Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_rSgqZQKBAgHy0xxM6OViGtm0vk.roa
File: _rSgqZQKBAgHy0xxM6OViGtm0vk.roa (raw, json)
Hash identifier: Ya8e3c9EPrbsPlbLnhKxC5EjISlSJm8swcga77Xn0Ek=
Subject key identifier: FE:B4:A0:A9:94:0A:04:08:07:CB:4C:71:33:A3:95:88:6B:66:D2:F9
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0187E1253089D19C9110715F97DA223EFB37
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_rSgqZQKBAgHy0xxM6OViGtm0vk.roa
Signing time: Wed 03 May 2023 10:25:23 +0000
ROA not before: Wed 03 May 2023 10:25:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200220
IP address blocks: 79.132.135.0/24 maxlen: 24
78.138.9.0/24 maxlen: 24
2a0b:7140:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jul 2023 09:53:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:25:30:89:d1:9c:91:10:71:5f:97:da:22:3e:fb:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: May 3 10:25:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feb4a0a9940a040807cb4c7133a395886b66d2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:96:35:6b:56:ab:f1:22:9a:51:65:fb:f5:
b5:7e:e3:69:c3:41:0e:71:4d:9d:bf:26:ef:f8:41:
de:ab:27:79:f4:90:ce:d0:68:6d:0d:31:17:f6:db:
79:92:fc:80:43:90:00:59:a1:22:d9:89:99:88:7a:
ca:d3:69:95:82:bb:59:cb:92:99:14:08:05:66:cd:
20:8b:c9:62:1b:fe:b6:18:b8:bd:87:3a:39:f8:68:
88:e0:14:74:b0:58:8a:96:b8:d6:af:1a:3b:5f:2c:
9e:cb:37:01:2a:ca:63:26:38:98:ba:f1:15:1e:8f:
56:c1:88:ce:42:53:53:a4:49:29:20:e8:25:69:6a:
a8:85:dc:03:49:a3:6e:af:10:2b:bb:4f:aa:cc:d2:
b0:28:00:42:6f:0f:ae:c0:cf:44:39:92:29:9d:34:
3c:83:d1:e4:80:25:3d:d3:d6:8f:e1:b0:4a:71:64:
5c:a4:bc:ff:46:96:29:15:cf:d1:5d:9f:d5:ec:be:
70:b1:94:8e:4f:2c:30:b1:4c:20:7a:17:e4:d2:e2:
03:51:46:95:f5:53:07:5e:3e:14:2c:ae:b8:57:61:
68:82:24:89:4a:ee:82:3d:6e:bb:d9:97:a7:ec:4b:
5d:2f:9f:37:01:7d:3a:df:c5:1b:25:ec:b3:91:b8:
a3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B4:A0:A9:94:0A:04:08:07:CB:4C:71:33:A3:95:88:6B:66:D2:F9
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_rSgqZQKBAgHy0xxM6OViGtm0vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.9.0/24
79.132.135.0/24
IPv6:
2a0b:7140:9::/48
Signature Algorithm: sha256WithRSAEncryption
46:20:71:b9:61:4e:8a:6a:21:12:96:f5:14:cf:89:44:34:08:
3d:f8:6d:fd:c5:e5:97:f1:fd:4b:81:96:a7:ba:bf:1c:dd:3f:
61:54:09:cc:95:72:66:15:7d:78:3f:e0:e8:3a:a5:f1:b2:d3:
c8:38:c0:a9:bd:d4:32:0b:6d:07:91:d6:fb:20:af:cf:b8:6b:
a3:70:ac:be:5d:e6:29:79:66:80:cf:c4:a9:50:13:b4:8b:17:
e2:8a:34:80:a2:52:8a:9c:2d:6c:36:09:84:73:58:b5:f1:1d:
e1:87:f5:18:59:3c:1a:5e:9d:fa:5f:bb:a2:eb:96:50:30:6c:
62:1b:cf:b8:7d:63:8c:15:ab:6c:fb:60:27:93:29:de:63:3f:
07:ce:e1:55:a6:79:fc:85:a3:2c:88:c3:a4:42:21:41:6a:3a:
f4:fa:9d:00:c9:1b:8e:42:b8:81:3d:d9:93:d5:32:76:d3:ad:
ae:64:e2:b5:03:8c:0c:32:60:52:18:45:b6:57:1f:25:c4:49:
02:a6:3c:1e:fb:55:63:da:db:25:b3:cf:26:0f:3c:6e:6e:ec:
fc:0b:53:99:5f:58:e1:37:12:fa:5b:23:04:fb:b8:27:59:2d:
20:ab:28:0f:cc:c7:cf:25:46:cc:6e:a0:79:86:12:0e:9a:b5:
c2:10:9c:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYfhJTCJ0ZyREHFfl9oiPvs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwNTAzMTAyNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI0YTBhOTk0MGEwNDA4MDdjYjRjNzEzM2EzOTU4ODZiNjZkMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8SWNWtWq/EimlFl+/W1fuNpw0EO
cU2dvybv+EHeqyd59JDO0GhtDTEX9tt5kvyAQ5AAWaEi2YmZiHrK02mVgrtZy5KZ
FAgFZs0gi8liG/62GLi9hzo5+GiI4BR0sFiKlrjWrxo7XyyeyzcBKspjJjiYuvEV
Ho9WwYjOQlNTpEkpIOglaWqohdwDSaNurxAru0+qzNKwKABCbw+uwM9EOZIpnTQ8
g9HkgCU909aP4bBKcWRcpLz/RpYpFc/RXZ/V7L5wsZSOTywwsUwgehfk0uIDUUaV
9VMHXj4ULK64V2FogiSJSu6CPW672Zen7EtdL583AX0638UbJeyzkbijuwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP60oKmUCgQIB8tMcTOjlYhrZtL5MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvX3JTZ3FaUUtCQWdIeTB4eE02T1ZpR3RtMHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQATooJAwQA
T4SHMA8EAgACMAkDBwAqC3FAAAkwDQYJKoZIhvcNAQELBQADggEBAEYgcblhTopq
IRKW9RTPiUQ0CD34bf3F5Zfx/UuBlqe6vxzdP2FUCcyVcmYVfXg/4Og6pfGy08g4
wKm91DILbQeR1vsgr8+4a6NwrL5d5il5ZoDPxKlQE7SLF+KKNICiUoqcLWw2CYRz
WLXxHeGH9RhZPBpenfpfu6LrllAwbGIbz7h9Y4wVq2z7YCeTKd5jPwfO4VWmefyF
oyyIw6RCIUFqOvT6nQDJG45CuIE92ZPVMnbTra5k4rUDjAwyYFIYRbZXHyXESQKm
PB77VWPa2yWzzyYPPG5u7PwLU5lfWOE3EvpbIwT7uCdZLSCrKA/Mx88lRsxuoHmG
Eg6atcIQnL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org