Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ps0TgKsEi4rgxW8GhaV5eO3JeKI.roa
File: Ps0TgKsEi4rgxW8GhaV5eO3JeKI.roa (raw, json)
Hash identifier: //gis4MeG7N80X7M5pfPaZJ6gZceqXMsF2/RK5hDPtI=
Subject key identifier: 3E:CD:13:80:AB:04:8B:8A:E0:C5:6F:06:85:A5:79:78:ED:C9:78:A2
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01875237B2E354704B1B1EFFF62CC037BC2B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ps0TgKsEi4rgxW8GhaV5eO3JeKI.roa
Signing time: Wed 05 Apr 2023 16:19:54 +0000
ROA not before: Wed 05 Apr 2023 16:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210791
IP address blocks: 109.167.106.0/24 maxlen: 24
78.136.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:37:b2:e3:54:70:4b:1b:1e:ff:f6:2c:c0:37:bc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Apr 5 16:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ecd1380ab048b8ae0c56f0685a57978edc978a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:6b:26:a9:c5:6d:98:78:9a:11:dc:b5:86:
33:91:fb:93:03:10:d2:c5:24:cc:56:91:82:2f:3a:
be:be:64:38:57:f5:ac:37:89:aa:a6:89:62:19:bc:
a4:3d:10:58:96:5b:aa:f9:21:ee:ac:6f:a1:65:53:
f7:40:11:8b:08:90:01:21:2a:2e:95:36:84:05:1a:
f6:b5:c4:33:63:cd:8a:8f:8f:2e:32:76:88:ef:7d:
c6:ad:56:2e:13:69:37:ae:11:00:9e:ef:ef:d4:f1:
98:ac:e7:b0:37:28:e4:1e:14:bc:ef:41:57:e8:27:
67:15:b2:3b:78:2b:aa:da:95:96:4f:9a:ec:e4:57:
d3:01:60:ec:e9:1b:18:41:93:ca:86:0a:f0:14:df:
b1:f8:a0:88:6c:35:4c:f9:18:ba:7e:6c:02:b5:8e:
73:fe:9f:88:6b:4a:d5:bb:95:a3:ef:d6:df:2c:45:
14:f2:fb:95:19:bc:53:a7:9f:2f:29:98:8b:c9:4a:
38:f7:f4:a2:e9:f6:58:ce:70:e2:69:b4:71:11:75:
5b:0f:44:7d:d5:0c:a3:9b:cf:c8:b2:84:59:95:c3:
de:5f:77:8c:5e:62:9a:1c:87:ab:0a:30:17:ff:c4:
46:b7:dc:f0:7b:d3:c3:30:d8:1c:b0:bc:50:dd:a3:
32:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CD:13:80:AB:04:8B:8A:E0:C5:6F:06:85:A5:79:78:ED:C9:78:A2
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ps0TgKsEi4rgxW8GhaV5eO3JeKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.110.0/24
109.167.106.0/24
Signature Algorithm: sha256WithRSAEncryption
80:bf:67:c7:ae:20:b1:e4:29:1e:1e:03:8d:8a:6c:f3:10:f4:
b8:ba:e0:9f:94:c6:fa:90:55:5c:08:7a:a8:6a:49:20:a7:5c:
09:44:18:08:7b:47:0b:43:7a:bd:58:dc:31:f5:49:a1:c7:47:
f7:bd:a7:e3:b8:71:35:41:6f:b2:b9:c7:6c:11:3c:5a:d2:2a:
65:b8:57:fc:6f:79:08:47:e8:b0:79:8a:4b:6e:54:28:8f:1b:
c1:c3:88:d3:ff:75:c6:da:2c:71:8d:1a:ce:cc:c2:8a:72:5e:
e0:ba:a4:90:e5:eb:dd:1f:8d:2d:86:c3:3e:98:3c:da:88:69:
7d:ea:8a:3f:2c:7b:be:54:8d:58:f7:ef:3a:1c:09:38:df:25:
d4:cc:f5:13:38:61:89:48:51:7e:5d:1b:c8:ae:89:92:12:ad:
48:57:1c:47:31:d5:a6:df:40:d0:3a:2c:83:8b:e8:45:22:f7:
93:67:f0:ab:87:6b:fd:af:54:cf:f8:fd:05:56:6f:ee:2b:50:
c7:90:e0:ab:1c:84:f4:6d:ce:1a:8f:2b:01:d7:9a:5a:74:7a:
cc:02:4c:9c:98:6b:b7:27:c8:c3:32:b9:0d:0c:5c:0b:90:b8:
8c:f8:e9:78:d9:1e:e6:83:56:38:75:af:3d:df:fe:18:b7:69:
60:64:a2:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdSN7LjVHBLGx7/9izAN7wrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwNDA1MTYxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWNkMTM4MGFiMDQ4YjhhZTBjNTZmMDY4NWE1Nzk3OGVkYzk3OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf5rJqnFbZh4mhHctYYzkfuTAxDS
xSTMVpGCLzq+vmQ4V/WsN4mqpoliGbykPRBYlluq+SHurG+hZVP3QBGLCJABISou
lTaEBRr2tcQzY82Kj48uMnaI733GrVYuE2k3rhEAnu/v1PGYrOewNyjkHhS870FX
6CdnFbI7eCuq2pWWT5rs5FfTAWDs6RsYQZPKhgrwFN+x+KCIbDVM+Ri6fmwCtY5z
/p+Ia0rVu5Wj79bfLEUU8vuVGbxTp58vKZiLyUo49/Si6fZYznDiabRxEXVbD0R9
1Qyjm8/IsoRZlcPeX3eMXmKaHIerCjAX/8RGt9zwe9PDMNgcsLxQ3aMytwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7NE4CrBIuK4MVvBoWleXjtyXiiMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvUHMwVGdLc0VpNHJneFc4R2hhVjVlTzNKZUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATohuAwQA
badqMA0GCSqGSIb3DQEBCwUAA4IBAQCAv2fHriCx5CkeHgONimzzEPS4uuCflMb6
kFVcCHqoakkgp1wJRBgIe0cLQ3q9WNwx9Umhx0f3vafjuHE1QW+yucdsETxa0ipl
uFf8b3kIR+iweYpLblQojxvBw4jT/3XG2ixxjRrOzMKKcl7guqSQ5evdH40thsM+
mDzaiGl96oo/LHu+VI1Y9+86HAk43yXUzPUTOGGJSFF+XRvIromSEq1IVxxHMdWm
30DQOiyDi+hFIveTZ/Crh2v9r1TP+P0FVm/uK1DHkOCrHIT0bc4ajysB15padHrM
AkycmGu3J8jDMrkNDFwLkLiM+Ol42R7mg1Y4da893/4Yt2lgZKIX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org