Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/h7MaNF3OfDmkfWf7mC0TDBwYZyo.roa
File: h7MaNF3OfDmkfWf7mC0TDBwYZyo.roa (raw, json)
Hash identifier: 61NfzgGRgqM3DhaxrzZWc7sBCIkOFk4JeKwoAS2phgQ=
Subject key identifier: 87:B3:1A:34:5D:CE:7C:39:A4:7D:67:FB:98:2D:13:0C:1C:18:67:2A
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 0185D91E928A417E4206DD34142C075EA7CF
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/h7MaNF3OfDmkfWf7mC0TDBwYZyo.roa
Signing time: Sun 22 Jan 2023 10:55:37 +0000
ROA not before: Sun 22 Jan 2023 10:55:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 185.78.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d9:1e:92:8a:41:7e:42:06:dd:34:14:2c:07:5e:a7:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 22 10:55:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b31a345dce7c39a47d67fb982d130c1c18672a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:39:8a:dd:29:b5:67:ca:ed:5c:1a:bb:87:ed:
da:10:3d:6f:3e:6b:8b:ff:5e:c1:e1:f6:5e:76:bd:
cd:d4:50:72:9d:71:b7:ea:23:5c:3e:18:2e:e9:17:
ad:ce:5e:e1:1a:ec:c6:0f:5d:ad:21:ca:bb:af:57:
22:77:f9:df:b0:7c:55:a8:b4:6c:49:ab:bb:ca:8d:
32:5d:b3:93:1d:b1:53:9a:0f:1b:c7:fb:51:d1:0c:
d2:0a:f3:24:9f:03:c6:76:82:63:12:48:5e:66:50:
cb:51:0d:1f:99:13:65:70:5f:db:21:97:1a:df:4c:
c5:a0:5e:84:eb:23:22:c7:00:03:09:aa:a6:86:96:
d2:25:c1:c7:96:bf:2f:f5:37:7e:9b:49:e7:ae:e7:
c5:ce:64:cc:4e:10:1f:05:a3:14:74:e2:ad:f0:44:
eb:1d:3e:b8:40:2b:d7:70:10:08:c4:b1:5c:c9:1e:
5d:2d:74:79:ae:c5:a5:a3:43:31:8f:78:0f:81:64:
f2:9e:d5:4d:40:ad:90:e0:bc:fd:5c:dd:5b:98:84:
62:65:13:7f:45:ee:1e:1a:ae:90:bf:70:de:f8:88:
07:6f:ce:0b:fe:3f:41:c4:4d:e5:79:43:9e:a5:f5:
36:a4:6b:93:e1:0f:3c:b8:b4:48:77:66:6a:cf:3a:
25:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B3:1A:34:5D:CE:7C:39:A4:7D:67:FB:98:2D:13:0C:1C:18:67:2A
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/h7MaNF3OfDmkfWf7mC0TDBwYZyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.86.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:c4:70:d4:d5:9a:ac:11:24:e5:fa:17:b8:92:2f:91:a2:b1:
e4:f3:cc:51:58:ee:6f:0d:24:cd:b4:e7:ec:ec:22:b4:2e:a3:
4d:b6:bf:52:fe:60:ea:95:93:12:75:e9:8b:e8:5b:4d:e5:a4:
30:3e:ab:94:22:84:3d:23:0e:58:ef:a9:0b:a8:25:c0:42:20:
5c:98:41:e4:21:3e:c2:65:ee:d7:33:96:a3:dc:62:77:1c:20:
19:15:28:92:d6:8c:92:a0:f1:2d:84:2b:57:b4:d6:11:fe:85:
97:c4:f1:29:0e:93:18:e7:80:da:9d:65:34:e2:7c:75:97:2c:
46:0a:30:05:08:50:9f:12:26:75:9a:2a:c7:21:01:a5:f2:ff:
44:f8:ef:76:a7:77:a2:4f:63:68:5f:c1:8b:8a:95:2b:98:3e:
c6:9f:f9:72:75:71:95:f8:8e:d3:b3:6e:5f:04:6e:c4:2d:d3:
1e:5b:bf:67:c5:19:8d:6f:01:7b:d9:7a:c0:57:cd:14:00:3c:
92:8b:5e:92:9d:a3:d3:9c:ca:11:9d:7a:d6:51:5b:14:2b:6a:
66:11:88:99:56:15:be:5d:7c:9d:bd:e9:36:e9:99:24:55:8d:
55:13:bc:bb:ea:49:7d:cf:2c:15:71:cb:e5:36:75:c5:20:a3:
58:aa:ba:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXZHpKKQX5CBt00FCwHXqfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjMwMTIyMTA1NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IzMWEzNDVkY2U3YzM5YTQ3ZDY3ZmI5ODJkMTMwYzFjMTg2NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjmK3Sm1Z8rtXBq7h+3aED1vPmuL
/17B4fZedr3N1FBynXG36iNcPhgu6Retzl7hGuzGD12tIcq7r1cid/nfsHxVqLRs
Sau7yo0yXbOTHbFTmg8bx/tR0QzSCvMknwPGdoJjEkheZlDLUQ0fmRNlcF/bIZca
30zFoF6E6yMixwADCaqmhpbSJcHHlr8v9Td+m0nnrufFzmTMThAfBaMUdOKt8ETr
HT64QCvXcBAIxLFcyR5dLXR5rsWlo0Mxj3gPgWTyntVNQK2Q4Lz9XN1bmIRiZRN/
Re4eGq6Qv3De+IgHb84L/j9BxE3leUOepfU2pGuT4Q88uLRId2ZqzzolUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIezGjRdznw5pH1n+5gtEwwcGGcqMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvaDdNYU5GM09mRG1rZldmN21DMFREQndZWnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU5WMA0G
CSqGSIb3DQEBCwUAA4IBAQCpxHDU1ZqsESTl+he4ki+RorHk88xRWO5vDSTNtOfs
7CK0LqNNtr9S/mDqlZMSdemL6FtN5aQwPquUIoQ9Iw5Y76kLqCXAQiBcmEHkIT7C
Ze7XM5aj3GJ3HCAZFSiS1oySoPEthCtXtNYR/oWXxPEpDpMY54DanWU04nx1lyxG
CjAFCFCfEiZ1mirHIQGl8v9E+O92p3eiT2NoX8GLipUrmD7Gn/lydXGV+I7Ts25f
BG7ELdMeW79nxRmNbwF72XrAV80UADySi16SnaPTnMoRnXrWUVsUK2pmEYiZVhW+
XXydvek26ZkkVY1VE7y76kl9zywVccvlNnXFIKNYqrog
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:05 2024 by rpki-client on console-fra.rpki-client.org