Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/4cui0Ls92aEUS1xD8yezDElVrho.roa
File: 4cui0Ls92aEUS1xD8yezDElVrho.roa (raw, json)
Hash identifier: FfeH6WM03/9DwXzngt7NRSAHJATpIcJ6sFgNVux6Gjk=
Subject key identifier: E1:CB:A2:D0:BB:3D:D9:A1:14:4B:5C:43:F3:27:B3:0C:49:55:AE:1A
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 01856BCA34656AA18483CB1744B5C548F017
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/4cui0Ls92aEUS1xD8yezDElVrho.roa
Signing time: Sun 01 Jan 2023 05:24:51 +0000
ROA not before: Sun 01 Jan 2023 05:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28738
IP address blocks: 78.153.131.0/24 maxlen: 24
78.153.128.0/24 maxlen: 24
78.153.132.0/23 maxlen: 23
78.153.129.0/24 maxlen: 24
78.153.134.0/24 maxlen: 24
78.153.141.0/24 maxlen: 24
78.153.142.0/24 maxlen: 24
78.153.152.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:34:65:6a:a1:84:83:cb:17:44:b5:c5:48:f0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Jan 1 05:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1cba2d0bb3dd9a1144b5c43f327b30c4955ae1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c7:32:f1:de:32:ca:cc:28:a2:af:02:c0:50:
4a:28:27:37:12:c1:18:f7:57:75:5b:79:af:74:3c:
72:b4:e0:58:2a:c1:f8:57:fe:06:d9:dd:62:bd:19:
21:a4:3f:57:54:ec:74:9f:20:55:f0:b4:a2:0b:28:
28:b6:bc:e6:1c:18:64:c9:19:3b:05:29:7b:c4:7e:
6b:59:2b:4b:2e:84:e5:33:68:ce:ea:20:7d:aa:6a:
ee:71:ca:5c:13:8a:98:13:8e:37:59:49:49:5b:1b:
05:b1:26:e9:10:7e:20:fa:f8:e7:3f:ac:ea:52:89:
21:f4:02:0d:00:17:d6:f7:d6:d6:f6:1c:92:35:bc:
b5:d4:30:2b:8a:c9:1b:25:25:a1:ec:45:aa:ed:a2:
31:3e:1a:32:4d:6b:d2:5b:fd:be:ad:1b:90:b0:e8:
31:e3:56:99:8b:8e:e2:1d:65:15:04:42:7a:67:06:
ae:c3:17:9b:55:f7:09:f5:ed:4b:2c:b1:64:01:df:
10:ff:11:c9:0f:96:48:85:f5:97:24:de:d8:79:aa:
05:51:86:65:5f:a5:82:a4:f7:2e:79:85:22:9a:d7:
ef:30:97:70:b0:fe:a3:71:5b:46:45:cd:ce:c5:09:
2c:c4:80:78:a3:a5:9f:db:8a:da:48:1b:88:a8:27:
bb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CB:A2:D0:BB:3D:D9:A1:14:4B:5C:43:F3:27:B3:0C:49:55:AE:1A
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/4cui0Ls92aEUS1xD8yezDElVrho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.128.0/23
78.153.131.0-78.153.134.255
78.153.141.0-78.153.142.255
78.153.152.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:60:24:b0:4e:77:b0:b2:b1:27:9b:d8:c2:58:1c:c1:a5:dc:
e6:6e:23:d0:fa:ab:20:9d:85:8a:8f:25:f0:2c:94:15:92:e8:
f3:cf:32:52:d7:73:97:f7:77:97:d4:2f:b7:f0:3c:56:4c:82:
b8:27:f2:da:bd:5b:88:7c:cf:f9:df:89:0c:5e:fe:13:ca:4b:
5b:62:42:90:24:c5:a8:36:6f:28:74:c6:0d:07:83:4d:5f:e0:
87:09:6b:cf:e6:c3:f3:1e:f6:08:8c:d1:53:78:6c:18:1f:ce:
48:37:d0:55:e4:56:ee:86:ea:06:07:81:ad:fe:cb:74:a1:3b:
2a:81:42:19:21:8f:0a:5a:35:ec:04:3f:23:1a:8b:f0:55:62:
a6:76:33:f7:e6:8c:14:e4:52:70:42:cc:cd:db:c8:be:cf:e0:
9f:be:be:57:8f:81:f6:d0:6b:ae:e4:6b:ff:02:52:45:9c:48:
3c:5a:77:cc:1f:d2:fd:c3:ee:8b:0a:f7:9f:97:e4:87:ea:b5:
b0:95:8c:14:f7:6d:3c:ce:5f:53:b8:9f:e6:15:db:0c:60:f7:
f2:b5:ef:51:4f:0e:0c:89:b8:cb:02:30:a0:66:ea:58:26:b0:
12:61:46:4a:c7:37:f9:98:2b:a3:5a:c5:71:f9:09:df:38:dc:
e1:b9:09:a1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVryjRlaqGEg8sXRLXFSPAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjMwMTAxMDUyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWNiYTJkMGJiM2RkOWExMTQ0YjVjNDNmMzI3YjMwYzQ5NTVhZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxccy8d4yyswooq8CwFBKKCc3EsEY
91d1W3mvdDxytOBYKsH4V/4G2d1ivRkhpD9XVOx0nyBV8LSiCygotrzmHBhkyRk7
BSl7xH5rWStLLoTlM2jO6iB9qmruccpcE4qYE443WUlJWxsFsSbpEH4g+vjnP6zq
Uokh9AINABfW99bW9hySNby11DAriskbJSWh7EWq7aIxPhoyTWvSW/2+rRuQsOgx
41aZi47iHWUVBEJ6ZwauwxebVfcJ9e1LLLFkAd8Q/xHJD5ZIhfWXJN7YeaoFUYZl
X6WCpPcueYUimtfvMJdwsP6jcVtGRc3OxQksxIB4o6Wf24raSBuIqCe7LQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOHLotC7PdmhFEtcQ/MnswxJVa4aMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvNGN1aTBMczkyYUVVUzF4RDh5ZXpERWxWcmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBTpmAMAwD
BABOmYMDBABOmYYwDAMEAE6ZjQMEAE6ZjgMEAU6ZmDANBgkqhkiG9w0BAQsFAAOC
AQEAs2AksE53sLKxJ5vYwlgcwaXc5m4j0PqrIJ2Fio8l8CyUFZLo888yUtdzl/d3
l9Qvt/A8VkyCuCfy2r1biHzP+d+JDF7+E8pLW2JCkCTFqDZvKHTGDQeDTV/ghwlr
z+bD8x72CIzRU3hsGB/OSDfQVeRW7obqBgeBrf7LdKE7KoFCGSGPClo17AQ/IxqL
8FVipnYz9+aMFORScELMzdvIvs/gn76+V4+B9tBrruRr/wJSRZxIPFp3zB/S/cPu
iwr3n5fkh+q1sJWMFPdtPM5fU7if5hXbDGD38rXvUU8ODIm4ywIwoGbqWCawEmFG
Ssc3+Zgro1rFcfkJ3zjc4bkJoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:11 2024 by rpki-client on console-fra.rpki-client.org