Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lQJTXu1qGx1deNHGon0Bb5J-wFI.roa
File: lQJTXu1qGx1deNHGon0Bb5J-wFI.roa (raw, json)
Hash identifier: Jy5QgyhctV1DL18OelQQL5FeCc/cgtNdi6d03W/vmHk=
Subject key identifier: 95:02:53:5E:ED:6A:1B:1D:5D:78:D1:C6:A2:7D:01:6F:92:7E:C0:52
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0185700287A315D86D457648391317F3900E
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lQJTXu1qGx1deNHGon0Bb5J-wFI.roa
Signing time: Mon 02 Jan 2023 01:04:51 +0000
ROA not before: Mon 02 Jan 2023 01:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 78.135.100.0/24 maxlen: 24
188.132.130.0/24 maxlen: 24
188.132.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 09:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:87:a3:15:d8:6d:45:76:48:39:13:17:f3:90:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9502535eed6a1b1d5d78d1c6a27d016f927ec052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:ac:8e:eb:66:92:67:24:43:41:4c:ec:69:
dc:36:09:c6:84:7f:2b:b8:26:44:a0:5a:73:40:d0:
00:39:db:20:f9:5c:75:35:4c:90:82:b1:24:8e:c3:
7d:5d:92:20:ce:87:ee:94:72:b9:eb:93:bc:73:d3:
92:49:fa:7b:c5:e3:c6:d1:14:f4:1d:ab:ac:aa:28:
29:5c:c1:fe:3a:3d:5b:db:d5:a4:63:79:20:8d:84:
47:c3:18:e8:2a:d5:ec:9b:c8:4e:a9:51:5e:e9:a8:
8e:3c:d2:e9:ac:22:14:f5:68:3c:4d:98:30:3f:ce:
98:41:08:4e:43:de:8d:15:6a:38:2e:7c:9f:ba:6f:
f4:7b:e8:c0:e1:5d:5c:d5:fd:34:0b:11:86:c7:58:
1e:ff:2e:41:cf:3f:95:4b:68:3e:cb:72:d9:50:0b:
06:35:4c:a3:c7:23:20:0d:60:b0:88:ab:bb:a7:fb:
77:8d:7f:3e:ff:6b:dd:78:6c:55:fc:74:53:1f:c6:
f5:24:2b:27:19:a2:cc:1a:c4:09:23:d1:1a:78:cb:
c0:19:0c:e4:33:c7:46:5d:5f:e4:3f:7e:15:9c:b3:
95:29:08:29:08:ca:1f:91:0d:69:1a:c5:04:86:a4:
b0:eb:ee:21:56:fc:53:56:4b:9d:2e:1f:59:40:33:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:02:53:5E:ED:6A:1B:1D:5D:78:D1:C6:A2:7D:01:6F:92:7E:C0:52
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lQJTXu1qGx1deNHGon0Bb5J-wFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.100.0/24
188.132.130.0/24
188.132.202.0/24
Signature Algorithm: sha256WithRSAEncryption
74:83:6b:8e:72:89:ef:ab:5d:95:24:7a:83:35:b9:2a:93:85:
62:fa:c3:03:4e:15:22:a4:db:37:c5:50:ab:83:7c:7e:9b:0a:
4f:52:c3:eb:36:45:94:fc:0f:5e:65:ab:3a:81:68:80:d0:73:
04:c9:04:cf:c8:08:66:e2:4d:d9:20:15:25:3a:28:d0:44:22:
36:e8:fe:cf:3a:0b:bf:14:e0:7c:a6:6f:b9:46:a1:ab:01:25:
25:ac:66:e7:88:43:ca:32:45:15:3e:0a:95:90:bb:d9:fb:4e:
97:be:b0:02:8d:da:19:79:5f:be:ee:ba:c6:fc:bd:c9:8d:5c:
66:e4:d9:cc:38:e0:f1:48:8b:8c:7c:24:35:6e:1a:e2:29:97:
24:d7:4e:bc:d8:22:25:75:68:a2:94:34:00:64:4d:6e:ca:b8:
90:ea:0f:c0:bb:52:93:e8:e9:a8:d7:f8:2e:0f:67:3d:1b:4a:
98:d9:f2:99:a4:65:85:02:a3:83:3c:7f:a3:44:ee:0e:ba:ed:
be:40:3c:7b:7a:a9:bd:43:a8:2f:f1:66:f5:3d:f8:df:63:0a:
a7:95:f8:8b:bc:46:63:d3:cb:3d:17:a5:26:f2:2f:22:1e:50:
7e:9b:b4:80:9e:5a:40:6f:4e:74:6d:9d:b2:15:3c:c2:d8:86:
fe:3f:e5:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwAoejFdhtRXZIORMX85AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTAyNTM1ZWVkNmExYjFkNWQ3OGQxYzZhMjdkMDE2ZjkyN2VjMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomOsjutmkmckQ0FM7GncNgnGhH8r
uCZEoFpzQNAAOdsg+Vx1NUyQgrEkjsN9XZIgzofulHK565O8c9OSSfp7xePG0RT0
HausqigpXMH+Oj1b29WkY3kgjYRHwxjoKtXsm8hOqVFe6aiOPNLprCIU9Wg8TZgw
P86YQQhOQ96NFWo4Lnyfum/0e+jA4V1c1f00CxGGx1ge/y5Bzz+VS2g+y3LZUAsG
NUyjxyMgDWCwiKu7p/t3jX8+/2vdeGxV/HRTH8b1JCsnGaLMGsQJI9EaeMvAGQzk
M8dGXV/kP34VnLOVKQgpCMofkQ1pGsUEhqSw6+4hVvxTVkudLh9ZQDNvnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUCU17tahsdXXjRxqJ9AW+SfsBSMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbFFKVFh1MXFHeDFkZU5IR29uMEJiNUotd0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATodkAwQA
vISCAwQAvITKMA0GCSqGSIb3DQEBCwUAA4IBAQB0g2uOconvq12VJHqDNbkqk4Vi
+sMDThUipNs3xVCrg3x+mwpPUsPrNkWU/A9eZas6gWiA0HMEyQTPyAhm4k3ZIBUl
OijQRCI26P7POgu/FOB8pm+5RqGrASUlrGbniEPKMkUVPgqVkLvZ+06XvrACjdoZ
eV++7rrG/L3JjVxm5NnMOODxSIuMfCQ1bhriKZck10682CIldWiilDQAZE1uyriQ
6g/Au1KT6Omo1/guD2c9G0qY2fKZpGWFAqODPH+jRO4Ouu2+QDx7eqm9Q6gv8Wb1
PfjfYwqnlfiLvEZj08s9F6Um8i8iHlB+m7SAnlpAb050bZ2yFTzC2Ib+P+Wn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org