Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/HaNLVUNjmjJ7tAk1U7_k7yvr5zc.roa
File: HaNLVUNjmjJ7tAk1U7_k7yvr5zc.roa (raw, json)
Hash identifier: R7EhoacM7f2hB2P7/c07FgCX4tb/uPa/nm4YjR6OtMY=
Subject key identifier: 1D:A3:4B:55:43:63:9A:32:7B:B4:09:35:53:BF:E4:EF:2B:EB:E7:37
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 018E4B87F593547A7F9098FC39DA091D3CC1
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/HaNLVUNjmjJ7tAk1U7_k7yvr5zc.roa
Signing time: Sun 17 Mar 2024 08:29:45 +0000
ROA not before: Sun 17 Mar 2024 08:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 78.153.139.0/24 maxlen: 24
78.153.144.0/24 maxlen: 24
78.153.148.0/24 maxlen: 24
78.153.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 08:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4b:87:f5:93:54:7a:7f:90:98:fc:39:da:09:1d:3c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Mar 17 08:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da34b5543639a327bb4093553bfe4ef2bebe737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:65:da:ba:1c:e1:ae:59:c6:76:0a:34:9e:a8:
b3:ba:f9:43:53:7f:81:63:5b:c5:f5:76:a9:fb:b2:
59:9b:f3:ed:4e:57:97:81:ff:31:79:aa:25:6a:ac:
4d:f4:0a:11:07:b3:ed:71:74:6b:7e:1c:1e:1b:d2:
92:86:be:8b:49:de:e3:a4:78:9e:a1:d0:5e:80:a6:
02:88:ad:8b:7c:77:67:ef:fa:77:d6:8f:2b:a6:eb:
b2:43:d5:d9:09:ac:f8:f0:f3:f7:1c:ec:11:04:25:
2d:a4:81:42:16:2e:b9:84:c9:5c:2e:30:0a:7b:56:
64:8e:81:a4:c6:a0:44:6d:56:80:45:0b:fc:24:5a:
e3:89:bf:90:71:c9:04:0a:a2:f9:d1:e0:25:73:02:
62:5f:b9:8d:af:7b:b3:62:a1:17:0b:07:b8:c0:13:
28:0a:d4:b3:91:21:92:e3:39:7f:77:5b:61:78:ea:
98:0e:0c:8e:53:6a:b7:21:3f:1a:2b:da:3f:7f:9e:
7b:dc:f8:86:52:c2:9d:2d:34:6e:65:5c:6a:ac:9c:
37:8e:0b:69:e4:21:07:8a:d2:80:1c:6d:cd:34:73:
49:56:32:0f:3d:df:3e:f4:f7:39:83:71:33:33:68:
19:37:3c:b5:15:4b:66:09:0f:76:42:d0:00:85:28:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A3:4B:55:43:63:9A:32:7B:B4:09:35:53:BF:E4:EF:2B:EB:E7:37
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/HaNLVUNjmjJ7tAk1U7_k7yvr5zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.139.0/24
78.153.144.0/24
78.153.148.0/23
Signature Algorithm: sha256WithRSAEncryption
31:b8:18:62:c2:ed:a4:b5:7c:a5:e8:47:82:15:29:ed:e9:70:
f2:93:d8:b9:f3:37:ac:80:be:53:76:8f:dc:54:c7:bb:de:0a:
db:95:46:ea:4a:2e:98:0e:fa:8f:84:66:02:9a:7b:56:19:0d:
e7:45:06:15:32:1f:05:0a:e7:39:60:02:49:06:26:3d:3a:20:
53:60:9f:a3:43:45:68:5d:9a:79:f5:44:79:33:ad:14:3f:a7:
4d:b3:e6:0d:ff:0c:b0:e4:ac:f6:fb:f3:89:90:e0:78:d8:32:
3b:cb:6b:50:7c:b6:88:d3:bd:6b:c2:86:63:66:c0:ce:94:fb:
78:2d:3b:7e:38:6d:37:49:21:3c:88:87:63:cb:88:17:be:2f:
b5:54:c1:99:92:9c:ff:f0:1d:46:6b:70:a1:c8:74:a3:ee:0b:
39:6c:51:90:a5:24:ae:ef:54:c7:72:83:74:3f:63:75:98:cd:
fa:93:bc:81:52:70:61:70:38:93:44:19:a0:2c:2f:bc:f1:62:
72:aa:4a:16:66:1b:0a:08:0e:dc:70:3d:1a:6a:26:ff:f6:15:
93:0e:c0:99:eb:a6:79:9e:ac:ab:12:14:b5:68:7c:0c:08:2b:
69:a1:35:58:4d:20:fe:f8:af:bc:9d:88:cc:6c:e0:78:c8:74:
3e:3f:d9:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5Lh/WTVHp/kJj8OdoJHTzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwMzE3MDgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEzNGI1NTQzNjM5YTMyN2JiNDA5MzU1M2JmZTRlZjJiZWJlNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2XauhzhrlnGdgo0nqizuvlDU3+B
Y1vF9Xap+7JZm/PtTleXgf8xeaolaqxN9AoRB7PtcXRrfhweG9KShr6LSd7jpHie
odBegKYCiK2LfHdn7/p31o8rpuuyQ9XZCaz48PP3HOwRBCUtpIFCFi65hMlcLjAK
e1ZkjoGkxqBEbVaARQv8JFrjib+QcckECqL50eAlcwJiX7mNr3uzYqEXCwe4wBMo
CtSzkSGS4zl/d1theOqYDgyOU2q3IT8aK9o/f5573PiGUsKdLTRuZVxqrJw3jgtp
5CEHitKAHG3NNHNJVjIPPd8+9Pc5g3EzM2gZNzy1FUtmCQ92QtAAhSjX+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB2jS1VDY5oye7QJNVO/5O8r6+c3MB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvSGFOTFZVTmptako3dEFrMVU3X2s3eXZyNXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATpmLAwQA
TpmQAwQBTpmUMA0GCSqGSIb3DQEBCwUAA4IBAQAxuBhiwu2ktXyl6EeCFSnt6XDy
k9i58zesgL5Tdo/cVMe73grblUbqSi6YDvqPhGYCmntWGQ3nRQYVMh8FCuc5YAJJ
BiY9OiBTYJ+jQ0VoXZp59UR5M60UP6dNs+YN/wyw5Kz2+/OJkOB42DI7y2tQfLaI
071rwoZjZsDOlPt4LTt+OG03SSE8iIdjy4gXvi+1VMGZkpz/8B1Ga3ChyHSj7gs5
bFGQpSSu71THcoN0P2N1mM36k7yBUnBhcDiTRBmgLC+88WJyqkoWZhsKCA7ccD0a
aib/9hWTDsCZ66Z5nqyrEhS1aHwMCCtpoTVYTSD++K+8nYjMbOB4yHQ+P9kg
-----END CERTIFICATE-----
Generated at Mon Oct 14 11:30:52 2024 by rpki-client on console-ams.rpki-client.org