Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/48aeaf-9545-4d4b-9cda-9d0743370495/1/jbXtF6w7H2xdPrg9vpUNWg9R_rs.roa
File: jbXtF6w7H2xdPrg9vpUNWg9R_rs.roa (raw, json)
Hash identifier: gU5o5FiMZJba0XhofC71tDO9G2W9ky8hRujilrJTf2k=
Subject key identifier: 8D:B5:ED:17:AC:3B:1F:6C:5D:3E:B8:3D:BE:95:0D:5A:0F:51:FE:BB
Certificate issuer: /CN=f7a8b70aa10069b5515a9cb3c149b885b7a12834
Certificate serial: 01856CAF08766BE66180C4807B3E05A245BA
Authority key identifier: F7:A8:B7:0A:A1:00:69:B5:51:5A:9C:B3:C1:49:B8:85:B7:A1:28:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96i3CqEAabVRWpyzwUm4hbehKDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/48aeaf-9545-4d4b-9cda-9d0743370495/1/jbXtF6w7H2xdPrg9vpUNWg9R_rs.roa
Signing time: Sun 01 Jan 2023 09:34:48 +0000
ROA not before: Sun 01 Jan 2023 09:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211956
IP address blocks: 78.40.22.0/24 maxlen: 24
78.40.23.0/24 maxlen: 24
2a07:4247:3000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:08:76:6b:e6:61:80:c4:80:7b:3e:05:a2:45:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7a8b70aa10069b5515a9cb3c149b885b7a12834
Validity
Not Before: Jan 1 09:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8db5ed17ac3b1f6c5d3eb83dbe950d5a0f51febb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a9:28:e7:61:ba:23:a3:fa:d2:97:56:5a:63:
cd:ef:df:91:6e:a8:9f:16:6b:26:34:8d:bf:3b:89:
89:23:d0:2b:06:19:66:97:65:6f:59:d1:9d:a3:81:
7e:f9:a3:7a:35:89:bf:25:5b:15:00:87:2a:86:d3:
dd:a5:df:6c:47:b5:1b:43:73:6c:77:aa:61:46:cf:
26:1d:d3:0d:70:1b:b2:06:2c:f4:6f:58:9a:30:a0:
04:1c:55:cd:78:de:5b:a3:f0:20:ba:f6:3d:95:bd:
b6:86:27:ed:61:c3:46:29:1f:3f:92:7d:43:1e:f3:
36:2c:ef:8a:04:ac:f4:15:be:f6:03:03:69:ff:8b:
d9:58:2b:dd:cb:2e:95:1c:d4:ec:ab:4d:03:80:6f:
8a:f6:23:69:2e:49:ee:ae:e3:bf:b5:b2:fc:3f:12:
b4:e4:4c:54:1c:9d:fa:e1:82:5d:34:33:21:49:da:
85:df:22:43:70:a0:f6:4e:75:9f:f9:72:aa:d5:21:
a2:a9:21:3f:36:27:d5:b6:c9:bd:6b:e8:8b:b4:50:
8e:62:5e:e6:8c:ab:ba:e8:e0:07:c9:98:44:93:28:
6c:88:c3:4f:c0:83:d7:bf:31:33:ca:e1:8e:11:67:
fb:99:a8:aa:1f:14:6d:9c:39:ea:44:9f:73:8f:ad:
fc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B5:ED:17:AC:3B:1F:6C:5D:3E:B8:3D:BE:95:0D:5A:0F:51:FE:BB
X509v3 Authority Key Identifier:
keyid:F7:A8:B7:0A:A1:00:69:B5:51:5A:9C:B3:C1:49:B8:85:B7:A1:28:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96i3CqEAabVRWpyzwUm4hbehKDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48aeaf-9545-4d4b-9cda-9d0743370495/1/jbXtF6w7H2xdPrg9vpUNWg9R_rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48aeaf-9545-4d4b-9cda-9d0743370495/1/96i3CqEAabVRWpyzwUm4hbehKDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.22.0/23
IPv6:
2a07:4247:3000::/36
Signature Algorithm: sha256WithRSAEncryption
43:49:c6:a4:f4:e2:50:c8:ef:20:af:93:b5:99:f2:ab:2c:df:
ab:ac:d9:e3:1d:95:a8:dc:1b:fc:18:06:78:89:b3:7f:00:ed:
75:52:37:d9:44:57:c7:40:fa:05:29:5d:fe:55:02:42:4e:8d:
cf:2b:0f:36:52:56:4a:9b:bd:92:7a:2b:25:e0:0d:38:49:fd:
32:59:9a:37:af:1c:5b:d8:6c:7e:43:25:ab:54:b8:06:87:03:
b2:ad:de:4b:b1:c7:7e:3d:b5:13:dd:72:0e:34:c4:03:15:13:
75:86:c7:a3:fc:41:85:3a:30:42:83:6b:44:eb:16:4c:10:29:
82:40:31:9b:fd:fe:49:a8:98:e3:01:9a:4f:2f:95:4a:09:b9:
4a:79:51:a3:d0:64:b7:35:4d:65:e0:29:0e:b8:2e:2e:0a:64:
5c:79:f9:85:ec:c6:63:f8:47:75:5a:e0:00:f7:c3:b8:7e:63:
21:c8:b6:8b:a1:d1:cb:e1:28:55:b7:e1:d0:ce:68:36:04:59:
66:6e:6b:5b:44:8e:c6:c2:75:f0:63:1b:bb:0d:64:13:84:f9:
b7:6f:e5:de:37:aa:34:97:76:c9:51:a5:88:c9:f3:7a:a0:34:
5d:8c:48:4f:22:18:cb:25:af:19:9f:2f:a1:be:d2:ab:7d:62:
fb:95:22:c2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsrwh2a+ZhgMSAez4FokW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YThiNzBhYTEwMDY5YjU1MTVhOWNiM2MxNDliODg1Yjdh
MTI4MzQwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGI1ZWQxN2FjM2IxZjZjNWQzZWI4M2RiZTk1MGQ1YTBmNTFmZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKko52G6I6P60pdWWmPN79+Rbqif
FmsmNI2/O4mJI9ArBhlml2VvWdGdo4F++aN6NYm/JVsVAIcqhtPdpd9sR7UbQ3Ns
d6phRs8mHdMNcBuyBiz0b1iaMKAEHFXNeN5bo/AguvY9lb22hiftYcNGKR8/kn1D
HvM2LO+KBKz0Fb72AwNp/4vZWCvdyy6VHNTsq00DgG+K9iNpLknuruO/tbL8PxK0
5ExUHJ364YJdNDMhSdqF3yJDcKD2TnWf+XKq1SGiqSE/NifVtsm9a+iLtFCOYl7m
jKu66OAHyZhEkyhsiMNPwIPXvzEzyuGOEWf7maiqHxRtnDnqRJ9zj6389QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFI217ResOx9sXT64Pb6VDVoPUf67MB8GA1UdIwQY
MBaAFPeotwqhAGm1UVqcs8FJuIW3oSg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZpM0NxRUFhYlZSV3B5endVbTRoYmVoS0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80OGFlYWYtOTU0NS00ZDRiLTljZGEt
OWQwNzQzMzcwNDk1LzEvamJYdEY2dzdIMnhkUHJnOXZwVU5XZzlSX3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80OGFlYWYtOTU0NS00ZDRiLTljZGEtOWQwNzQzMzcwNDk1
LzEvOTZpM0NxRUFhYlZSV3B5endVbTRoYmVoS0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBTigWMA4E
AgACMAgDBgQqB0JHMDANBgkqhkiG9w0BAQsFAAOCAQEAQ0nGpPTiUMjvIK+TtZny
qyzfq6zZ4x2VqNwb/BgGeImzfwDtdVI32URXx0D6BSld/lUCQk6NzysPNlJWSpu9
knorJeANOEn9MlmaN68cW9hsfkMlq1S4BocDsq3eS7HHfj21E91yDjTEAxUTdYbH
o/xBhTowQoNrROsWTBApgkAxm/3+SaiY4wGaTy+VSgm5SnlRo9BktzVNZeApDrgu
LgpkXHn5hezGY/hHdVrgAPfDuH5jIci2i6HRy+EoVbfh0M5oNgRZZm5rW0SOxsJ1
8GMbuw1kE4T5t2/l3jeqNJd2yVGliMnzeqA0XYxITyIYyyWvGZ8vob7Sq31i+5Ui
wg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:16 2024 by rpki-client on console-ams.rpki-client.org