Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5JdGUn8M8V9ma9-PRf4CXLc8lA0.roa
File: 5JdGUn8M8V9ma9-PRf4CXLc8lA0.roa (raw, json)
Hash identifier: 6Ca25/IF7D4+5pAMbkJLsrSLxduqgGNTzMJSgF+QTlM=
Subject key identifier: E4:97:46:52:7F:0C:F1:5F:66:6B:DF:8F:45:FE:02:5C:B7:3C:94:0D
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 018D83C88E9961EACA565CE96BF3D168855C
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5JdGUn8M8V9ma9-PRf4CXLc8lA0.roa
Signing time: Wed 07 Feb 2024 13:36:15 +0000
ROA not before: Wed 07 Feb 2024 13:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213301
IP address blocks: 185.78.84.0/24 maxlen: 24
185.78.85.0/24 maxlen: 24
185.78.86.0/24 maxlen: 24
185.78.87.0/24 maxlen: 24
185.174.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 07:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:c8:8e:99:61:ea:ca:56:5c:e9:6b:f3:d1:68:85:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Feb 7 13:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e49746527f0cf15f666bdf8f45fe025cb73c940d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:67:0c:e8:59:14:bd:30:de:5c:f6:c5:35:
82:28:92:57:74:2c:ce:cb:a9:1a:11:70:2c:5f:9a:
72:71:26:f6:f7:ec:ef:ea:88:a6:df:dc:8b:02:7e:
44:8c:15:c6:0b:50:c2:57:de:31:27:63:9c:a6:6b:
dd:8b:b4:1e:4e:cd:bd:57:2b:2a:70:ac:7a:ce:cf:
19:e0:99:5f:8c:88:fe:ca:59:0a:c1:89:d2:2c:3c:
57:b0:c3:fe:39:09:fc:90:e2:66:1a:d7:f3:db:87:
fd:8b:17:46:dc:9c:62:34:ed:cd:2b:b7:1e:98:55:
83:00:54:4e:e4:a2:64:40:da:26:cb:2a:77:f8:53:
ea:46:9e:fc:66:97:db:38:bf:fc:85:c5:f7:e7:3e:
5c:3a:bd:20:61:eb:f0:00:a1:26:4b:ef:b1:16:86:
2d:fd:01:9f:2f:bd:fb:ea:82:9a:90:06:fb:a2:23:
71:c1:e0:d1:fc:73:58:45:52:d2:e8:0a:02:35:66:
06:19:71:84:b2:9a:29:46:5d:a5:b0:0d:72:73:c8:
48:45:29:73:c9:b3:c1:50:ed:21:29:9b:44:41:3a:
ee:77:b1:13:95:1a:10:53:31:7d:4a:17:31:77:6c:
3f:4f:73:52:37:24:fe:49:39:4c:d9:4d:2b:77:6e:
dc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:97:46:52:7F:0C:F1:5F:66:6B:DF:8F:45:FE:02:5C:B7:3C:94:0D
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5JdGUn8M8V9ma9-PRf4CXLc8lA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.84.0/22
185.174.68.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4d:dc:8c:ad:62:3f:d1:9d:14:d6:69:e9:4c:fe:8f:0f:e5:
94:4c:74:98:00:ae:4a:81:94:4b:e0:15:0d:43:49:be:84:a1:
fd:d5:1b:ea:84:f2:d1:c4:a9:32:5b:dd:96:4c:77:24:64:d9:
e2:a0:86:05:47:19:64:54:5e:64:e8:ab:e4:62:18:35:b8:c6:
a6:64:7d:92:8b:0f:5e:54:a0:79:27:a1:3c:eb:f9:0e:ba:8e:
23:17:7f:f5:48:fa:6a:97:57:36:09:82:e1:e9:58:1c:04:4c:
6c:14:4d:72:12:34:02:94:3c:e7:6f:e9:73:ea:cf:44:24:30:
9e:bd:32:3e:70:a8:18:8a:16:1b:0a:78:49:90:cc:eb:da:a2:
b1:dc:de:1f:b6:35:e3:77:dd:a3:74:bc:35:57:8e:f0:a7:cc:
7f:a0:df:41:e5:49:c4:1e:83:3f:7e:b1:64:3e:48:1b:74:e4:
52:a4:a9:2c:db:55:29:f4:cd:c4:9a:19:29:02:03:fe:ac:7e:
c6:0f:de:84:c9:02:8a:1f:27:7c:ca:b1:32:51:29:af:48:38:
44:8b:d3:22:46:f9:26:e5:1c:ec:ec:57:b3:82:00:28:af:35:
33:72:68:b2:02:0e:c9:8d:0f:01:90:08:a1:9f:22:73:f8:16:
ad:1a:0f:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2DyI6ZYerKVlzpa/PRaIVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMjA3MTMzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDk3NDY1MjdmMGNmMTVmNjY2YmRmOGY0NWZlMDI1Y2I3M2M5NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgRnDOhZFL0w3lz2xTWCKJJXdCzO
y6kaEXAsX5pycSb29+zv6oim39yLAn5EjBXGC1DCV94xJ2Ocpmvdi7QeTs29Vysq
cKx6zs8Z4JlfjIj+ylkKwYnSLDxXsMP+OQn8kOJmGtfz24f9ixdG3JxiNO3NK7ce
mFWDAFRO5KJkQNomyyp3+FPqRp78ZpfbOL/8hcX35z5cOr0gYevwAKEmS++xFoYt
/QGfL7376oKakAb7oiNxweDR/HNYRVLS6AoCNWYGGXGEspopRl2lsA1yc8hIRSlz
ybPBUO0hKZtEQTrud7ETlRoQUzF9Shcxd2w/T3NSNyT+STlM2U0rd27cTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOSXRlJ/DPFfZmvfj0X+Aly3PJQNMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvNUpkR1VuOE04VjltYTktUFJmNENYTGM4bEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU5UAwQA
ua5EMA0GCSqGSIb3DQEBCwUAA4IBAQATTdyMrWI/0Z0U1mnpTP6PD+WUTHSYAK5K
gZRL4BUNQ0m+hKH91RvqhPLRxKkyW92WTHckZNnioIYFRxlkVF5k6KvkYhg1uMam
ZH2Siw9eVKB5J6E86/kOuo4jF3/1SPpql1c2CYLh6VgcBExsFE1yEjQClDznb+lz
6s9EJDCevTI+cKgYihYbCnhJkMzr2qKx3N4ftjXjd92jdLw1V47wp8x/oN9B5UnE
HoM/frFkPkgbdORSpKks21Up9M3EmhkpAgP+rH7GD96EyQKKHyd8yrEyUSmvSDhE
i9MiRvkm5Rzs7FezggAorzUzcmiyAg7JjQ8BkAihnyJz+BatGg/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:44 2024 by rpki-client on console-ams.rpki-client.org