Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/COY0kXEneWasjNEaeLsSjhRQcKg.roa
File: COY0kXEneWasjNEaeLsSjhRQcKg.roa (raw, json)
Hash identifier: +ghd4tDB/DmzjwOJXOwsOGaOQ15KX+Trl/Adz5me8tA=
Subject key identifier: 08:E6:34:91:71:27:79:66:AC:8C:D1:1A:78:BB:12:8E:14:50:70:A8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0189DB2A7057110B13F8F4AD04936B7FD8FB
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/COY0kXEneWasjNEaeLsSjhRQcKg.roa
Signing time: Wed 09 Aug 2023 16:38:58 +0000
ROA not before: Wed 09 Aug 2023 16:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.97.0/24 maxlen: 24
78.135.100.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:2a:70:57:11:0b:13:f8:f4:ad:04:93:6b:7f:d8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 9 16:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08e6349171277966ac8cd11a78bb128e145070a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ba:e3:83:c6:7e:e7:fc:6a:08:f4:18:bd:e8:
dd:5c:84:e5:fe:a3:d3:3f:a7:45:8b:ca:df:ea:8e:
3a:7f:af:da:22:af:69:5b:03:45:9f:43:97:d2:52:
a8:c3:bc:23:9e:2c:f4:72:2a:a4:bf:34:e0:ad:f8:
e2:de:ff:d1:37:fa:9a:cb:30:13:29:fb:16:3a:ec:
8e:39:cc:82:28:54:3c:3b:d8:ac:04:5c:f3:b8:85:
de:48:ef:e6:f0:8f:9b:0d:20:c0:cf:b0:db:4b:bf:
48:8c:5c:b5:5c:72:ca:be:c3:05:c0:21:a8:6a:c8:
74:b3:8e:60:e2:74:92:cd:cb:05:b1:87:3f:f6:5b:
70:57:43:65:0a:08:43:a2:c0:07:3c:fb:93:28:34:
67:c4:95:07:ed:4c:d3:54:74:41:99:3d:9a:fc:d6:
7c:da:18:c1:a6:84:b6:74:e1:04:f0:5c:c2:64:71:
ea:31:bb:a4:dd:e6:34:c5:69:de:c5:30:2e:a3:50:
f8:67:37:6f:a4:ec:3b:35:d2:61:cd:fc:b4:66:af:
00:78:36:57:4d:82:ff:df:28:a6:57:7a:19:e9:a9:
70:c8:7c:4b:ff:53:2e:54:84:c1:1e:2c:f6:ff:83:
9c:cb:33:b2:24:88:ab:f5:aa:d0:81:3c:95:3d:f4:
25:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E6:34:91:71:27:79:66:AC:8C:D1:1A:78:BB:12:8E:14:50:70:A8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/COY0kXEneWasjNEaeLsSjhRQcKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.97.0/24
78.135.100.0/24
78.135.104.0/24
188.132.189.0/24
188.132.191.0/24
188.132.236.0/24
188.132.249.0/24
212.68.35.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
71:0d:4d:b7:7c:e8:7d:d9:4e:a1:42:1d:a8:7f:8c:2c:de:bb:
3d:24:28:8b:87:04:62:53:dd:d2:2f:7a:49:49:4a:e3:e6:99:
d8:a3:82:8a:ee:37:f2:30:57:69:06:0d:34:6a:2e:e7:63:e8:
31:b1:29:83:ae:98:dc:a0:85:e0:08:d1:0b:b6:9c:61:6a:71:
b1:29:a2:d5:94:b1:35:00:ca:94:24:fb:b7:96:a4:2c:26:12:
3a:ae:45:42:da:46:2f:ed:06:d1:5b:5f:46:f4:f2:c3:ae:9e:
89:af:8d:29:7f:37:88:77:a8:0d:3f:d7:d3:67:ea:08:18:fe:
14:84:81:c7:e2:d7:05:6b:c8:65:2c:9c:c0:25:49:2c:87:a7:
2d:2d:8e:23:52:95:c0:1a:f4:b8:01:94:9c:b2:4f:ea:f2:05:
69:7a:c0:87:db:bd:16:f9:b2:3c:01:79:5b:33:bf:88:d4:e6:
e1:f6:f3:0c:0e:a1:c3:27:80:17:09:20:84:07:eb:78:99:ed:
05:d9:96:c8:5b:76:25:e6:ab:d6:bc:42:36:ba:8b:fc:5d:4a:
75:7e:63:7b:45:32:44:e4:80:83:d4:1e:10:6a:4b:70:e4:3a:
a4:7a:2d:7b:ce:a1:df:ce:ff:c8:36:76:39:ac:84:e9:f8:aa:
90:d3:97:a1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYnbKnBXEQsT+PStBJNrf9j7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwODA5MTYzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGU2MzQ5MTcxMjc3OTY2YWM4Y2QxMWE3OGJiMTI4ZTE0NTA3MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLrjg8Z+5/xqCPQYvejdXITl/qPT
P6dFi8rf6o46f6/aIq9pWwNFn0OX0lKow7wjniz0ciqkvzTgrfji3v/RN/qayzAT
KfsWOuyOOcyCKFQ8O9isBFzzuIXeSO/m8I+bDSDAz7DbS79IjFy1XHLKvsMFwCGo
ash0s45g4nSSzcsFsYc/9ltwV0NlCghDosAHPPuTKDRnxJUH7UzTVHRBmT2a/NZ8
2hjBpoS2dOEE8FzCZHHqMbuk3eY0xWnexTAuo1D4ZzdvpOw7NdJhzfy0Zq8AeDZX
TYL/3yimV3oZ6alwyHxL/1MuVITBHiz2/4OcyzOyJIir9arQgTyVPfQlcwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAjmNJFxJ3lmrIzRGni7Eo4UUHCoMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvQ09ZMGtYRW5lV2Fzak5FYWVMc1NqaFJRY0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQATodJAwQA
TodhAwQATodkAwQATodoAwQAvIS9AwQAvIS/AwQAvITsAwQAvIT5AwQA1EQjMAwD
BADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAHENTbd86H3ZTqFCHah/jCze
uz0kKIuHBGJT3dIveklJSuPmmdijgoruN/IwV2kGDTRqLudj6DGxKYOumNygheAI
0Qu2nGFqcbEpotWUsTUAypQk+7eWpCwmEjquRULaRi/tBtFbX0b08sOunomvjSl/
N4h3qA0/19Nn6ggY/hSEgcfi1wVryGUsnMAlSSyHpy0tjiNSlcAa9LgBlJyyT+ry
BWl6wIfbvRb5sjwBeVszv4jU5uH28wwOocMngBcJIIQH63iZ7QXZlshbdiXmq9a8
Qja6i/xdSnV+Y3tFMkTkgIPUHhBqS3DkOqR6LXvOod/O/8g2djmshOn4qpDTl6E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org