Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/yxFy4X0NUTYAnPXPWQQ-VqfZdt8.roa
File: yxFy4X0NUTYAnPXPWQQ-VqfZdt8.roa (raw, json)
Hash identifier: zxxSiGjwVkrq0daq0qFCb7ChM13UAQCbrJCt0Ng2Vu0=
Subject key identifier: CB:11:72:E1:7D:0D:51:36:00:9C:F5:CF:59:04:3E:56:A7:D9:76:DF
Certificate issuer: /CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Certificate serial: 018CC2DB0F2BB77C33E5B0B6C09490618228
Authority key identifier: A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/yxFy4X0NUTYAnPXPWQQ-VqfZdt8.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43566
IP address blocks: 178.23.24.0/22 maxlen: 24
178.23.24.0/21 maxlen: 24
178.23.24.0/24 maxlen: 24
178.23.26.0/23 maxlen: 24
178.23.28.0/22 maxlen: 24
178.23.25.0/24 maxlen: 24
78.110.224.0/20 maxlen: 24
78.110.224.0/21 maxlen: 24
78.110.232.0/21 maxlen: 24
2a11:7f80::/32 maxlen: 36
2a11:7f80:8000::/33 maxlen: 36
2a11:7f80::/33 maxlen: 36
Validation: Failed, certificate revoked on Wed 10 Apr 2024 13:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0f:2b:b7:7c:33:e5:b0:b6:c0:94:90:61:82:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3ceb405987a3aa8bbe599d8ef4663c9242a34b8
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb1172e17d0d5136009cf5cf59043e56a7d976df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:50:d6:c6:fa:03:af:af:47:e2:13:2b:61:6a:
7f:a6:e0:4f:db:01:30:1d:31:3d:d2:0c:23:a0:d1:
d9:2a:df:a2:df:f8:11:2e:21:81:63:bd:60:a2:a1:
96:5a:5e:00:32:b0:19:2b:88:16:12:ca:14:95:aa:
2e:06:3c:b0:9b:76:cd:17:7c:bc:0b:07:4b:a5:63:
59:4e:2f:3c:b9:c2:a0:11:c6:c5:0a:af:ba:8f:f3:
97:3e:c8:06:a8:43:3b:53:97:a9:f0:0d:4a:f2:a1:
94:a0:bc:a9:ca:8f:b4:d4:ef:83:28:88:6d:f6:9a:
93:09:c7:0a:cb:f4:0e:17:38:18:fe:4d:a0:54:b5:
06:be:7c:33:1c:06:64:fe:b1:b5:ec:f9:f8:34:0d:
c8:45:12:21:8e:19:78:ec:5f:8f:94:0b:67:04:43:
99:e4:23:7f:df:c4:30:33:00:79:1e:12:0d:f1:50:
b9:f4:47:63:1e:87:a2:ef:71:cd:b4:26:5e:ad:e4:
ea:c1:90:57:40:c2:08:90:ae:4f:3c:3d:ce:06:36:
0a:dd:5e:36:d5:a1:6c:8c:fc:3a:5b:ab:65:6c:70:
ea:58:80:77:d9:6f:36:d3:81:ed:16:91:82:d7:1e:
48:c3:a0:7e:3d:32:6d:23:5a:85:26:e2:25:3d:08:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:11:72:E1:7D:0D:51:36:00:9C:F5:CF:59:04:3E:56:A7:D9:76:DF
X509v3 Authority Key Identifier:
keyid:A3:CE:B4:05:98:7A:3A:A8:BB:E5:99:D8:EF:46:63:C9:24:2A:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o860BZh6Oqi75ZnY70ZjySQqNLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/yxFy4X0NUTYAnPXPWQQ-VqfZdt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a6831e-f3ae-455f-a395-5db851d6f086/1/o860BZh6Oqi75ZnY70ZjySQqNLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.224.0/20
178.23.24.0/21
IPv6:
2a11:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
00:48:3e:c7:1d:78:cc:7e:ee:fe:b7:42:22:d4:60:f4:34:4b:
a6:14:24:30:6e:77:b1:4d:3f:dd:f0:35:7a:73:28:0b:f9:23:
ea:36:d6:90:68:61:ec:e6:8d:f6:eb:c7:a5:2c:4f:f9:8f:2c:
e7:17:c1:a3:d4:6b:cb:0d:3e:8d:a9:3d:ce:c4:71:58:77:28:
65:43:a7:bb:f5:a5:f4:b5:96:7b:65:53:04:7c:cd:f9:d8:ab:
4a:42:13:d4:14:b5:bc:9a:fa:3f:4d:a1:ee:10:8e:73:5e:39:
f5:36:28:9a:30:e2:d9:4f:fb:3e:8d:4a:8d:b8:cf:3f:20:7b:
aa:d8:9d:d6:ac:9a:7a:a7:d0:87:e2:da:e5:cc:a0:50:b9:52:
24:63:df:bd:7a:7d:62:4d:d0:88:b5:b0:53:ef:af:c7:57:c5:
01:e9:8f:8e:31:4f:07:a6:3c:7e:bc:70:70:29:7a:5a:84:a9:
e8:37:45:8c:f8:cc:99:d5:fd:d6:07:7b:f5:29:3a:1b:46:06:
33:4f:b8:8d:c2:4a:40:5c:28:c3:97:f4:cb:41:a6:9d:73:0a:
e5:b2:bd:2a:b0:d0:51:81:d9:36:a9:36:ca:59:9c:53:2f:9c:
60:e4:27:ef:f5:6f:eb:68:d5:9b:2b:ec:1e:0e:74:b8:f3:17:
34:94:9a:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2w8rt3wz5bC2wJSQYYIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzY2ViNDA1OTg3YTNhYThiYmU1OTlkOGVmNDY2M2M5MjQy
YTM0YjgwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjExNzJlMTdkMGQ1MTM2MDA5Y2Y1Y2Y1OTA0M2U1NmE3ZDk3NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFDWxvoDr69H4hMrYWp/puBP2wEw
HTE90gwjoNHZKt+i3/gRLiGBY71goqGWWl4AMrAZK4gWEsoUlaouBjywm3bNF3y8
CwdLpWNZTi88ucKgEcbFCq+6j/OXPsgGqEM7U5ep8A1K8qGUoLypyo+01O+DKIht
9pqTCccKy/QOFzgY/k2gVLUGvnwzHAZk/rG17Pn4NA3IRRIhjhl47F+PlAtnBEOZ
5CN/38QwMwB5HhIN8VC59EdjHoei73HNtCZereTqwZBXQMIIkK5PPD3OBjYK3V42
1aFsjPw6W6tlbHDqWIB32W8204HtFpGC1x5Iw6B+PTJtI1qFJuIlPQj9wQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMsRcuF9DVE2AJz1z1kEPlan2XbfMB8GA1UdIwQY
MBaAFKPOtAWYejqou+WZ2O9GY8kkKjS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUt
NWRiODUxZDZmMDg2LzEveXhGeTRYME5VVFlBblBYUFdRUS1WcWZaZHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hNjgzMWUtZjNhZS00NTVmLWEzOTUtNWRiODUxZDZmMDg2
LzEvbzg2MEJaaDZPcWk3NVpuWTcwWmp5U1FxTkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm7gAwQD
shcYMA0EAgACMAcDBQAqEX+AMA0GCSqGSIb3DQEBCwUAA4IBAQAASD7HHXjMfu7+
t0Ii1GD0NEumFCQwbnexTT/d8DV6cygL+SPqNtaQaGHs5o3268elLE/5jyznF8Gj
1GvLDT6NqT3OxHFYdyhlQ6e79aX0tZZ7ZVMEfM352KtKQhPUFLW8mvo/TaHuEI5z
Xjn1NiiaMOLZT/s+jUqNuM8/IHuq2J3WrJp6p9CH4trlzKBQuVIkY9+9en1iTdCI
tbBT76/HV8UB6Y+OMU8Hpjx+vHBwKXpahKnoN0WM+MyZ1f3WB3v1KTobRgYzT7iN
wkpAXCjDl/TLQaadcwrlsr0qsNBRgdk2qTbKWZxTL5xg5Cfv9W/raNWbK+weDnS4
8xc0lJpG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org