Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/v7oOBoSzGi522g75ZK65ZxR2w7g.roa
File: v7oOBoSzGi522g75ZK65ZxR2w7g.roa (raw, json)
Hash identifier: xc+Mry1kMZU6ua95IDzOI9EILhPzIKY9c7O43DiRqhA=
Subject key identifier: BF:BA:0E:06:84:B3:1A:2E:76:DA:0E:F9:64:AE:B9:67:14:76:C3:B8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018747C1C75F9534EF5474F9B7B35361D528
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/v7oOBoSzGi522g75ZK65ZxR2w7g.roa
Signing time: Mon 03 Apr 2023 15:34:54 +0000
ROA not before: Mon 03 Apr 2023 15:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.104.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
188.132.167.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 12:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:c1:c7:5f:95:34:ef:54:74:f9:b7:b3:53:61:d5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 3 15:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfba0e0684b31a2e76da0ef964aeb9671476c3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:51:f3:46:2c:6e:75:e3:36:af:ee:b7:aa:82:
9c:0a:66:d2:52:30:ab:ca:2d:6b:c8:79:f2:ce:0b:
11:57:7d:38:a6:7d:de:66:90:1d:93:d3:7c:56:b9:
79:d3:49:63:a6:ca:0d:c3:a4:60:5f:61:c4:f5:9e:
55:71:84:7e:d9:f9:48:ec:2d:a4:59:0b:9b:5b:42:
c1:d4:f9:d8:a1:b3:fa:8a:bb:7d:79:64:ef:25:3a:
84:d3:48:85:2c:45:33:ee:8b:e9:1e:50:0b:ed:94:
c5:f4:f5:ba:0b:29:ca:d5:2c:ac:f9:e3:e0:6d:20:
86:11:06:1c:e8:d4:61:30:37:0b:b7:d7:1c:ca:57:
54:fd:9a:1c:83:87:7e:66:5c:09:6e:af:87:01:e3:
c4:e3:89:8d:39:b1:8b:3e:42:a3:63:97:3e:a9:68:
51:8e:29:96:60:7c:00:51:83:26:b7:71:76:8f:6f:
17:ff:9a:25:bf:a0:a9:89:8a:73:30:93:0e:ea:dc:
f2:e6:56:9c:3d:af:4b:b7:35:5c:79:40:1b:7c:24:
cb:66:40:b0:d3:b5:a0:7b:ad:a9:37:60:e9:37:ab:
ef:f0:88:9d:a6:95:d9:4c:94:85:41:56:6a:2d:78:
77:09:19:8b:06:45:80:a6:f6:d1:b6:54:31:eb:4c:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BA:0E:06:84:B3:1A:2E:76:DA:0E:F9:64:AE:B9:67:14:76:C3:B8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/v7oOBoSzGi522g75ZK65ZxR2w7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.104.0/24
188.132.167.0/24
188.132.189.0/24
188.132.191.0/24
188.132.193.0/24
188.132.236.0/24
188.132.249.0/24
212.68.35.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
01:cb:79:23:6e:b5:32:11:70:dd:d0:11:3c:ea:f3:06:fb:ac:
a1:95:ad:12:ca:db:8a:b6:7a:29:30:3a:b3:7a:dd:0f:0d:f1:
44:e6:16:8b:c8:e1:45:1b:91:20:b4:ab:fc:ad:1c:d8:e2:8b:
11:a3:a1:b2:08:13:5f:32:85:d9:2d:f8:8e:8f:72:55:0a:cf:
eb:4e:a1:fb:3e:0f:2c:f4:3f:e7:57:50:43:28:13:20:f4:be:
04:a1:2c:ef:9e:71:27:8e:60:6f:c8:f2:51:2a:de:3c:93:a3:
a1:d3:ec:4d:79:0e:f2:08:17:f4:0f:d8:76:7a:be:c5:b9:6e:
2f:71:05:81:8e:d6:be:7d:f4:f0:c7:7e:86:c1:35:51:26:d9:
90:d2:dc:ec:ef:8a:a4:23:bd:b6:d4:10:6b:af:9c:48:0c:15:
7f:70:c5:0a:c3:1f:dd:52:bc:ef:0c:7a:0f:91:8d:1c:31:4f:
db:26:9b:66:af:88:ca:85:54:c2:08:39:ff:4e:85:82:80:e5:
37:8b:e4:6f:3a:9d:54:57:9a:32:a1:6a:7a:af:14:23:4f:2c:
28:21:e7:ff:6f:53:fd:95:7c:ac:dd:d1:95:41:66:0d:47:cd:
d4:83:99:99:bf:2c:5c:2f:8c:e5:c3:b6:ce:8e:6b:64:99:52:
b0:d6:07:5b
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYdHwcdflTTvVHT5t7NTYdUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNDAzMTUzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmJhMGUwNjg0YjMxYTJlNzZkYTBlZjk2NGFlYjk2NzE0NzZjM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1HzRixudeM2r+63qoKcCmbSUjCr
yi1ryHnyzgsRV304pn3eZpAdk9N8Vrl500ljpsoNw6RgX2HE9Z5VcYR+2flI7C2k
WQubW0LB1PnYobP6irt9eWTvJTqE00iFLEUz7ovpHlAL7ZTF9PW6CynK1Sys+ePg
bSCGEQYc6NRhMDcLt9ccyldU/Zocg4d+ZlwJbq+HAePE44mNObGLPkKjY5c+qWhR
jimWYHwAUYMmt3F2j28X/5olv6CpiYpzMJMO6tzy5lacPa9LtzVceUAbfCTLZkCw
07Wge62pN2DpN6vv8IidppXZTJSFQVZqLXh3CRmLBkWApvbRtlQx60xeyQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFL+6DgaEsxoudtoO+WSuuWcUdsO4MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvdjdvT0JvU3pHaTUyMmc3NVpLNjVaeFIydzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQATodJAwQA
TodoAwQAvISnAwQAvIS9AwQAvIS/AwQAvITBAwQAvITsAwQAvIT5AwQA1EQjMAwD
BADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAAHLeSNutTIRcN3QETzq8wb7
rKGVrRLK24q2eikwOrN63Q8N8UTmFovI4UUbkSC0q/ytHNjiixGjobIIE18yhdkt
+I6PclUKz+tOofs+Dyz0P+dXUEMoEyD0vgShLO+ecSeOYG/I8lEq3jyTo6HT7E15
DvIIF/QP2HZ6vsW5bi9xBYGO1r599PDHfobBNVEm2ZDS3OzviqQjvbbUEGuvnEgM
FX9wxQrDH91SvO8Meg+RjRwxT9smm2aviMqFVMIIOf9OhYKA5TeL5G86nVRXmjKh
anqvFCNPLCgh5/9vU/2VfKzd0ZVBZg1HzdSDmZm/LFwvjOXDts6Oa2SZUrDWB1s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:59 2024 by rpki-client on console-ams.rpki-client.org