Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/O-jpbsIJ49KrVZIac2W7gQtrBRw.roa
File: O-jpbsIJ49KrVZIac2W7gQtrBRw.roa (raw, json)
Hash identifier: gP7RCFxieKWoR4XHLMzWMW4T/+nP4NbBZ5RFpL3IPzE=
Subject key identifier: 3B:E8:E9:6E:C2:09:E3:D2:AB:55:92:1A:73:65:BB:81:0B:6B:05:1C
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 01856F14EA38F678CE5EACFBD76EC07FADB4
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/O-jpbsIJ49KrVZIac2W7gQtrBRw.roa
Signing time: Sun 01 Jan 2023 20:45:19 +0000
ROA not before: Sun 01 Jan 2023 20:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60528
IP address blocks: 78.131.156.0/23 maxlen: 23
88.199.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ea:38:f6:78:ce:5e:ac:fb:d7:6e:c0:7f:ad:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 20:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be8e96ec209e3d2ab55921a7365bb810b6b051c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:87:66:c2:1b:aa:56:30:0e:34:f3:2c:6a:91:
67:47:ce:aa:db:dd:6c:73:ec:d9:0f:01:0e:19:d4:
ea:79:53:14:4f:17:07:c9:47:90:ea:c4:7d:e3:8a:
26:54:4e:73:f9:5d:dd:ee:e9:61:f8:ca:2f:57:1e:
88:af:10:e6:f6:2b:24:ef:f9:35:31:72:27:8d:68:
1f:e5:53:c2:7d:dd:54:43:6b:e7:2b:f8:fd:a8:99:
5e:44:4b:30:72:f2:b4:93:7f:4c:bd:c5:94:f2:7f:
a4:b0:17:d2:af:d1:bd:01:31:16:c3:ae:e0:ce:7b:
99:11:a2:a8:8b:a1:44:68:86:e0:40:6b:68:86:c6:
27:1c:9a:f0:bc:83:0c:62:cd:3e:15:f1:1b:46:a1:
9b:70:f1:69:97:ec:3d:34:a5:e5:39:d4:1f:f3:b7:
58:43:cb:02:ba:72:c8:97:aa:64:12:1d:d9:d5:99:
6b:83:5f:9c:c1:91:19:ca:23:22:c4:aa:bd:c5:ee:
74:53:85:99:f7:78:1f:12:bc:63:72:fb:71:2b:b3:
cb:d1:9d:d6:29:ee:ef:13:ef:ad:6d:4d:f9:78:e8:
6f:8d:ab:46:14:e8:0c:a3:ff:1d:83:6d:38:59:6b:
2f:f0:65:32:07:3c:52:4a:63:4a:03:d7:2c:c1:23:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E8:E9:6E:C2:09:E3:D2:AB:55:92:1A:73:65:BB:81:0B:6B:05:1C
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/O-jpbsIJ49KrVZIac2W7gQtrBRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.131.156.0/23
88.199.83.0/24
Signature Algorithm: sha256WithRSAEncryption
47:20:1c:3e:77:c8:42:d5:34:4b:67:c3:bc:46:49:88:d8:a9:
9d:84:b1:4d:c3:1e:96:5c:34:32:83:1e:c8:32:8a:ac:aa:69:
fe:86:7e:07:8b:75:2d:78:25:12:6a:ff:a9:21:80:fb:80:cb:
a9:3c:8a:97:c8:13:14:fe:32:77:d6:24:a4:e0:77:57:2b:53:
d4:82:1f:da:2c:f1:64:1a:d8:3a:e3:f0:b6:3b:83:20:fb:71:
9a:a7:9e:c8:4c:50:8c:50:ea:b6:bb:46:d8:32:f4:9a:63:04:
a5:e0:8d:7e:07:b2:9b:19:51:26:c8:03:c1:6e:7d:9c:2a:c2:
3d:1f:db:74:32:2b:35:b4:2e:1e:02:e8:d4:f7:2a:e0:7f:14:
96:58:03:fb:17:b2:56:e8:fb:f6:d5:49:ef:34:e2:31:2a:cd:
95:52:1d:bc:c9:73:af:1b:a2:82:fa:13:39:ba:f3:d0:5e:de:
87:c1:0c:b5:5d:d9:ea:e3:f1:72:a4:42:1e:d1:ef:70:c2:18:
cc:8b:45:49:1c:90:17:f1:ac:cd:78:f2:7a:be:a7:7f:de:48:
1c:f1:96:9c:c0:bd:7d:62:e9:04:30:19:86:1d:fe:06:e6:3e:
95:27:9c:35:f0:eb:35:f1:06:59:e9:ad:82:24:b6:dd:cf:0f:
bd:dc:13:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFOo49njOXqz7127Af620MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjMwMTAxMjA0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU4ZTk2ZWMyMDllM2QyYWI1NTkyMWE3MzY1YmI4MTBiNmIwNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYdmwhuqVjAONPMsapFnR86q291s
c+zZDwEOGdTqeVMUTxcHyUeQ6sR944omVE5z+V3d7ulh+MovVx6IrxDm9isk7/k1
MXInjWgf5VPCfd1UQ2vnK/j9qJleREswcvK0k39MvcWU8n+ksBfSr9G9ATEWw67g
znuZEaKoi6FEaIbgQGtohsYnHJrwvIMMYs0+FfEbRqGbcPFpl+w9NKXlOdQf87dY
Q8sCunLIl6pkEh3Z1Zlrg1+cwZEZyiMixKq9xe50U4WZ93gfErxjcvtxK7PL0Z3W
Ke7vE++tbU35eOhvjatGFOgMo/8dg204WWsv8GUyBzxSSmNKA9cswSOBmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvo6W7CCePSq1WSGnNlu4ELawUcMB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvTy1qcGJzSUo0OUtyVlpJYWMyVzdnUXRyQlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBToOcAwQA
WMdTMA0GCSqGSIb3DQEBCwUAA4IBAQBHIBw+d8hC1TRLZ8O8RkmI2KmdhLFNwx6W
XDQygx7IMoqsqmn+hn4Hi3UteCUSav+pIYD7gMupPIqXyBMU/jJ31iSk4HdXK1PU
gh/aLPFkGtg64/C2O4Mg+3Gap57ITFCMUOq2u0bYMvSaYwSl4I1+B7KbGVEmyAPB
bn2cKsI9H9t0Mis1tC4eAujU9yrgfxSWWAP7F7JW6Pv21UnvNOIxKs2VUh28yXOv
G6KC+hM5uvPQXt6HwQy1Xdnq4/FypEIe0e9wwhjMi0VJHJAX8azNePJ6vqd/3kgc
8ZacwL19YukEMBmGHf4G5j6VJ5w18Os18QZZ6a2CJLbdzw+93BNy
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:21 2024 by rpki-client on console-fra.rpki-client.org