Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/DhdHeckNjEyec_WMeuTQFODOlq4.roa
File: DhdHeckNjEyec_WMeuTQFODOlq4.roa (raw, json)
Hash identifier: 5bzl7pzGHylNBeExOXfCyNZYywVcWTsC/z2YFqGWo0w=
Subject key identifier: 0E:17:47:79:C9:0D:8C:4C:9E:73:F5:8C:7A:E4:D0:14:E0:CE:96:AE
Certificate issuer: /CN=849ace066a44ed2f95fe6bc2d0a7da412763bf2a
Certificate serial: 01856F79940DD3E0646D3FC6A3C936DA8A1B
Authority key identifier: 84:9A:CE:06:6A:44:ED:2F:95:FE:6B:C2:D0:A7:DA:41:27:63:BF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJrOBmpE7S-V_mvC0KfaQSdjvyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/DhdHeckNjEyec_WMeuTQFODOlq4.roa
Signing time: Sun 01 Jan 2023 22:35:16 +0000
ROA not before: Sun 01 Jan 2023 22:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43852
IP address blocks: 78.159.161.0/24 maxlen: 24
78.159.162.0/24 maxlen: 24
78.159.164.0/24 maxlen: 24
78.159.160.0/19 maxlen: 19
78.159.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:94:0d:d3:e0:64:6d:3f:c6:a3:c9:36:da:8a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=849ace066a44ed2f95fe6bc2d0a7da412763bf2a
Validity
Not Before: Jan 1 22:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e174779c90d8c4c9e73f58c7ae4d014e0ce96ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:4f:ad:49:6b:f7:95:e0:98:c9:2e:ea:9e:
c0:2e:f1:6c:89:a7:c4:40:e4:3e:f1:f0:48:4d:4d:
a7:26:5f:bf:f5:73:41:13:72:e2:8d:01:97:bc:d7:
5a:77:9d:c0:12:a9:58:39:57:26:f1:b2:53:96:2d:
01:18:f5:53:02:ad:f8:c4:cc:5e:c0:d6:5b:57:6f:
80:5c:5c:b4:17:e8:b9:73:21:05:1c:91:7b:d3:e8:
eb:d5:a7:48:38:fa:9e:f2:e5:c9:e6:c3:bf:5f:41:
b1:94:53:f8:36:6e:9f:16:05:26:5d:a1:c7:3e:bf:
0e:4b:f6:b5:69:75:db:d3:a8:01:62:8e:0e:29:2a:
cf:58:7e:e5:03:cb:ab:46:cc:b6:75:58:be:ee:6c:
88:2d:2b:cf:bd:b3:10:15:07:07:6a:40:2e:1a:10:
71:95:b6:b1:d4:a5:d2:a5:aa:db:fc:d1:9e:88:2b:
0b:d1:02:7e:2d:d7:b6:1a:5d:9d:ab:ff:0c:b1:d3:
d7:07:6e:0f:f9:6d:e2:24:12:ec:31:8c:df:1a:29:
2b:61:31:fb:cf:a9:2e:e8:22:b0:05:7d:92:46:66:
53:77:17:8b:fe:87:b7:9c:d4:b5:ff:42:5e:d6:65:
26:60:9e:6b:b5:39:1c:b4:79:26:13:49:f3:01:38:
8e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:17:47:79:C9:0D:8C:4C:9E:73:F5:8C:7A:E4:D0:14:E0:CE:96:AE
X509v3 Authority Key Identifier:
keyid:84:9A:CE:06:6A:44:ED:2F:95:FE:6B:C2:D0:A7:DA:41:27:63:BF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJrOBmpE7S-V_mvC0KfaQSdjvyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/DhdHeckNjEyec_WMeuTQFODOlq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/hJrOBmpE7S-V_mvC0KfaQSdjvyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:9f:82:93:c6:ae:9f:da:73:45:6c:8d:36:39:95:3f:bb:b3:
ae:94:44:1b:0c:2a:2a:4c:91:14:8f:57:c7:c6:4f:12:f4:12:
0c:e6:9a:0e:64:ef:62:53:05:c3:b9:54:43:3d:a7:e5:32:fe:
0b:67:69:b0:37:da:5a:97:84:21:6f:21:ec:90:04:cf:26:ce:
24:92:38:dd:45:f8:53:a1:94:df:68:74:65:ad:f8:69:78:e4:
6c:41:cb:7f:d8:25:01:a7:1d:02:a5:97:de:e8:d1:3a:76:42:
15:f5:75:89:0e:e8:10:4b:52:41:fd:7e:30:69:cf:82:91:94:
59:97:61:e3:57:4d:4f:50:f3:63:05:87:cf:85:2b:97:9c:d4:
2f:f6:85:e7:97:61:c5:e9:a9:d6:50:a0:b0:85:12:58:f7:19:
14:22:cf:df:42:9c:5f:32:69:59:03:9c:cb:b1:06:16:6a:89:
65:57:4e:9c:c6:2b:9e:51:5e:6c:c0:00:27:ea:79:3e:a0:46:
84:ce:58:f7:7e:52:2f:95:35:9c:f4:70:70:f2:a5:16:25:4f:
c8:62:bf:99:45:79:f4:67:a4:f4:c3:9c:73:29:1b:a5:c4:7d:
f5:d4:6a:9b:fd:b1:89:82:97:65:18:d9:e0:ae:90:52:13:3e:
89:dd:a4:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZQN0+BkbT/Go8k22oobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWFjZTA2NmE0NGVkMmY5NWZlNmJjMmQwYTdkYTQxMjc2
M2JmMmEwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTE3NDc3OWM5MGQ4YzRjOWU3M2Y1OGM3YWU0ZDAxNGUwY2U5NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLVPrUlr95XgmMku6p7ALvFsiafE
QOQ+8fBITU2nJl+/9XNBE3LijQGXvNdad53AEqlYOVcm8bJTli0BGPVTAq34xMxe
wNZbV2+AXFy0F+i5cyEFHJF70+jr1adIOPqe8uXJ5sO/X0GxlFP4Nm6fFgUmXaHH
Pr8OS/a1aXXb06gBYo4OKSrPWH7lA8urRsy2dVi+7myILSvPvbMQFQcHakAuGhBx
lbax1KXSparb/NGeiCsL0QJ+Lde2Gl2dq/8MsdPXB24P+W3iJBLsMYzfGikrYTH7
z6ku6CKwBX2SRmZTdxeL/oe3nNS1/0Je1mUmYJ5rtTkctHkmE0nzATiOeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4XR3nJDYxMnnP1jHrk0BTgzpauMB8GA1UdIwQY
MBaAFISazgZqRO0vlf5rwtCn2kEnY78qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEpyT0JtcEU3Uy1WX212QzBLZmFRU2RqdnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYTU4MTctYmE4NS00MjQ0LWEwNTIt
ZjdjNDY1N2I3YjhkLzEvRGhkSGVja05qRXllY19XTWV1VFFGT0RPbHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYTU4MTctYmE4NS00MjQ0LWEwNTItZjdjNDY1N2I3Yjhk
LzEvaEpyT0JtcEU3Uy1WX212QzBLZmFRU2RqdnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFTp+gMA0G
CSqGSIb3DQEBCwUAA4IBAQCyn4KTxq6f2nNFbI02OZU/u7OulEQbDCoqTJEUj1fH
xk8S9BIM5poOZO9iUwXDuVRDPaflMv4LZ2mwN9pal4QhbyHskATPJs4kkjjdRfhT
oZTfaHRlrfhpeORsQct/2CUBpx0CpZfe6NE6dkIV9XWJDugQS1JB/X4wac+CkZRZ
l2HjV01PUPNjBYfPhSuXnNQv9oXnl2HF6anWUKCwhRJY9xkUIs/fQpxfMmlZA5zL
sQYWaollV06cxiueUV5swAAn6nk+oEaEzlj3flIvlTWc9HBw8qUWJU/IYr+ZRXn0
Z6T0w5xzKRulxH311Gqb/bGJgpdlGNngrpBSEz6J3aQf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org