Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/SMhz_HimlIkE1HMSqLlVOsu3fbg.roa
File: SMhz_HimlIkE1HMSqLlVOsu3fbg.roa (raw, json)
Hash identifier: XAjOMbxayt3iFN8rxkYTEXVgCyR+HQXKqqXO2mCxNww=
Subject key identifier: 48:C8:73:FC:78:A6:94:89:04:D4:73:12:A8:B9:55:3A:CB:B7:7D:B8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0187836316EE6F8A0605F051AC484227E77B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/SMhz_HimlIkE1HMSqLlVOsu3fbg.roa
Signing time: Sat 15 Apr 2023 05:28:41 +0000
ROA not before: Sat 15 Apr 2023 05:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203576
IP address blocks: 78.135.110.0/24 maxlen: 24
188.132.196.0/24 maxlen: 24
78.135.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:83:63:16:ee:6f:8a:06:05:f0:51:ac:48:42:27:e7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 15 05:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48c873fc78a6948904d47312a8b9553acbb77db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9b:f8:d2:53:26:e5:6e:6d:f2:e1:81:f7:15:
b6:6d:1d:81:00:1e:c5:0d:d5:76:b9:b2:cc:7c:e4:
2b:2f:42:7f:b2:54:9f:a8:97:b9:8c:fe:73:02:c7:
bd:0f:16:cf:a1:da:61:d2:27:f9:01:9b:8f:cf:7b:
cb:b3:e1:2d:8e:ef:4e:4b:71:f4:97:e3:2f:e5:b7:
37:7a:e9:21:59:53:ee:d8:1b:d2:ac:3c:36:5e:48:
0c:6e:53:fc:96:51:61:f6:c4:4f:dd:7e:53:05:7d:
43:bc:69:24:2d:c5:8f:66:ba:d5:c0:3d:c8:31:f6:
c9:5c:77:7f:e5:27:d6:5f:7f:9c:44:49:e7:97:20:
ce:b7:26:15:cb:77:42:81:40:96:dd:1c:be:32:34:
82:3c:6c:96:61:2f:69:50:f4:b0:17:9a:2d:7f:cf:
42:3d:c2:86:dc:56:70:a8:be:95:60:6e:6b:c2:ec:
aa:00:84:e3:c5:0f:d9:32:38:01:6f:8a:c9:5a:48:
7a:22:c1:a9:39:e9:57:67:f1:94:2e:6a:15:4f:85:
33:60:14:34:aa:73:c5:9e:95:4b:af:31:93:02:8a:
a2:ee:6d:6f:13:0e:47:21:e4:9e:40:3a:2c:9f:8a:
99:df:bb:62:83:dc:41:38:bf:92:19:f9:f3:1a:8a:
a9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:73:FC:78:A6:94:89:04:D4:73:12:A8:B9:55:3A:CB:B7:7D:B8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/SMhz_HimlIkE1HMSqLlVOsu3fbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.89.0/24
78.135.110.0/24
188.132.196.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f5:e0:5b:62:4e:20:fd:c4:c7:39:e5:fd:c3:3f:fa:54:bd:
97:e4:72:e1:1f:f7:4c:50:c9:c1:a5:ec:20:e8:2d:f3:84:1d:
b9:2d:ea:0f:07:55:c6:70:0b:ed:37:bb:41:8d:ae:da:33:f0:
71:e0:9e:d1:93:9d:7b:b5:b1:46:0d:f9:8b:c9:f0:35:88:58:
0d:6d:f7:cf:4a:96:fd:eb:1e:38:11:ca:03:77:f9:4a:74:12:
e4:f1:db:6f:a3:12:91:28:58:b9:1b:a8:fb:14:00:ed:37:5e:
d7:c4:75:8e:da:6d:79:4e:28:a3:c3:1c:eb:08:b4:07:e9:bc:
6c:a4:69:39:31:54:ba:d2:ee:1b:03:81:ca:d9:40:5d:96:a1:
ec:2f:e5:f1:f4:05:16:ad:83:87:98:8c:c0:e5:2d:d0:b3:3c:
08:90:fd:ab:79:ed:ba:9a:81:7c:f2:95:da:7a:85:af:df:50:
3b:77:3f:2f:29:43:70:9e:83:20:5c:50:5c:98:a5:bf:83:48:
04:c4:4c:92:c9:b8:ac:ce:d8:8d:07:1d:95:5f:78:f4:5c:e6:
21:04:da:f1:eb:58:ad:04:f3:d7:8f:48:4a:ae:cd:c2:f7:60:
56:a1:49:c6:75:db:8f:62:67:c2:1f:ba:60:fe:43:5b:28:7f:
fb:e4:55:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeDYxbub4oGBfBRrEhCJ+d7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNDE1MDUyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM4NzNmYzc4YTY5NDg5MDRkNDczMTJhOGI5NTUzYWNiYjc3ZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJv40lMm5W5t8uGB9xW2bR2BAB7F
DdV2ubLMfOQrL0J/slSfqJe5jP5zAse9DxbPodph0if5AZuPz3vLs+Etju9OS3H0
l+Mv5bc3eukhWVPu2BvSrDw2XkgMblP8llFh9sRP3X5TBX1DvGkkLcWPZrrVwD3I
MfbJXHd/5SfWX3+cREnnlyDOtyYVy3dCgUCW3Ry+MjSCPGyWYS9pUPSwF5otf89C
PcKG3FZwqL6VYG5rwuyqAITjxQ/ZMjgBb4rJWkh6IsGpOelXZ/GULmoVT4UzYBQ0
qnPFnpVLrzGTAoqi7m1vEw5HIeSeQDosn4qZ37tig9xBOL+SGfnzGoqpcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEjIc/x4ppSJBNRzEqi5VTrLt324MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvU01oel9IaW1sSWtFMUhNU3FMbFZPc3UzZmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATodZAwQA
ToduAwQAvITEMA0GCSqGSIb3DQEBCwUAA4IBAQAA9eBbYk4g/cTHOeX9wz/6VL2X
5HLhH/dMUMnBpewg6C3zhB25LeoPB1XGcAvtN7tBja7aM/Bx4J7Rk517tbFGDfmL
yfA1iFgNbffPSpb96x44EcoDd/lKdBLk8dtvoxKRKFi5G6j7FADtN17XxHWO2m15
TiijwxzrCLQH6bxspGk5MVS60u4bA4HK2UBdlqHsL+Xx9AUWrYOHmIzA5S3QszwI
kP2ree26moF88pXaeoWv31A7dz8vKUNwnoMgXFBcmKW/g0gExEySybisztiNBx2V
X3j0XOYhBNrx61itBPPXj0hKrs3C92BWoUnGdduPYmfCH7pg/kNbKH/75FUM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org