Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KuBsEFgf0z-EuUcA2IQKvqCdXeg.roa
File: KuBsEFgf0z-EuUcA2IQKvqCdXeg.roa (raw, json)
Hash identifier: cZjvzyd/+OM7UnGvrkXELBtjMmE6uqn89cX+bplo+6k=
Subject key identifier: 2A:E0:6C:10:58:1F:D3:3F:84:B9:47:00:D8:84:0A:BE:A0:9D:5D:E8
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0185B4D669DDE7C987D0CFF683595A39574E
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KuBsEFgf0z-EuUcA2IQKvqCdXeg.roa
Signing time: Sun 15 Jan 2023 09:50:28 +0000
ROA not before: Sun 15 Jan 2023 09:50:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 78.158.166.0/24 maxlen: 24
78.158.178.0/24 maxlen: 24
78.158.177.0/24 maxlen: 24
78.158.173.0/24 maxlen: 24
78.158.184.0/24 maxlen: 24
78.158.190.0/24 maxlen: 24
78.158.189.0/24 maxlen: 24
78.158.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 08:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b4:d6:69:dd:e7:c9:87:d0:cf:f6:83:59:5a:39:57:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 15 09:50:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae06c10581fd33f84b94700d8840abea09d5de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8d:00:77:11:fe:58:1e:f1:0d:f7:ab:8e:c4:
a6:72:6d:62:3f:1c:ea:fc:a7:5d:5a:ce:95:ef:74:
59:25:f9:c8:29:0e:23:2e:17:c6:f4:be:bb:87:a6:
3c:55:c1:57:a7:18:9d:2e:75:0d:f2:2a:1c:78:e4:
2c:31:0c:94:53:30:36:6d:c9:94:72:e2:13:10:6b:
8c:69:61:04:bb:84:bb:f8:22:23:e3:93:41:8b:b4:
a4:65:b2:1c:f9:2e:29:e5:d3:7b:c2:b0:7f:7c:51:
98:2f:75:a0:a8:7c:7a:e0:f3:72:7c:1a:44:53:d8:
e4:77:03:d9:83:c9:e5:74:2b:2b:b1:29:93:b3:78:
45:f5:23:49:cf:62:35:f4:13:a4:7c:30:0c:92:8e:
7b:b3:dc:91:55:05:92:e6:07:1b:49:59:98:f3:a5:
b8:28:69:b6:b5:7e:e7:97:c5:35:99:42:91:48:e0:
83:93:ad:4b:34:1b:ec:7b:74:9a:8b:47:6d:c7:c5:
94:70:a2:fa:93:82:3c:51:31:2a:ca:82:17:85:a6:
af:e7:f6:fc:2a:94:88:18:68:f9:6e:ac:2a:e5:7c:
e6:ec:43:5b:13:bf:43:f2:2e:16:5e:bb:41:97:c4:
13:bd:fd:3f:62:06:ca:70:c7:25:82:cb:a5:a4:e5:
43:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E0:6C:10:58:1F:D3:3F:84:B9:47:00:D8:84:0A:BE:A0:9D:5D:E8
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KuBsEFgf0z-EuUcA2IQKvqCdXeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.166.0/24
78.158.173.0/24
78.158.177.0-78.158.178.255
78.158.184.0/24
78.158.187.0/24
78.158.189.0-78.158.190.255
Signature Algorithm: sha256WithRSAEncryption
42:1d:93:0f:29:a6:7a:fd:d7:d1:c0:a8:01:b5:c1:77:e8:86:
25:a8:7c:8c:84:28:95:a9:9e:82:14:f3:cb:84:23:ab:28:c4:
6a:bd:c1:b6:51:64:51:be:08:36:b6:f5:61:a8:57:fb:cd:bb:
30:2e:4b:b4:2a:4a:a9:8a:2f:dc:f1:ee:30:64:86:36:bc:b8:
0e:4d:d4:2f:a2:c6:b0:a1:39:7d:7d:bd:23:12:43:52:77:eb:
7a:b4:b7:25:15:c0:1c:f9:ec:02:a8:47:a7:42:c5:5a:3a:58:
ac:5c:f7:28:a7:5b:59:9d:9a:8b:91:a9:e8:45:be:51:94:e1:
e7:b2:9d:63:e2:1a:e6:e0:3e:1c:41:58:35:f8:b9:5b:a0:03:
a7:59:75:d6:35:10:bb:94:82:49:66:20:b9:67:33:36:1e:10:
19:5f:f6:68:53:7d:26:52:12:8a:7b:f4:2c:4b:7b:cb:a2:68:
c1:75:ca:1f:eb:5e:94:05:99:53:af:76:39:d3:5a:2a:54:23:
d2:a5:5f:8f:dd:1f:89:21:4b:2a:e2:51:09:90:21:6d:9e:38:
bf:63:36:76:e4:14:8d:ef:33:c8:77:81:84:aa:ea:8f:16:57:
f0:62:51:c8:a3:1e:30:75:48:a4:38:cc:5c:c3:7c:a2:57:d6:
34:55:1d:be
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYW01mnd58mH0M/2g1laOVdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMTE1MDk1MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWUwNmMxMDU4MWZkMzNmODRiOTQ3MDBkODg0MGFiZWEwOWQ1ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI0AdxH+WB7xDferjsSmcm1iPxzq
/KddWs6V73RZJfnIKQ4jLhfG9L67h6Y8VcFXpxidLnUN8ioceOQsMQyUUzA2bcmU
cuITEGuMaWEEu4S7+CIj45NBi7SkZbIc+S4p5dN7wrB/fFGYL3WgqHx64PNyfBpE
U9jkdwPZg8nldCsrsSmTs3hF9SNJz2I19BOkfDAMko57s9yRVQWS5gcbSVmY86W4
KGm2tX7nl8U1mUKRSOCDk61LNBvse3Sai0dtx8WUcKL6k4I8UTEqyoIXhaav5/b8
KpSIGGj5bqwq5Xzm7ENbE79D8i4WXrtBl8QTvf0/YgbKcMclgsulpOVDmQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCrgbBBYH9M/hLlHANiECr6gnV3oMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvS3VCc0VGZ2Ywei1FdVVjQTJJUUt2cUNkWGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQATp6mAwQA
Tp6tMAwDBABOnrEDBABOnrIDBABOnrgDBABOnrswDAMEAE6evQMEAE6evjANBgkq
hkiG9w0BAQsFAAOCAQEAQh2TDymmev3X0cCoAbXBd+iGJah8jIQolameghTzy4Qj
qyjEar3BtlFkUb4INrb1YahX+827MC5LtCpKqYov3PHuMGSGNry4Dk3UL6LGsKE5
fX29IxJDUnfrerS3JRXAHPnsAqhHp0LFWjpYrFz3KKdbWZ2ai5Gp6EW+UZTh57Kd
Y+Ia5uA+HEFYNfi5W6ADp1l11jUQu5SCSWYguWczNh4QGV/2aFN9JlISinv0LEt7
y6JowXXKH+telAWZU692OdNaKlQj0qVfj90fiSFLKuJRCZAhbZ44v2M2duQUje8z
yHeBhKrqjxZX8GJRyKMeMHVIpDjMXMN8olfWNFUdvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org