Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/Bderis4d7NYNYAfJAW7sS0dDYbU.roa
File: Bderis4d7NYNYAfJAW7sS0dDYbU.roa (raw, json)
Hash identifier: TWitcD42KFa2yjtM/z0njeEAekEQRIaP2nyeLL/TqSM=
Subject key identifier: 05:D7:AB:8A:CE:1D:EC:D6:0D:60:07:C9:01:6E:EC:4B:47:43:61:B5
Certificate issuer: /CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Certificate serial: 018A8DADC47DB10541645ECA0D601B0FB760
Authority key identifier: BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/Bderis4d7NYNYAfJAW7sS0dDYbU.roa
Signing time: Wed 13 Sep 2023 08:34:50 +0000
ROA not before: Wed 13 Sep 2023 08:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 78.24.53.0/24 maxlen: 24
78.24.54.0/24 maxlen: 24
178.255.10.0/24 maxlen: 24
82.116.144.0/24 maxlen: 24
82.116.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:ad:c4:7d:b1:05:41:64:5e:ca:0d:60:1b:0f:b7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Validity
Not Before: Sep 13 08:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d7ab8ace1decd60d6007c9016eec4b474361b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:b1:53:5f:af:c8:91:10:f2:6d:24:06:a2:
a8:f2:52:6c:82:c4:4f:4c:b8:64:a7:49:25:05:8b:
53:c4:47:d8:bf:2e:45:94:0c:de:57:ef:56:72:b8:
29:5b:eb:6d:84:d2:b9:96:4e:3c:b5:a0:7a:1c:5e:
90:8f:53:e2:84:fc:e8:0d:0e:26:e0:e2:57:a4:aa:
c6:96:29:ef:8b:25:bf:13:54:cd:2c:3f:09:06:6f:
0b:cd:b2:10:5e:23:42:26:47:6e:0e:2b:de:83:79:
40:3a:91:b0:24:d6:15:64:d1:79:f2:00:53:e6:2b:
d2:22:45:8b:c9:12:0d:2a:6a:da:f7:99:f7:c5:cd:
aa:ad:54:27:5d:1c:8c:4a:4c:da:1e:d2:db:cb:8b:
45:fc:cd:1b:77:e3:30:78:2e:47:98:59:f3:4a:08:
7e:cd:28:5c:ef:e9:11:cd:ac:27:29:73:67:c5:0b:
ce:01:78:d9:c0:cd:97:88:b5:64:3a:c0:1f:f6:ec:
9c:b7:be:93:a6:b4:72:32:9e:8c:78:89:cf:83:2c:
7d:67:4d:3e:ea:81:b4:a1:6a:d4:e1:f0:4b:f0:04:
82:91:61:f2:7a:4e:f3:ed:e9:c1:42:5c:43:83:e9:
69:3a:b6:c5:a1:f1:37:22:d7:08:5d:2c:b6:52:4f:
66:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D7:AB:8A:CE:1D:EC:D6:0D:60:07:C9:01:6E:EC:4B:47:43:61:B5
X509v3 Authority Key Identifier:
keyid:BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/Bderis4d7NYNYAfJAW7sS0dDYbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.53.0-78.24.54.255
82.116.140.0/24
82.116.144.0/24
178.255.10.0/24
Signature Algorithm: sha256WithRSAEncryption
35:84:f3:7d:5b:4a:c8:44:ce:43:39:1e:1c:ac:9d:79:6c:fc:
72:10:29:31:bc:28:b2:ba:a1:ca:fc:49:c9:31:fa:6a:39:42:
f1:f7:21:4f:98:bd:8f:05:4f:f2:72:88:c3:8a:fb:30:e0:38:
7c:9f:15:20:27:4e:41:40:9d:8b:45:de:4f:d4:bf:91:7e:7d:
cf:b4:44:9c:ce:55:58:83:88:8a:94:cc:d6:d7:3f:5f:6b:10:
8e:d3:10:3b:73:63:55:95:fa:bf:9f:9a:24:97:d7:0b:e4:96:
b5:7c:e6:de:05:2f:92:d7:66:54:7c:e2:ff:1c:ce:e5:6a:a4:
f3:6a:f3:51:7b:7f:3f:7d:10:60:54:8c:cb:59:f9:59:81:4f:
f4:e9:3f:34:b8:53:30:81:cd:f1:53:a6:f2:e0:f3:27:11:30:
49:ea:0e:2b:12:8f:92:e7:f5:5d:57:0a:08:dd:b2:fa:62:2b:
49:88:1b:a3:1e:b9:89:93:a7:ba:21:2a:8b:46:fc:dd:61:37:
0e:30:51:35:3c:a0:6e:4d:f6:f4:ff:70:17:cd:a5:69:71:77:
d0:a1:cb:c6:6a:86:93:92:e1:32:a0:34:9c:79:0d:ff:52:41:
5a:88:d7:9d:7e:ad:05:a3:95:96:1b:9a:4a:48:71:dc:ac:b3:
4e:45:a7:3a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYqNrcR9sQVBZF7KDWAbD7dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkN2Q4MTc4Y2VjNWNkMzc2NTQ4YTkwNDkxMTdmNDY5YzBh
NzQzMWMwHhcNMjMwOTEzMDgzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ3YWI4YWNlMWRlY2Q2MGQ2MDA3YzkwMTZlZWM0YjQ3NDM2MWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6ixU1+vyJEQ8m0kBqKo8lJsgsRP
TLhkp0klBYtTxEfYvy5FlAzeV+9WcrgpW+tthNK5lk48taB6HF6Qj1PihPzoDQ4m
4OJXpKrGlinviyW/E1TNLD8JBm8LzbIQXiNCJkduDiveg3lAOpGwJNYVZNF58gBT
5ivSIkWLyRINKmra95n3xc2qrVQnXRyMSkzaHtLby4tF/M0bd+MweC5HmFnzSgh+
zShc7+kRzawnKXNnxQvOAXjZwM2XiLVkOsAf9uyct76TprRyMp6MeInPgyx9Z00+
6oG0oWrU4fBL8ASCkWHyek7z7enBQlxDg+lpOrbFofE3ItcIXSy2Uk9mcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAXXq4rOHezWDWAHyQFu7EtHQ2G1MB8GA1UdIwQY
MBaAFL19gXjOxc03ZUipBJEX9GnAp0McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQt
NjE1YWNhNTFlMmY2LzEvQmRlcmlzNGQ3TllOWUFmSkFXN3NTMGREWWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQtNjE1YWNhNTFlMmY2
LzEvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABOGDUD
BABOGDYDBABSdIwDBABSdJADBACy/wowDQYJKoZIhvcNAQELBQADggEBADWE831b
SshEzkM5HhysnXls/HIQKTG8KLK6ocr8Sckx+mo5QvH3IU+YvY8FT/JyiMOK+zDg
OHyfFSAnTkFAnYtF3k/Uv5F+fc+0RJzOVViDiIqUzNbXP19rEI7TEDtzY1WV+r+f
miSX1wvklrV85t4FL5LXZlR84v8czuVqpPNq81F7fz99EGBUjMtZ+VmBT/TpPzS4
UzCBzfFTpvLg8ycRMEnqDisSj5Ln9V1XCgjdsvpiK0mIG6MeuYmTp7ohKotG/N1h
Nw4wUTU8oG5N9vT/cBfNpWlxd9Chy8ZqhpOS4TKgNJx5Df9SQVqI151+rQWjlZYb
mkpIcdyss05Fpzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org