Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/RmvN-XKHjCd7J54OBNecRFiS4kk.roa
File: RmvN-XKHjCd7J54OBNecRFiS4kk.roa (raw, json)
Hash identifier: 5pxJlIKwce/5rrudSlkE1Z/0pKtMV6IUBC3Kj79npU4=
Subject key identifier: 46:6B:CD:F9:72:87:8C:27:7B:27:9E:0E:04:D7:9C:44:58:92:E2:49
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F7CB6AC1B84EA72674CD685B4DD0
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/RmvN-XKHjCd7J54OBNecRFiS4kk.roa
Signing time: Mon 02 Jan 2023 09:04:51 +0000
ROA not before: Mon 02 Jan 2023 09:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 78.39.156.0/24 maxlen: 24
2.178.254.0/24 maxlen: 24
2.178.255.0/24 maxlen: 24
78.39.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f7:cb:6a:c1:b8:4e:a7:26:74:cd:68:5b:4d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=466bcdf972878c277b279e0e04d79c445892e249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:65:e9:0b:1d:1d:aa:9e:99:54:18:6d:13:
3a:67:ba:c6:7f:2b:97:1a:4b:d3:5f:c5:23:33:99:
4c:4e:eb:1d:27:b3:08:86:c4:d7:7b:0c:ec:6c:63:
3c:a2:71:ab:de:78:7a:b8:42:51:e4:b4:de:f7:89:
1b:2f:eb:c1:ee:b4:df:a8:d5:af:25:9d:16:67:a7:
f0:63:a2:f1:a4:16:56:5d:48:9b:3d:e3:54:68:2f:
50:b1:b5:dd:ca:9a:06:f0:d7:15:94:e7:86:3c:64:
0d:8e:8f:b5:1b:d8:e5:97:3e:98:e1:ff:6d:93:0c:
34:1a:b4:ae:e1:20:02:60:dc:f5:68:8a:1e:24:29:
b9:25:f9:da:43:e6:7a:e8:d0:b1:68:f7:d8:8b:aa:
7b:67:b3:87:2b:c9:ff:04:fc:f5:b6:39:ec:ee:65:
97:59:ad:be:9c:b9:98:39:64:c9:22:41:1f:25:6f:
a8:15:bc:fc:64:09:e1:92:ef:3b:6f:92:29:91:58:
55:e7:ab:1b:ca:f9:18:b3:de:14:1e:11:cd:35:2b:
8c:48:a9:d2:e1:98:80:c8:81:6c:a4:fc:50:c5:a2:
5c:2c:a3:92:ec:24:7a:56:14:66:61:f6:bb:5d:0f:
fe:35:07:35:44:db:76:d8:36:09:43:4e:14:e0:70:
ef:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6B:CD:F9:72:87:8C:27:7B:27:9E:0E:04:D7:9C:44:58:92:E2:49
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/RmvN-XKHjCd7J54OBNecRFiS4kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.178.254.0/23
78.39.156.0/24
78.39.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a2:ec:fe:cd:89:bb:a7:56:57:c1:96:6e:89:e3:eb:8b:1b:
c1:6c:dd:d2:89:ed:70:d3:16:03:ec:48:79:df:ab:fb:a5:57:
9c:8a:30:72:bd:ff:36:45:0c:73:5a:66:68:77:6d:13:c7:0d:
08:d9:71:c4:69:d7:7a:19:36:ae:c7:0c:68:f3:a3:c4:07:7a:
60:a5:c4:fc:fd:a9:12:b3:b1:2f:ff:bb:2f:87:c6:65:35:b2:
8e:65:19:18:9a:ce:26:88:ce:67:1f:c3:ee:6f:8c:df:68:33:
2e:d1:31:c9:42:91:e6:a4:56:51:18:e8:37:c4:26:17:78:9f:
65:bb:34:92:b7:0d:8f:02:7b:79:b5:6f:79:0c:01:c3:0c:ed:
e6:6f:d4:94:ea:ff:f9:10:1c:31:52:9e:c5:1d:b5:6f:e3:38:
a4:66:96:5f:be:53:3f:23:47:70:01:6a:9f:da:8c:c1:72:09:
9b:aa:f0:f3:98:ce:65:5a:6a:f4:d2:98:c4:9e:d6:f2:2d:47:
a8:a8:de:4e:00:22:ac:80:54:f2:26:29:d0:65:1f:11:46:5a:
7f:d4:18:e5:88:f5:8c:0a:fc:e5:79:3e:40:78:2c:f9:d2:32:
4c:d2:47:85:7f:17:4f:91:d0:43:14:24:86:1d:03:8b:c7:78:
28:12:3c:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxuffLasG4TqcmdM1oW03QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjZiY2RmOTcyODc4YzI3N2IyNzllMGUwNGQ3OWM0NDU4OTJlMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlJl6QsdHaqemVQYbRM6Z7rGfyuX
GkvTX8UjM5lMTusdJ7MIhsTXewzsbGM8onGr3nh6uEJR5LTe94kbL+vB7rTfqNWv
JZ0WZ6fwY6LxpBZWXUibPeNUaC9QsbXdypoG8NcVlOeGPGQNjo+1G9jllz6Y4f9t
kww0GrSu4SACYNz1aIoeJCm5JfnaQ+Z66NCxaPfYi6p7Z7OHK8n/BPz1tjns7mWX
Wa2+nLmYOWTJIkEfJW+oFbz8ZAnhku87b5IpkVhV56sbyvkYs94UHhHNNSuMSKnS
4ZiAyIFspPxQxaJcLKOS7CR6VhRmYfa7XQ/+NQc1RNt22DYJQ04U4HDvXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEZrzflyh4wneyeeDgTXnERYkuJJMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvUm12Ti1YS0hqQ2Q3SjU0T0JOZWNSRmlTNGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBArL+AwQA
TiecAwQATifGMA0GCSqGSIb3DQEBCwUAA4IBAQB/ouz+zYm7p1ZXwZZuiePrixvB
bN3Sie1w0xYD7Eh536v7pVecijByvf82RQxzWmZod20Txw0I2XHEadd6GTauxwxo
86PEB3pgpcT8/akSs7Ev/7svh8ZlNbKOZRkYms4miM5nH8Pub4zfaDMu0THJQpHm
pFZRGOg3xCYXeJ9luzSStw2PAnt5tW95DAHDDO3mb9SU6v/5EBwxUp7FHbVv4zik
ZpZfvlM/I0dwAWqf2ozBcgmbqvDzmM5lWmr00pjEntbyLUeoqN5OACKsgFTyJinQ
ZR8RRlp/1BjliPWMCvzleT5AeCz50jJM0keFfxdPkdBDFCSGHQOLx3goEjxK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org