Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/jA3pQqAmiRVpwXPWdk8t1PFQWmE.roa
File: jA3pQqAmiRVpwXPWdk8t1PFQWmE.roa (raw, json)
Hash identifier: Mmm9LqfdVNF2SL5jKaki0cIZMiTVIEqb3NYqgvaBU68=
Subject key identifier: 8C:0D:E9:42:A0:26:89:15:69:C1:73:D6:76:4F:2D:D4:F1:50:5A:61
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 018EF0674F4FE634B1AB75712CA38C2A1A3F
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/jA3pQqAmiRVpwXPWdk8t1PFQWmE.roa
Signing time: Thu 18 Apr 2024 08:51:26 +0000
ROA not before: Thu 18 Apr 2024 08:51:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209505
IP address blocks: 78.41.136.0/24 maxlen: 24
2a13:3840:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 04 Jun 2024 19:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:67:4f:4f:e6:34:b1:ab:75:71:2c:a3:8c:2a:1a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Apr 18 08:51:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c0de942a026891569c173d6764f2dd4f1505a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:e7:23:54:d5:65:f9:1f:fe:ae:81:b1:d4:
f4:39:d3:14:c7:92:f0:f1:78:bb:3b:ba:9d:2d:b3:
5f:3c:a9:02:a9:3e:13:b7:51:39:d3:5f:de:75:fc:
af:63:a7:dd:dc:0a:a2:01:c9:ce:a8:0f:c4:14:37:
db:09:dd:ba:80:9b:1c:3f:1c:48:5e:71:79:c1:b0:
43:7f:ea:9a:5b:1e:f1:ac:90:88:86:6b:8e:bb:fc:
32:63:63:b2:7d:fc:65:57:09:92:5b:2c:4c:80:7c:
c2:a5:00:33:a1:01:05:4a:21:e2:70:f3:74:2f:ee:
32:96:81:3f:32:b7:19:1b:f6:4f:c8:ce:c5:f8:14:
ef:20:d5:59:22:38:df:71:20:53:f7:2d:2c:57:42:
be:60:d7:27:14:7f:45:46:bb:ff:12:ac:72:5f:7b:
7e:ac:55:c2:24:8c:7a:44:76:58:d6:12:8d:6e:73:
e5:76:2a:2b:6b:4c:a0:b1:c8:bd:2c:f8:c1:16:30:
81:27:80:27:b8:50:c2:7c:07:51:c6:19:a8:e6:71:
5a:5d:0c:81:79:23:c0:01:4e:33:8f:a7:57:42:6a:
b1:ff:80:88:03:1e:9d:de:5d:5e:a2:f4:fa:39:83:
0c:b3:73:3d:ac:3a:89:a3:8c:49:4e:8a:5b:2b:a7:
26:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0D:E9:42:A0:26:89:15:69:C1:73:D6:76:4F:2D:D4:F1:50:5A:61
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/jA3pQqAmiRVpwXPWdk8t1PFQWmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.136.0/24
IPv6:
2a13:3840:100::/40
Signature Algorithm: sha256WithRSAEncryption
42:ae:7f:d4:e2:00:18:b0:27:d2:e6:a3:3c:43:7a:e8:ed:ba:
e5:6d:62:18:e8:c2:66:8e:32:19:e2:d6:6e:a2:76:29:c0:f2:
c4:c3:2f:74:92:79:34:61:8b:33:46:52:61:50:49:7d:17:77:
e7:76:4c:10:75:5d:2c:3d:5d:81:6c:fe:d3:e4:26:55:3a:bb:
01:49:e4:48:fd:b4:2c:cb:c3:97:f1:4d:60:67:9a:e5:f3:4c:
27:fd:98:26:ca:cb:62:5b:47:a7:db:4a:ad:b2:64:78:1f:78:
53:71:f3:1a:6b:54:dd:00:37:83:5e:d6:21:1e:60:30:6b:5f:
f3:f5:d8:a1:25:40:96:31:c4:78:21:80:8e:2b:bd:a0:71:1a:
b3:8b:7d:ff:b1:80:3e:dc:2a:72:59:9e:fb:3e:dc:6e:d4:b3:
63:8f:e9:1a:2c:fb:92:09:de:3a:93:cb:4d:d2:83:f8:20:1f:
b1:f8:33:cc:f1:23:c0:39:45:47:cd:df:7a:eb:01:ca:ec:53:
1b:81:f5:29:5b:74:f7:16:8b:55:32:30:17:d9:9a:80:8a:91:
ed:39:d2:6f:5b:83:5b:80:67:9e:a0:8e:af:20:8e:fe:72:de:
46:35:98:e5:37:fe:86:25:3d:76:a1:24:21:40:38:42:4b:59:
95:29:66:4a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY7wZ09P5jSxq3VxLKOMKho/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjQwNDE4MDg1MTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBkZTk0MmEwMjY4OTE1NjljMTczZDY3NjRmMmRkNGYxNTA1YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfPnI1TVZfkf/q6BsdT0OdMUx5Lw
8Xi7O7qdLbNfPKkCqT4Tt1E501/edfyvY6fd3AqiAcnOqA/EFDfbCd26gJscPxxI
XnF5wbBDf+qaWx7xrJCIhmuOu/wyY2OyffxlVwmSWyxMgHzCpQAzoQEFSiHicPN0
L+4yloE/MrcZG/ZPyM7F+BTvINVZIjjfcSBT9y0sV0K+YNcnFH9FRrv/EqxyX3t+
rFXCJIx6RHZY1hKNbnPldiora0ygsci9LPjBFjCBJ4AnuFDCfAdRxhmo5nFaXQyB
eSPAAU4zj6dXQmqx/4CIAx6d3l1eovT6OYMMs3M9rDqJo4xJTopbK6cmxQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIwN6UKgJokVacFz1nZPLdTxUFphMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvakEzcFFxQW1pUlZwd1hQV2RrOHQxUEZRV21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQATimIMA4E
AgACMAgDBgAqEzhAATANBgkqhkiG9w0BAQsFAAOCAQEAQq5/1OIAGLAn0uajPEN6
6O265W1iGOjCZo4yGeLWbqJ2KcDyxMMvdJJ5NGGLM0ZSYVBJfRd353ZMEHVdLD1d
gWz+0+QmVTq7AUnkSP20LMvDl/FNYGea5fNMJ/2YJsrLYltHp9tKrbJkeB94U3Hz
GmtU3QA3g17WIR5gMGtf8/XYoSVAljHEeCGAjiu9oHEas4t9/7GAPtwqclme+z7c
btSzY4/pGiz7kgneOpPLTdKD+CAfsfgzzPEjwDlFR83feusByuxTG4H1KVt09xaL
VTIwF9magIqR7TnSb1uDW4BnnqCOryCO/nLeRjWY5Tf+hiU9dqEkIUA4QktZlSlm
Sg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:28 2025 by rpki-client