Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/5IhbADWVt5gKJgHomk_BFXazp4w.roa
File: 5IhbADWVt5gKJgHomk_BFXazp4w.roa (raw, json)
Hash identifier: krRfS8hUla5qsXb4V4cJ8McMCRP0IukdN8KeRYYHeEE=
Subject key identifier: E4:88:5B:00:35:95:B7:98:0A:26:01:E8:9A:4F:C1:15:76:B3:A7:8C
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018570D51A5C365057D6867ADFCF8F27ED46
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/5IhbADWVt5gKJgHomk_BFXazp4w.roa
Signing time: Mon 02 Jan 2023 04:54:52 +0000
ROA not before: Mon 02 Jan 2023 04:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399578
IP address blocks: 78.143.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:1a:5c:36:50:57:d6:86:7a:df:cf:8f:27:ed:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 04:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4885b003595b7980a2601e89a4fc11576b3a78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:29:8b:b3:3e:a9:61:13:b1:ca:31:5d:bb:
1a:7d:2e:b3:c0:24:e7:69:04:74:41:c3:85:c0:bb:
b8:ae:fd:94:df:d8:e7:c5:0a:08:c6:02:9d:4d:2b:
c9:e8:7c:21:9c:74:4a:d7:13:8b:bf:ad:51:fb:05:
d9:c0:1d:b7:73:13:71:ad:40:0b:9b:17:76:18:d4:
80:96:fe:7e:7b:dc:4b:24:b9:a2:e6:aa:d0:fd:2d:
47:69:31:93:6e:77:0b:03:4e:37:c9:b0:3d:1b:87:
85:95:75:ed:12:61:03:5a:78:e1:4b:42:71:e4:33:
ea:bf:aa:f3:f1:81:b9:26:5f:32:ed:2c:a6:3a:d1:
86:a7:57:bd:2b:3f:5a:d0:39:ab:34:b7:b8:87:29:
4c:1b:9a:0a:84:55:b5:6a:a8:20:31:89:a7:56:65:
61:74:b2:a5:ed:a7:88:3e:80:9b:25:76:6b:ee:a4:
f2:24:3c:d2:46:ae:09:90:9a:95:46:c8:de:f8:32:
ea:e3:03:7f:df:ad:88:b8:11:ea:4c:43:b7:31:cc:
1f:74:98:8c:35:42:77:e5:51:7c:05:6e:46:16:76:
28:1d:66:c1:6f:7c:1c:46:18:28:f1:da:c5:b0:0f:
0c:4e:cb:32:69:c9:75:bc:3d:1f:59:68:d2:ff:9c:
db:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:88:5B:00:35:95:B7:98:0A:26:01:E8:9A:4F:C1:15:76:B3:A7:8C
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/5IhbADWVt5gKJgHomk_BFXazp4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.242.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ea:69:ae:b5:5b:61:62:42:78:99:fe:03:67:ff:2e:9c:13:
ee:9e:f5:7f:ed:8b:2d:a9:63:e2:9c:ec:89:1f:8b:8d:3e:34:
b3:cf:f3:6c:f1:ba:f4:97:df:e9:2f:98:0c:56:e6:f6:97:5b:
e6:0d:78:84:08:94:37:88:09:a5:97:5f:a4:48:4d:ce:ff:dd:
91:fb:06:19:a0:19:ad:39:ad:ab:0e:27:e3:0c:e1:da:01:04:
dd:d9:30:a9:d5:b1:c6:1a:d4:b4:4c:9f:ef:19:a6:02:a8:09:
84:7f:ee:ef:8d:4c:8c:fc:02:d3:64:16:07:4a:2a:40:cd:7c:
34:cc:30:91:85:7d:36:ff:fe:c7:40:46:c5:0b:04:a7:30:27:
a1:48:22:6a:15:76:6c:04:a6:dc:89:06:5b:c8:99:e4:f1:c8:
d3:f9:6d:bf:bb:d0:7d:fe:05:4d:5e:b8:e7:5a:e4:ec:11:bd:
a4:19:d3:c3:a5:e9:e1:af:c9:ec:e2:54:24:81:e7:54:d1:91:
fa:0c:ad:41:03:8d:e9:f2:f4:bf:bd:8e:de:7f:01:f4:ec:0e:
76:3b:6b:81:26:4b:c0:f6:46:89:76:38:d6:21:51:f2:ce:48:
f8:16:7a:d1:fe:a8:05:54:0f:de:1f:36:06:39:ac:a5:be:d4:
e8:3e:c6:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1RpcNlBX1oZ638+PJ+1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg4NWIwMDM1OTViNzk4MGEyNjAxZTg5YTRmYzExNTc2YjNhNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGQpi7M+qWETscoxXbsafS6zwCTn
aQR0QcOFwLu4rv2U39jnxQoIxgKdTSvJ6HwhnHRK1xOLv61R+wXZwB23cxNxrUAL
mxd2GNSAlv5+e9xLJLmi5qrQ/S1HaTGTbncLA043ybA9G4eFlXXtEmEDWnjhS0Jx
5DPqv6rz8YG5Jl8y7SymOtGGp1e9Kz9a0DmrNLe4hylMG5oKhFW1aqggMYmnVmVh
dLKl7aeIPoCbJXZr7qTyJDzSRq4JkJqVRsje+DLq4wN/362IuBHqTEO3McwfdJiM
NUJ35VF8BW5GFnYoHWbBb3wcRhgo8drFsA8MTssyacl1vD0fWWjS/5zb0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSIWwA1lbeYCiYB6JpPwRV2s6eMMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvNUloYkFEV1Z0NWdLSmdIb21rX0JGWGF6cDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATo/yMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ6mmutVthYkJ4mf4DZ/8unBPunvV/7YstqWPinOyJ
H4uNPjSzz/Ns8br0l9/pL5gMVub2l1vmDXiECJQ3iAmll1+kSE3O/92R+wYZoBmt
Oa2rDifjDOHaAQTd2TCp1bHGGtS0TJ/vGaYCqAmEf+7vjUyM/ALTZBYHSipAzXw0
zDCRhX02//7HQEbFCwSnMCehSCJqFXZsBKbciQZbyJnk8cjT+W2/u9B9/gVNXrjn
WuTsEb2kGdPDpenhr8ns4lQkgedU0ZH6DK1BA43p8vS/vY7efwH07A52O2uBJkvA
9kaJdjjWIVHyzkj4FnrR/qgFVA/eHzYGOaylvtToPsbW
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:01 2024 by rpki-client on console-fra.rpki-client.org