Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_7DMhuAnDFIL6Qy2zKxoI5larcM.roa
File: _7DMhuAnDFIL6Qy2zKxoI5larcM.roa (raw, json)
Hash identifier: 4nYdfs6qPxOdqvRN8lAPevhNmN8bzL38Uk08gMD6ClM=
Subject key identifier: FF:B0:CC:86:E0:27:0C:52:0B:E9:0C:B6:CC:AC:68:23:99:5A:AD:C3
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01914C019CF566211E90BB6BD867816F9BAC
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_7DMhuAnDFIL6Qy2zKxoI5larcM.roa
Signing time: Tue 13 Aug 2024 13:50:59 +0000
ROA not before: Tue 13 Aug 2024 13:50:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 19:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:01:9c:f5:66:21:1e:90:bb:6b:d8:67:81:6f:9b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 13 13:50:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffb0cc86e0270c520be90cb6ccac6823995aadc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3b:58:30:69:51:e4:e3:49:c4:d5:bc:e4:7c:
ec:35:9d:1a:a5:8b:b4:e3:af:0c:1f:26:31:27:a9:
9d:9f:69:a7:0e:5e:f9:80:8c:1a:11:63:d5:ac:ea:
ed:b4:93:18:36:1b:bd:42:60:0b:42:0a:a8:24:ff:
d1:95:40:06:c2:31:6c:a5:6c:48:3a:f2:d6:0d:eb:
2f:64:00:5c:65:4d:28:b7:40:91:66:55:1f:a4:07:
d8:cb:c6:3c:c8:41:66:a5:06:27:8d:15:34:b0:00:
5d:da:ce:f8:09:14:52:51:f6:7d:1b:66:dc:44:3c:
63:16:23:d4:f4:e1:c0:71:70:43:a2:74:15:03:80:
f7:4d:fd:ba:20:67:88:70:b1:9f:d9:d3:6c:a9:f2:
e0:87:6e:f1:e8:9a:3c:c5:61:01:62:78:7f:12:1c:
a5:05:e1:f2:f9:3e:e8:b9:b0:c0:c7:27:0e:10:9c:
a6:5c:53:a4:cf:3d:87:e0:fa:90:bf:89:1b:4d:0b:
10:2d:c7:a0:9b:43:52:48:a6:5e:d7:b0:d0:ab:66:
b4:b6:91:fd:32:e1:9d:5b:a0:b4:a7:5a:e4:57:e3:
e7:1f:ed:b0:fc:ad:53:c4:1e:7d:8d:20:5a:32:d9:
64:3c:db:26:35:23:97:2b:9f:d8:0c:96:b1:12:4d:
28:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B0:CC:86:E0:27:0C:52:0B:E9:0C:B6:CC:AC:68:23:99:5A:AD:C3
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_7DMhuAnDFIL6Qy2zKxoI5larcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:ab:8c:cb:b3:8f:b4:d0:75:a8:37:04:fc:f3:ca:a4:4c:31:
43:16:2f:de:09:99:a5:e4:73:1f:82:e7:1f:25:68:ff:1c:2f:
33:e2:d0:3f:f2:fb:a9:be:25:b9:5e:a2:f9:f2:30:3d:2b:d0:
ef:57:16:da:04:45:6c:a2:43:df:f6:a3:b7:76:75:36:cb:e0:
c4:9b:b3:1b:d0:0f:70:88:a9:2b:63:c9:f0:26:a8:c2:f0:68:
6f:94:8a:8a:0c:05:34:72:c7:50:13:05:89:28:6e:44:24:eb:
cb:6f:ec:cc:20:61:1b:c4:ff:69:6f:23:39:5d:70:8c:3d:aa:
b6:34:be:40:42:9a:d8:7c:ae:cf:0d:ef:f9:39:da:4b:ff:37:
70:a1:15:9a:02:37:08:3b:d2:3d:7d:91:4d:58:a3:1f:3b:22:
02:13:3f:40:08:a1:c1:10:b1:1e:5e:3b:48:76:5a:dc:6c:ab:
cd:0b:43:5e:fe:8e:7b:db:cf:fb:43:05:1f:36:95:c2:46:5f:
5a:01:2e:c1:2a:4a:ad:59:6c:1c:bb:7e:f3:54:24:06:48:46:
43:8a:ab:9c:1c:97:4d:23:05:58:2d:22:d8:f9:e0:87:1c:1f:
c2:7d:4a:42:69:4f:bb:39:73:cc:3c:99:53:74:23:2c:78:61:
bd:f2:a9:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFMAZz1ZiEekLtr2GeBb5usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODEzMTM1MDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmIwY2M4NmUwMjcwYzUyMGJlOTBjYjZjY2FjNjgyMzk5NWFhZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjtYMGlR5ONJxNW85HzsNZ0apYu0
468MHyYxJ6mdn2mnDl75gIwaEWPVrOrttJMYNhu9QmALQgqoJP/RlUAGwjFspWxI
OvLWDesvZABcZU0ot0CRZlUfpAfYy8Y8yEFmpQYnjRU0sABd2s74CRRSUfZ9G2bc
RDxjFiPU9OHAcXBDonQVA4D3Tf26IGeIcLGf2dNsqfLgh27x6Jo8xWEBYnh/Ehyl
BeHy+T7oubDAxycOEJymXFOkzz2H4PqQv4kbTQsQLcegm0NSSKZe17DQq2a0tpH9
MuGdW6C0p1rkV+PnH+2w/K1TxB59jSBaMtlkPNsmNSOXK5/YDJaxEk0omwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+wzIbgJwxSC+kMtsysaCOZWq3DMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvXzdETWh1QW5ERklMNlF5MnpLeG9JNWxhcmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTo/8MA0G
CSqGSIb3DQEBCwUAA4IBAQB/q4zLs4+00HWoNwT888qkTDFDFi/eCZml5HMfgucf
JWj/HC8z4tA/8vupviW5XqL58jA9K9DvVxbaBEVsokPf9qO3dnU2y+DEm7Mb0A9w
iKkrY8nwJqjC8GhvlIqKDAU0csdQEwWJKG5EJOvLb+zMIGEbxP9pbyM5XXCMPaq2
NL5AQprYfK7PDe/5OdpL/zdwoRWaAjcIO9I9fZFNWKMfOyICEz9ACKHBELEeXjtI
dlrcbKvNC0Ne/o5728/7QwUfNpXCRl9aAS7BKkqtWWwcu37zVCQGSEZDiqucHJdN
IwVYLSLY+eCHHB/CfUpCaU+7OXPMPJlTdCMseGG98qnC
-----END CERTIFICATE-----
Generated at Tue Aug 13 20:45:21 2024 by rpki-client on console-fra.rpki-client.org