Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jKSpfdJkC4H_yG56BajS3B2_fgc.roa
File: jKSpfdJkC4H_yG56BajS3B2_fgc.roa (raw, json)
Hash identifier: Rn8ABbx+1DIdjCeKt0EyZZ1jPCbQxGa4Y+GWuSwftEM=
Subject key identifier: 8C:A4:A9:7D:D2:64:0B:81:FF:C8:6E:7A:05:A8:D2:DC:1D:BF:7E:07
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01856F94C9F2AF84C2F48D771E10093EB12B
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jKSpfdJkC4H_yG56BajS3B2_fgc.roa
Signing time: Sun 01 Jan 2023 23:04:59 +0000
ROA not before: Sun 01 Jan 2023 23:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 78.158.166.0/24 maxlen: 24
78.158.178.0/24 maxlen: 24
78.158.177.0/24 maxlen: 24
78.158.173.0/24 maxlen: 24
78.158.184.0/24 maxlen: 24
78.158.182.0/24 maxlen: 24
78.158.183.0/24 maxlen: 24
78.158.190.0/24 maxlen: 24
78.158.189.0/24 maxlen: 24
78.158.187.0/24 maxlen: 24
185.190.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 15 Jan 2023 09:47:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c9:f2:af:84:c2:f4:8d:77:1e:10:09:3e:b1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 23:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ca4a97dd2640b81ffc86e7a05a8d2dc1dbf7e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e8:0e:45:5c:5a:f4:76:0b:9f:99:89:37:83:
30:d6:14:df:c3:13:df:f3:99:f7:b3:67:78:34:7a:
75:d0:b1:b6:55:86:03:6a:ff:d7:9b:08:d2:f7:d1:
2f:9b:0e:f8:59:87:42:9b:7f:88:e1:52:3d:5c:b8:
38:48:34:79:f3:5f:d7:48:8c:ea:b1:fb:9f:2b:b8:
a5:5c:21:9a:5a:2c:1b:02:1d:bd:9e:31:b4:f7:a7:
be:00:07:50:5a:76:9d:7d:e1:f9:fc:ae:a9:23:3f:
74:d6:48:31:6f:98:41:2c:ce:fd:a2:37:a3:d7:dd:
09:29:75:e3:78:fc:84:60:09:fb:4c:fb:70:f3:03:
42:3a:aa:c3:c1:ae:dc:93:07:e6:b9:46:c8:1b:84:
f1:89:87:3a:0c:b7:9f:00:9f:7d:9d:08:e6:b6:6f:
d1:03:df:3e:8e:5d:00:dc:2e:5d:18:9b:d4:0f:bd:
c3:29:c3:27:10:9d:76:13:fd:8a:07:fc:73:4c:e1:
c2:30:5a:45:2e:38:38:24:56:22:20:1b:c6:e0:df:
8b:5f:b1:f0:9b:57:19:1c:23:a1:61:e5:27:e8:e6:
2c:30:24:d3:83:f2:df:97:a9:92:66:72:43:c5:6d:
80:bf:71:41:26:69:87:5d:7d:f5:72:e9:6f:90:79:
44:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A4:A9:7D:D2:64:0B:81:FF:C8:6E:7A:05:A8:D2:DC:1D:BF:7E:07
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jKSpfdJkC4H_yG56BajS3B2_fgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.166.0/24
78.158.173.0/24
78.158.177.0-78.158.178.255
78.158.182.0-78.158.184.255
78.158.187.0/24
78.158.189.0-78.158.190.255
185.190.20.0/22
Signature Algorithm: sha256WithRSAEncryption
63:d6:07:06:d6:78:01:7b:78:7d:d1:e8:96:bd:fa:41:1d:1d:
53:76:09:68:16:60:73:2a:5f:0b:b2:a3:94:8d:9a:b2:b0:08:
41:c2:af:21:21:81:fb:7e:57:1e:00:c0:30:d4:da:1b:53:93:
29:eb:c5:69:c6:67:42:27:9f:47:98:0e:7a:e7:e0:54:d6:e0:
ee:a6:db:9f:19:22:14:16:7a:f2:bb:a4:0a:0f:86:43:4d:5a:
42:38:c6:b5:57:15:d2:6b:e1:42:f2:72:db:3a:18:02:2d:b3:
21:3f:48:2d:94:c2:22:b6:a7:49:e1:3a:32:7a:4c:f4:35:bb:
a0:51:13:e1:62:a3:db:da:a1:67:bb:e6:c7:d0:6f:f5:f2:b4:
3f:60:08:2f:51:d2:be:46:b9:2b:64:8d:89:c6:85:b5:aa:fb:
71:be:78:c3:ac:f1:0d:9e:66:a9:0d:18:e5:e0:10:dc:c8:4a:
ad:88:0c:0b:43:4a:db:19:10:f2:d8:18:91:b6:fb:4e:81:df:
bb:a3:3d:71:55:45:ad:0f:64:99:4f:a3:4e:8a:47:ab:ba:74:
4d:af:36:e7:b5:a1:ff:f8:85:3c:b9:af:39:db:bc:37:89:a0:
79:dd:bc:4a:a1:ed:6f:6e:0e:cc:be:64:47:4b:49:45:08:db:
83:89:a8:d2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVvlMnyr4TC9I13HhAJPrErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMTAxMjMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E0YTk3ZGQyNjQwYjgxZmZjODZlN2EwNWE4ZDJkYzFkYmY3ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOgORVxa9HYLn5mJN4Mw1hTfwxPf
85n3s2d4NHp10LG2VYYDav/XmwjS99Evmw74WYdCm3+I4VI9XLg4SDR581/XSIzq
sfufK7ilXCGaWiwbAh29njG096e+AAdQWnadfeH5/K6pIz901kgxb5hBLM79ojej
190JKXXjePyEYAn7TPtw8wNCOqrDwa7ckwfmuUbIG4TxiYc6DLefAJ99nQjmtm/R
A98+jl0A3C5dGJvUD73DKcMnEJ12E/2KB/xzTOHCMFpFLjg4JFYiIBvG4N+LX7Hw
m1cZHCOhYeUn6OYsMCTTg/Lfl6mSZnJDxW2Av3FBJmmHXX31culvkHlEjwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIykqX3SZAuB/8huegWo0twdv34HMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvaktTcGZkSmtDNEhfeUc1NkJhalMzQjJfZmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQATp6mAwQA
Tp6tMAwDBABOnrEDBABOnrIwDAMEAU6etgMEAE6euAMEAE6euzAMAwQATp69AwQA
Tp6+AwQCub4UMA0GCSqGSIb3DQEBCwUAA4IBAQBj1gcG1ngBe3h90eiWvfpBHR1T
dgloFmBzKl8LsqOUjZqysAhBwq8hIYH7flceAMAw1NobU5Mp68VpxmdCJ59HmA56
5+BU1uDuptufGSIUFnryu6QKD4ZDTVpCOMa1VxXSa+FC8nLbOhgCLbMhP0gtlMIi
tqdJ4Toyekz0NbugURPhYqPb2qFnu+bH0G/18rQ/YAgvUdK+RrkrZI2JxoW1qvtx
vnjDrPENnmapDRjl4BDcyEqtiAwLQ0rbGRDy2BiRtvtOgd+7oz1xVUWtD2SZT6NO
ikerunRNrzbntaH/+IU8ua8527w3iaB53bxKoe1vbg7MvmRHS0lFCNuDiajS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org