Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/MhDTJSBBk61gGEK4XzEbWIuHQls.roa
File: MhDTJSBBk61gGEK4XzEbWIuHQls.roa (raw, json)
Hash identifier: nkYSEoWToEKtywSqg1lmqcEEL9nNNg3M4szBaS0v0u8=
Subject key identifier: 32:10:D3:25:20:41:93:AD:60:18:42:B8:5F:31:1B:58:8B:87:42:5B
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 018DA7799E0AE164B7364A8A7FBCA53DF462
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/MhDTJSBBk61gGEK4XzEbWIuHQls.roa
Signing time: Wed 14 Feb 2024 11:56:21 +0000
ROA not before: Wed 14 Feb 2024 11:56:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29447
IP address blocks: 78.208.0.0/12 maxlen: 12
78.208.0.0/17 maxlen: 17
78.208.128.0/17 maxlen: 17
78.209.0.0/17 maxlen: 17
78.209.128.0/17 maxlen: 17
78.210.0.0/17 maxlen: 17
78.210.128.0/17 maxlen: 17
78.211.0.0/17 maxlen: 17
78.211.128.0/17 maxlen: 17
81.56.0.0/15 maxlen: 17
2a01:e09::/32 maxlen: 32
2a01:e10::/30 maxlen: 30
2a01:e11::/32 maxlen: 32
2a01:e11::/36 maxlen: 36
2a01:e11:1000::/36 maxlen: 36
2a01:e11:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 16 Feb 2024 18:12:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:79:9e:0a:e1:64:b7:36:4a:8a:7f:bc:a5:3d:f4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Feb 14 11:56:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3210d325204193ad601842b85f311b588b87425b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1c:3d:7d:aa:00:86:5c:67:9e:cd:c6:11:be:
0c:c4:4b:c3:4e:00:4e:62:f6:c7:9a:b7:a9:0b:0c:
42:19:64:aa:b8:73:fd:f9:9a:ed:9d:29:19:c4:1f:
40:bc:f4:b9:7b:1f:8c:8d:51:cb:db:4e:54:84:0b:
78:5a:d1:c7:4a:62:1a:89:4c:b8:c0:07:ee:34:b8:
03:8d:51:d2:1b:82:fb:de:38:66:18:96:a7:83:f9:
68:1c:33:2e:a8:63:72:9e:cb:33:53:45:d3:85:cb:
d0:7a:38:4e:7c:93:1b:2a:49:42:f5:d2:6a:d1:7c:
3f:aa:09:18:73:be:b9:69:1f:c5:a7:5d:36:cf:8a:
9b:68:ff:be:e6:81:0b:69:f3:6e:f2:8b:43:e0:5a:
c3:54:19:5f:ae:2b:1b:6d:47:15:28:9c:1f:ca:a4:
fe:8c:75:9a:c8:ec:ff:48:fe:33:d8:67:26:33:bb:
dd:90:45:dc:71:cd:41:ab:70:07:66:07:28:6c:9d:
73:a4:3e:0a:1a:41:b0:10:4d:c4:24:59:b4:c5:08:
ea:b1:3b:61:8e:e7:da:ca:66:c7:79:1c:2a:42:de:
14:9a:0e:e5:b4:7e:52:3c:be:a2:3f:4f:2e:1c:0f:
4a:64:24:86:46:bd:e5:3d:8c:f5:7f:42:bf:c3:c9:
fc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:10:D3:25:20:41:93:AD:60:18:42:B8:5F:31:1B:58:8B:87:42:5B
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/MhDTJSBBk61gGEK4XzEbWIuHQls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.208.0.0/12
81.56.0.0/15
IPv6:
2a01:e09::/32
2a01:e10::/30
Signature Algorithm: sha256WithRSAEncryption
88:b6:b4:ab:8f:4a:fa:37:49:02:eb:c6:65:1a:4a:31:3d:ea:
e0:01:db:ab:0f:ac:21:36:ee:cb:6e:84:0b:54:a9:62:93:2a:
ee:e2:39:cd:c8:6d:96:08:91:4e:4c:e8:22:c9:80:96:89:b1:
22:43:e4:eb:69:83:28:e7:3f:a8:4e:c3:b6:bc:ad:24:de:3b:
90:fa:fc:14:97:3b:a0:ef:94:db:a0:e3:68:9e:04:52:c2:b9:
4f:81:da:84:c3:a5:2c:b5:db:01:fe:79:cc:d1:93:70:01:4f:
72:16:c6:01:41:66:31:5c:65:a9:e1:63:f1:de:5d:49:b0:d2:
ba:ef:61:42:ce:cf:6d:db:d9:4d:b5:a3:3c:dd:30:16:bf:ca:
43:6a:3b:cb:d9:f5:4a:c6:3c:dc:17:b5:69:7c:c8:3b:99:3b:
6e:dd:97:38:55:a3:d3:3a:92:ee:b3:a0:ff:a7:4f:ec:8f:f5:
e6:51:df:d0:1b:8a:5e:96:2b:7c:f4:7f:95:ff:92:5e:50:b9:
bd:9c:e6:3a:fd:b9:06:5f:7b:95:98:0a:8b:6d:f5:b1:09:e4:
9b:a5:d9:17:6e:07:b7:be:79:e1:e6:de:4a:5a:0e:88:88:60:
18:9f:fa:07:58:08:23:f4:94:0e:34:37:09:63:5e:c8:56:05:
56:2d:29:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2neZ4K4WS3NkqKf7ylPfRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjQwMjE0MTE1NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEwZDMyNTIwNDE5M2FkNjAxODQyYjg1ZjMxMWI1ODhiODc0MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBw9faoAhlxnns3GEb4MxEvDTgBO
YvbHmrepCwxCGWSquHP9+ZrtnSkZxB9AvPS5ex+MjVHL205UhAt4WtHHSmIaiUy4
wAfuNLgDjVHSG4L73jhmGJang/loHDMuqGNynsszU0XThcvQejhOfJMbKklC9dJq
0Xw/qgkYc765aR/Fp102z4qbaP++5oELafNu8otD4FrDVBlfrisbbUcVKJwfyqT+
jHWayOz/SP4z2GcmM7vdkEXccc1Bq3AHZgcobJ1zpD4KGkGwEE3EJFm0xQjqsTth
jufaymbHeRwqQt4Umg7ltH5SPL6iP08uHA9KZCSGRr3lPYz1f0K/w8n83QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDIQ0yUgQZOtYBhCuF8xG1iLh0JbMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvTWhEVEpTQkJrNjFnR0VLNFh6RWJXSXVIUWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAQBAIAATAKAwMETtADAwFR
ODAUBAIAAjAOAwUAKgEOCQMFAioBDhAwDQYJKoZIhvcNAQELBQADggEBAIi2tKuP
Svo3SQLrxmUaSjE96uAB26sPrCE27stuhAtUqWKTKu7iOc3IbZYIkU5M6CLJgJaJ
sSJD5OtpgyjnP6hOw7a8rSTeO5D6/BSXO6DvlNug42ieBFLCuU+B2oTDpSy12wH+
eczRk3ABT3IWxgFBZjFcZanhY/HeXUmw0rrvYULOz23b2U21ozzdMBa/ykNqO8vZ
9UrGPNwXtWl8yDuZO27dlzhVo9M6ku6zoP+nT+yP9eZR39Abil6WK3z0f5X/kl5Q
ub2c5jr9uQZfe5WYCott9bEJ5Jul2RduB7e+eeHm3kpaDoiIYBif+gdYCCP0lA40
NwljXshWBVYtKaY=
-----END CERTIFICATE-----
Generated at Fri Feb 16 21:17:45 2024 by rpki-client on console-ams.rpki-client.org