Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ykjWUmbE6JfVDnFwlexYzLblbos.roa
File: ykjWUmbE6JfVDnFwlexYzLblbos.roa (raw, json)
Hash identifier: 1KWP9Y7Y/0K8DPNa+bkzzz7hcCCmjmi8Ma/iWYYHZH8=
Subject key identifier: CA:48:D6:52:66:C4:E8:97:D5:0E:71:70:95:EC:58:CC:B6:E5:6E:8B
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 018CB4B6FF37968C7E05D85D02C34B9471AA
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ykjWUmbE6JfVDnFwlexYzLblbos.roa
Signing time: Fri 29 Dec 2023 08:35:40 +0000
ROA not before: Fri 29 Dec 2023 08:35:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8342
IP address blocks: 78.153.151.0/24 maxlen: 24
78.153.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:b6:ff:37:96:8c:7e:05:d8:5d:02:c3:4b:94:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Dec 29 08:35:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca48d65266c4e897d50e717095ec58ccb6e56e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:cf:58:1a:bb:18:f4:46:3a:41:7b:11:93:
87:9c:15:5a:75:fb:22:32:9e:1f:b1:17:c0:71:7c:
08:5e:57:8a:b9:5a:3a:5c:91:ae:2d:08:b9:01:90:
f9:5e:4c:41:f9:a1:d5:b2:11:b5:e9:c7:f0:dc:c6:
3f:b8:0a:4e:0d:c0:f5:e4:51:12:85:ef:5d:a5:22:
29:bf:2d:f6:c5:90:8e:1d:c9:d2:c7:0e:4d:e3:cc:
c7:03:1a:4b:49:8d:34:6f:f8:e3:c0:5f:63:ec:ec:
40:35:da:ef:ea:76:b0:c0:0d:88:0c:b4:33:0f:39:
b5:7b:50:81:10:ac:97:90:d5:1e:9c:05:c9:f2:ec:
79:26:92:fa:5a:da:5b:06:ba:ac:3f:23:00:ef:f5:
71:30:9c:15:bc:0a:b7:3d:46:3b:3e:86:a0:0e:41:
db:7d:c4:f4:56:ef:38:51:29:40:db:48:d6:09:93:
82:8a:2d:58:39:29:5f:62:0f:c2:ac:90:5b:2a:a5:
c3:30:8a:6d:4f:4e:17:c0:73:ef:fc:d8:2f:61:ee:
cd:2b:9f:c3:41:1c:e0:48:cd:ca:eb:c8:b7:89:88:
75:26:1f:71:0c:e4:7f:50:06:91:e3:eb:14:cb:bc:
41:9a:9b:30:bf:81:bd:e7:7e:c5:3f:56:32:30:8a:
e3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:D6:52:66:C4:E8:97:D5:0E:71:70:95:EC:58:CC:B6:E5:6E:8B
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/ykjWUmbE6JfVDnFwlexYzLblbos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.150.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:a2:3e:f5:2c:6e:56:11:81:9c:03:95:14:20:7a:d5:f3:de:
2e:f5:a4:4a:61:ce:f6:0d:b2:46:c2:c2:29:97:5d:82:6a:48:
ea:dc:6c:c4:fe:98:68:bb:55:71:ea:79:f0:7b:0e:81:db:7e:
05:c6:45:53:51:85:1d:0d:22:b9:9e:98:b8:25:23:1f:55:cc:
81:bc:c3:a7:1e:c9:f2:06:4f:7c:de:92:16:c9:b0:2b:16:03:
56:d2:02:4e:e1:64:52:8a:44:90:74:a8:02:00:9c:ea:2a:d7:
9d:0d:f9:b6:73:45:49:86:4c:c5:ff:17:cf:28:a5:ce:b7:aa:
0b:f7:9e:51:40:c0:1c:d5:85:43:d9:27:d9:02:c5:c8:b8:c6:
f8:d9:a3:cd:7d:8e:61:4c:b0:dc:2f:d6:3e:46:d8:0f:95:b1:
31:bb:e2:67:99:30:89:8e:2b:16:b8:16:74:a9:58:2e:71:6e:
2c:0a:e1:2b:e1:16:62:cf:4e:12:33:93:81:f5:f2:b6:25:01:
5d:e5:5c:af:25:13:d0:31:c9:70:25:77:0c:f7:8e:26:6e:8b:
12:9a:0f:93:07:8f:bb:98:a0:32:11:d9:26:8a:5a:11:4b:a3:
4e:1a:7d:74:12:a8:a1:bc:82:0e:94:1a:4c:09:3a:71:97:91:
0c:3f:20:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy0tv83lox+BdhdAsNLlHGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjMxMjI5MDgzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ4ZDY1MjY2YzRlODk3ZDUwZTcxNzA5NWVjNThjY2I2ZTU2ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvarPWBq7GPRGOkF7EZOHnBVadfsi
Mp4fsRfAcXwIXleKuVo6XJGuLQi5AZD5XkxB+aHVshG16cfw3MY/uApODcD15FES
he9dpSIpvy32xZCOHcnSxw5N48zHAxpLSY00b/jjwF9j7OxANdrv6nawwA2IDLQz
Dzm1e1CBEKyXkNUenAXJ8ux5JpL6WtpbBrqsPyMA7/VxMJwVvAq3PUY7PoagDkHb
fcT0Vu84USlA20jWCZOCii1YOSlfYg/CrJBbKqXDMIptT04XwHPv/NgvYe7NK5/D
QRzgSM3K68i3iYh1Jh9xDOR/UAaR4+sUy7xBmpswv4G9537FP1YyMIrj0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpI1lJmxOiX1Q5xcJXsWMy25W6LMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEveWtqV1VtYkU2SmZWRG5Gd2xleFl6TGJsYm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTpmWMA0G
CSqGSIb3DQEBCwUAA4IBAQCKoj71LG5WEYGcA5UUIHrV894u9aRKYc72DbJGwsIp
l12Cakjq3GzE/phou1Vx6nnwew6B234FxkVTUYUdDSK5npi4JSMfVcyBvMOnHsny
Bk983pIWybArFgNW0gJO4WRSikSQdKgCAJzqKtedDfm2c0VJhkzF/xfPKKXOt6oL
955RQMAc1YVD2SfZAsXIuMb42aPNfY5hTLDcL9Y+RtgPlbExu+JnmTCJjisWuBZ0
qVgucW4sCuEr4RZiz04SM5OB9fK2JQFd5VyvJRPQMclwJXcM944mbosSmg+TB4+7
mKAyEdkmiloRS6NOGn10EqihvIIOlBpMCTpxl5EMPyBZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:22 2024 by rpki-client on console-ams.rpki-client.org