3f:b2:d8:e9:2e:e1:41:99:92:e3:dd:cc:56:
ab:e5:34:c9:27:01:f9:d8:1d:61:51:87:4a:f3:bf:
5c:3e:19:80:79:a8:fd:28:2c:34:bd:a0:8f:42:10:
d7:78:c6:9a:bb:11:b8:91:26:6c:93:82:d9:77:5d:
68:1b:e7:da:6c:0a:be:74:44:2a:26:89:49:f1:48:
33:9f:b6:48:b9:a2:54:ab:03:f4:ce:6a:1d:bd:b2:
89:59:74:24:04:9e:77:d9:14:97:ef:bf:f4:3d:11:
7e:73:8b:5e:29:e1:fc:cf:b0:a1:33:e6:73:0e:20:
39:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:16:77:33:12:2C:94:AB:5C:0F:40:79:6F:87:B5:14:F6:EC:00:0B
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MhZ3MxIslKtcD0B5b4e1FPbsAAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.252.0/23
79.135.102.0/23
Signature Algorithm: sha256WithRSAEncryption
58:b0:96:66:5f:af:63:f3:6f:bd:db:cc:55:62:73:f2:73:5e:
ee:3c:55:bb:1c:d7:ca:d6:9e:86:63:2b:b8:61:e7:0b:05:3b:
39:45:8c:6c:f0:fa:68:91:d7:d6:bb:bb:7e:d5:e8:8d:a1:67:
a8:be:23:8a:bb:dd:d6:d9:f9:2f:6d:f2:50:d4:e9:33:c1:4d:
84:58:56:d2:8e:b1:e2:70:c9:18:4d:1f:95:44:a6:51:86:14:
8b:dd:ff:c0:d6:cc:0e:54:1b:92:ba:d6:68:ce:56:d4:14:72:
f1:d0:74:90:d8:8e:27:7f:f7:32:d9:4e:44:62:61:b6:21:f1:
aa:a2:b0:29:6c:5f:81:43:3d:18:10:b8:cb:9a:ef:1e:51:2e:
c9:b2:b7:9b:72:83:58:af:ef:c5:26:35:c1:e8:ba:8f:54:4e:
68:0a:cc:f5:a7:1f:76:0a:5f:01:5a:2a:43:61:f8:31:96:db:
b7:d9:c7:89:80:51:49:fb:e0:58:3d:4e:1e:9a:df:21:01:45:
9e:98:a1:6c:f8:5d:6b:3a:c6:34:e6:cc:77:6d:a9:f0:23:84:
43:84:13:f9:dc:29:19:08:ed:da:3d:0e:44:9f:ac:de:ca:71:
05:8a:ed:cf:31:60:20:1f:6e:4f:c3:56:b3:ed:54:65:da:f2:
17:a8:ea:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFBvJl/e4eTVaM0ai616moyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODExMTM1OTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE2NzczMzEyMmM5NGFiNWMwZjQwNzk2Zjg3YjUxNGY2ZWMwMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1D2HFEUs1Jh54aiYxH4zF0PuLeh
2wjRV+Ya184fwUo8aCfSKVZtgC9TQEj4bc78xJkcf0frjy0g2Uz1f/MCPqG5GjbQ
Ttoq0zKcT6D7G+Pp+T/CDWJhQU4FOIRfPwrLQu9r1Smt12HCgVpTpThgzJH2XEpT
JHGiyl1cFK3O5tRspiPuuVDdST+y2Oku4UGZkuPdzFar5TTJJwH52B1hUYdK879c
PhmAeaj9KCw0vaCPQhDXeMaauxG4kSZsk4LZd11oG+fabAq+dEQqJolJ8Ugzn7ZI
uaJUqwP0zmodvbKJWXQkBJ532RSX77/0PRF+c4teKeH8z7ChM+ZzDiA55wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIWdzMSLJSrXA9AeW+HtRT27AALMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvTWhaM014SXNsS3RjRDBCNWI0ZTFGUGJzQUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTo/8AwQB
T4dmMA0GCSqGSIb3DQEBCwUAA4IBAQBYsJZmX69j82+928xVYnPyc17uPFW7HNfK
1p6GYyu4YecLBTs5RYxs8PpokdfWu7t+1eiNoWeoviOKu93W2fkvbfJQ1OkzwU2E
WFbSjrHicMkYTR+VRKZRhhSL3f/A1swOVBuSutZozlbUFHLx0HSQ2I4nf/cy2U5E
YmG2IfGqorApbF+BQz0YELjLmu8eUS7JsrebcoNYr+/FJjXB6LqPVE5oCsz1px92
Cl8BWipDYfgxltu32ceJgFFJ++BYPU4emt8hAUWemKFs+F1rOsY05sx3banwI4RD
hBP53CkZCO3aPQ5En6zeynEFiu3PMWAgH25Pw1az7VRl2vIXqOp4
-----END CERTIFICATE-----
Generated at Tue Aug 13 17:33:07 2024 by rpki-client on console-ams.rpki-client.org