Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-K-AsCZNmZh4Q4cXVvSYca63Zmo.roa
File: 1-K-AsCZNmZh4Q4cXVvSYca63Zmo.roa (raw, json)
Hash identifier: AQsxTvyaqdUuO7L1LYqsGcjHrY8Xrrw7E4clqQC6weU=
Subject key identifier: F8:AF:80:B0:26:4D:99:98:78:43:87:17:56:F4:98:71:AE:B7:66:6A
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019348CD219859F81783105411843CCE0099
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-K-AsCZNmZh4Q4cXVvSYca63Zmo.roa
Signing time: Wed 20 Nov 2024 09:00:23 +0000
ROA not before: Wed 20 Nov 2024 09:00:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214440
IP address blocks: 78.136.71.0/24 maxlen: 24
95.178.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:cd:21:98:59:f8:17:83:10:54:11:84:3c:ce:00:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Nov 20 09:00:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8af80b0264d99987843871756f49871aeb7666a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5f:0a:e4:bf:c5:ac:0c:53:3f:50:b6:23:e8:
ca:ff:da:31:ae:9a:91:ba:71:a1:b3:a0:d0:02:7f:
22:30:c7:5a:9b:2b:9a:5b:77:32:bd:0b:3b:e2:df:
3a:3f:e6:d8:0a:8d:4b:60:e2:fa:c6:d7:91:45:58:
9f:78:f2:6c:8d:46:07:ea:35:87:e5:cb:28:66:d3:
ac:32:1a:73:e5:a6:4e:84:49:50:5a:22:47:72:29:
7c:3e:ef:3b:00:51:2d:97:14:d7:af:4f:eb:5a:9c:
e1:76:7b:54:c8:21:6a:d3:4a:b4:5e:fe:dc:e3:b2:
58:f9:8b:af:57:b9:20:e7:24:35:21:8e:f7:ca:2f:
97:cb:48:71:c4:7d:94:0c:05:fd:be:0b:9e:ed:70:
3f:18:4c:26:cd:1b:de:f5:80:08:b1:8e:77:b8:dd:
97:0a:05:44:78:e2:d0:ed:47:43:a1:ec:88:84:4c:
4a:89:19:d8:55:58:e4:d8:e5:f4:61:5c:16:26:8f:
66:2f:57:01:f9:d4:a8:4e:df:8e:a1:75:f8:5e:b7:
4a:fb:df:bd:ed:04:de:0c:b1:20:d9:35:b5:1b:67:
10:1d:55:47:e6:8c:9f:9e:74:f7:2f:42:d0:83:0f:
bc:dd:a7:45:10:d3:ab:0c:78:c1:ea:75:88:a2:13:
03:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AF:80:B0:26:4D:99:98:78:43:87:17:56:F4:98:71:AE:B7:66:6A
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-K-AsCZNmZh4Q4cXVvSYca63Zmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.71.0/24
95.178.116.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:3a:6c:a0:a5:13:19:98:e8:30:38:a7:f5:b9:e1:0e:89:9f:
d2:74:66:32:83:7b:cc:bc:d5:3e:12:ed:a9:13:da:12:d2:f1:
19:98:11:83:f9:39:80:ab:4f:2d:66:7b:88:c9:98:81:94:f7:
9f:c6:a0:b5:b4:8c:3a:02:fc:39:08:e8:86:b0:e0:b4:79:42:
99:51:36:ea:59:d2:a8:1e:84:26:17:25:fc:6f:2b:cf:99:a6:
65:61:2b:81:d2:db:91:a7:93:0d:8d:3c:bb:df:d1:38:ce:52:
1d:e7:dd:b9:1e:8f:06:35:90:c2:5d:46:a1:28:a5:0a:4b:9a:
93:c6:41:30:d1:91:42:c1:7e:18:b0:be:02:78:6e:60:fb:13:
bb:7f:ef:59:19:3b:dc:c2:12:c1:30:3e:af:9c:55:0b:2f:c5:
a4:69:29:37:78:c0:6d:eb:e5:10:ea:f1:29:28:5a:40:5e:82:
63:a3:01:19:cd:22:ef:33:47:95:e1:2c:d5:a6:e4:f4:73:f1:
9e:aa:f6:b6:25:e1:87:0f:4a:c7:65:75:37:bd:8d:0d:f1:41:
11:22:c7:79:74:96:da:95:ab:25:d6:0f:49:c9:9d:7a:a8:15:
8c:0d:5f:9b:53:fb:22:7f:16:c8:aa:4c:5a:7a:74:ec:02:c9:
6a:39:48:0c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZNIzSGYWfgXgxBUEYQ8zgCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQxMTIwMDkwMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFmODBiMDI2NGQ5OTk4Nzg0Mzg3MTc1NmY0OTg3MWFlYjc2NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V8K5L/FrAxTP1C2I+jK/9oxrpqR
unGhs6DQAn8iMMdamyuaW3cyvQs74t86P+bYCo1LYOL6xteRRVifePJsjUYH6jWH
5csoZtOsMhpz5aZOhElQWiJHcil8Pu87AFEtlxTXr0/rWpzhdntUyCFq00q0Xv7c
47JY+YuvV7kg5yQ1IY73yi+Xy0hxxH2UDAX9vgue7XA/GEwmzRve9YAIsY53uN2X
CgVEeOLQ7UdDoeyIhExKiRnYVVjk2OX0YVwWJo9mL1cB+dSoTt+OoXX4XrdK+9+9
7QTeDLEg2TW1G2cQHVVH5oyfnnT3L0LQgw+83adFENOrDHjB6nWIohMDpQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPivgLAmTZmYeEOHF1b0mHGut2ZqMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvMS1LLUFzQ1pObVpoNFE0Y1hWdlNZY2E2M1ptby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2Jh
MS8xLzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE6IRwME
Al+ydDANBgkqhkiG9w0BAQsFAAOCAQEACjpsoKUTGZjoMDin9bnhDomf0nRmMoN7
zLzVPhLtqRPaEtLxGZgRg/k5gKtPLWZ7iMmYgZT3n8agtbSMOgL8OQjohrDgtHlC
mVE26lnSqB6EJhcl/G8rz5mmZWErgdLbkaeTDY08u9/ROM5SHefduR6PBjWQwl1G
oSilCkuak8ZBMNGRQsF+GLC+AnhuYPsTu3/vWRk73MISwTA+r5xVCy/FpGkpN3jA
bevlEOrxKShaQF6CY6MBGc0i7zNHleEs1abk9HPxnqr2tiXhhw9Kx2V1N72NDfFB
ESLHeXSW2pWrJdYPScmdeqgVjA1fm1P7In8WyKpMWnp07ALJajlIDA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:45 2025 by rpki-client