Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QqdHcgd50P5FDcYhzWW6iZdr1Hc.roa
File: QqdHcgd50P5FDcYhzWW6iZdr1Hc.roa (raw, json)
Hash identifier: fzVkok9cGu4eHPfea5kA+LpmfJoKTj6YFvV8ZtYw80w=
Subject key identifier: 42:A7:47:72:07:79:D0:FE:45:0D:C6:21:CD:65:BA:89:97:6B:D4:77
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0185BC784C0BEBB68605495743E8484D6B77
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QqdHcgd50P5FDcYhzWW6iZdr1Hc.roa
Signing time: Mon 16 Jan 2023 21:24:38 +0000
ROA not before: Mon 16 Jan 2023 21:24:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57922
IP address blocks: 78.135.92.0/24 maxlen: 24
78.135.93.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 13:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bc:78:4c:0b:eb:b6:86:05:49:57:43:e8:48:4d:6b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 16 21:24:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a747720779d0fe450dc621cd65ba89976bd477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6d:7f:a2:77:44:fd:38:af:f7:28:0f:4e:e5:
26:07:a1:dc:65:85:fe:63:65:4b:03:ba:b1:97:dc:
5c:97:cb:60:05:c1:34:c6:49:71:21:7c:ae:dc:42:
24:7a:2b:95:94:c6:bd:ac:e2:5b:b6:af:ef:1c:28:
a8:a8:60:db:f4:a8:52:0b:1d:fb:24:a6:8f:fb:4e:
c2:a9:fe:44:ba:60:16:b4:f4:c9:47:5c:39:53:17:
a2:e4:f9:01:d8:b9:2b:6d:fc:1a:a4:5d:fd:64:3a:
bd:d7:c3:db:4f:e1:0a:28:57:33:8e:e6:8e:40:8d:
e4:a7:69:c9:57:ce:39:4c:c8:79:90:9f:9c:20:dc:
04:e4:82:f7:37:f1:35:94:c2:16:7d:00:2c:59:c2:
6f:94:79:67:6d:55:0d:26:5e:86:c4:ae:c4:03:f8:
f1:67:03:39:57:df:50:2a:3c:a4:d9:3c:c2:e3:22:
2d:e9:1e:e9:fc:df:65:9c:21:f2:e0:32:c3:6a:5e:
79:f8:54:b3:d6:77:9d:b1:a2:20:7e:32:86:f1:46:
35:8b:2a:e7:0f:b6:88:64:6c:46:dc:98:a5:05:36:
fc:1c:65:9d:41:90:cb:f4:dc:a1:43:86:ac:59:75:
3f:e1:02:db:1e:b9:4b:a6:11:0c:95:73:11:15:05:
e4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A7:47:72:07:79:D0:FE:45:0D:C6:21:CD:65:BA:89:97:6B:D4:77
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QqdHcgd50P5FDcYhzWW6iZdr1Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.92.0/23
78.135.104.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ba:c3:94:40:aa:56:49:1e:b8:a9:bb:12:d6:47:93:e5:49:
3d:92:0f:63:3d:43:c1:97:ef:79:a3:03:ff:d7:df:fa:3c:45:
46:85:01:72:f7:73:b5:bb:70:dc:1e:5f:d9:49:9e:d1:6f:eb:
2d:89:d9:31:25:f7:88:0a:17:21:a4:7d:54:18:e8:13:17:80:
dc:75:94:41:6a:93:1f:58:2c:37:6c:e2:7f:59:e3:30:59:8c:
05:45:cf:e4:e4:4c:2b:6c:8f:a5:db:df:16:f7:4b:2b:26:1e:
08:30:04:c8:28:89:49:fd:83:80:67:73:0f:47:68:0e:37:cc:
a9:cb:d8:45:b7:7f:16:bf:45:0e:54:87:f5:9d:d8:80:05:88:
bc:57:98:ec:5a:b4:00:ff:31:e5:c1:26:c5:80:e3:3d:89:d8:
b2:c2:10:3a:dd:a4:71:e2:68:f4:e1:d3:bc:1e:bd:f7:04:86:
d4:1f:b3:8f:5d:1a:e5:47:d1:30:90:dd:76:70:58:8e:6f:9c:
f0:e9:88:8d:82:1f:34:42:1f:69:7d:9d:c9:5e:8c:74:90:4f:
79:d1:62:23:2b:aa:dd:8f:45:28:86:83:31:9f:a5:07:84:9d:
3b:95:ad:be:ee:2b:03:30:80:6c:b6:16:03:03:4e:4e:c7:09:
ae:59:0a:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW8eEwL67aGBUlXQ+hITWt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTE2MjEyNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE3NDc3MjA3NzlkMGZlNDUwZGM2MjFjZDY1YmE4OTk3NmJkNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm1/ondE/Tiv9ygPTuUmB6HcZYX+
Y2VLA7qxl9xcl8tgBcE0xklxIXyu3EIkeiuVlMa9rOJbtq/vHCioqGDb9KhSCx37
JKaP+07Cqf5EumAWtPTJR1w5Uxei5PkB2LkrbfwapF39ZDq918PbT+EKKFczjuaO
QI3kp2nJV845TMh5kJ+cINwE5IL3N/E1lMIWfQAsWcJvlHlnbVUNJl6GxK7EA/jx
ZwM5V99QKjyk2TzC4yIt6R7p/N9lnCHy4DLDal55+FSz1nedsaIgfjKG8UY1iyrn
D7aIZGxG3JilBTb8HGWdQZDL9NyhQ4asWXU/4QLbHrlLphEMlXMRFQXkuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEKnR3IHedD+RQ3GIc1luomXa9R3MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUXFkSGNnZDUwUDVGRGNZaHpXVzZpWmRyMUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTodcAwQA
TodoMA0GCSqGSIb3DQEBCwUAA4IBAQAmusOUQKpWSR64qbsS1keT5Uk9kg9jPUPB
l+95owP/19/6PEVGhQFy93O1u3DcHl/ZSZ7Rb+stidkxJfeIChchpH1UGOgTF4Dc
dZRBapMfWCw3bOJ/WeMwWYwFRc/k5EwrbI+l298W90srJh4IMATIKIlJ/YOAZ3MP
R2gON8ypy9hFt38Wv0UOVIf1ndiABYi8V5jsWrQA/zHlwSbFgOM9idiywhA63aRx
4mj04dO8Hr33BIbUH7OPXRrlR9EwkN12cFiOb5zw6YiNgh80Qh9pfZ3JXox0kE95
0WIjK6rdj0UohoMxn6UHhJ07la2+7isDMIBsthYDA05OxwmuWQpu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org