Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-A7e3OxgbKABUxQu2Z-Dm_3volk.roa
File: 1-A7e3OxgbKABUxQu2Z-Dm_3volk.roa (raw, json)
Hash identifier: cw+9+g/r7M6ZwBPIkQb9aQ+Tb/mnLM6y3cRr7jkuYx8=
Subject key identifier: F8:0E:DE:DC:EC:60:6C:A0:01:53:14:2E:D9:9F:83:9B:FD:EF:A2:59
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192D208602D9091A97CB7ACCF947C5C5A7E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-A7e3OxgbKABUxQu2Z-Dm_3volk.roa
Signing time: Mon 28 Oct 2024 07:30:17 +0000
ROA not before: Mon 28 Oct 2024 07:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.232.0/21 maxlen: 21
89.46.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:08:60:2d:90:91:a9:7c:b7:ac:cf:94:7c:5c:5a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 28 07:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f80ededcec606ca00153142ed99f839bfdefa259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:06:de:08:57:e5:d0:97:fc:83:f6:ba:7c:
63:5b:2e:7f:f3:16:1e:0b:d1:ef:85:da:67:46:c8:
90:85:1c:3f:8a:86:11:b9:88:f2:be:b4:b4:b3:e8:
4c:6b:9b:98:ac:d2:3d:bd:3e:20:65:75:f8:4b:6b:
42:89:c8:02:ae:e3:68:69:ae:d6:7c:c9:88:7d:0b:
f4:85:cb:7c:6a:f5:36:d8:25:98:4f:89:e5:71:17:
62:27:11:af:8f:11:aa:3a:39:02:c8:69:10:6f:f1:
ff:f6:3f:62:e0:54:70:0e:ec:02:f9:ec:d8:e2:d6:
c1:b1:db:60:3b:03:e1:c3:67:3c:3d:ea:f7:c3:fa:
05:22:f9:1f:a7:af:7d:bf:06:2a:7a:fa:50:bf:f9:
72:c8:77:05:31:19:1a:bd:4f:61:48:20:68:3a:33:
5c:70:77:76:53:ed:9a:cc:1f:e8:0b:96:b9:68:a3:
16:0d:f6:28:0f:26:21:f2:0d:df:e6:d1:48:0f:5d:
29:fe:81:7d:d2:17:e0:df:d8:29:30:37:bb:9b:a9:
6d:00:6e:7c:11:b0:58:81:4a:d6:1e:2e:c9:e7:ff:
94:7d:21:c4:21:c5:fc:ad:40:28:98:d6:ae:2f:9c:
ff:ea:67:05:03:99:b8:f1:1c:7d:cf:b1:26:40:9c:
e7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0E:DE:DC:EC:60:6C:A0:01:53:14:2E:D9:9F:83:9B:FD:EF:A2:59
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-A7e3OxgbKABUxQu2Z-Dm_3volk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.232.0/21
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
56:a1:dc:b7:29:f3:89:30:be:bd:d1:3d:d6:6c:18:ff:59:f4:
4b:cd:38:bf:73:3c:13:bc:a8:4f:49:5f:f5:86:b5:b9:ea:32:
d3:c4:52:9f:58:7a:7f:9a:49:93:f7:f2:ee:71:37:08:3f:32:
0d:a1:17:ef:f8:db:3a:28:21:c4:c9:94:f3:a1:7f:77:36:db:
10:04:3a:f1:8d:61:4a:b4:1f:ad:48:17:07:cc:d2:92:56:46:
65:c0:c6:05:fe:21:2f:48:d4:69:ed:17:2c:96:1f:2c:d9:59:
8d:7b:41:85:f3:26:ea:ad:5d:33:8d:8c:38:bc:32:6c:4b:ac:
9a:79:07:8d:5d:43:ac:e2:8c:69:ec:d4:43:1c:78:e3:d5:f5:
09:09:b6:16:96:aa:6d:ee:de:b4:89:95:f6:02:43:4c:7c:03:
4c:11:bc:80:12:dd:76:ae:27:08:f6:f3:65:8b:54:ad:60:7d:
9c:82:b7:0c:15:e4:6d:c1:72:5f:b9:7e:64:5b:44:4f:9e:ae:
20:be:f0:5e:25:8c:cc:c5:c3:d0:a4:98:40:81:d9:a4:a9:3f:
d7:c3:32:0a:78:94:45:04:01:6e:b9:39:5a:ca:77:cd:dc:51:
80:99:f5:f6:a1:87:e0:ee:0a:ac:5d:39:84:4b:de:0f:85:bd:
1d:69:44:33
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZLSCGAtkJGpfLesz5R8XFp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDI4MDczMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBlZGVkY2VjNjA2Y2EwMDE1MzE0MmVkOTlmODM5YmZkZWZhMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf4G3ghX5dCX/IP2unxjWy5/8xYe
C9HvhdpnRsiQhRw/ioYRuYjyvrS0s+hMa5uYrNI9vT4gZXX4S2tCicgCruNoaa7W
fMmIfQv0hct8avU22CWYT4nlcRdiJxGvjxGqOjkCyGkQb/H/9j9i4FRwDuwC+ezY
4tbBsdtgOwPhw2c8Per3w/oFIvkfp699vwYqevpQv/lyyHcFMRkavU9hSCBoOjNc
cHd2U+2azB/oC5a5aKMWDfYoDyYh8g3f5tFID10p/oF90hfg39gpMDe7m6ltAG58
EbBYgUrWHi7J5/+UfSHEIcX8rUAomNauL5z/6mcFA5m48Rx9z7EmQJzn4wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPgO3tzsYGygAVMULtmfg5v976JZMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1BN2UzT3hnYktBQlV4UXUyWi1EbV8zdm9say5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA06P6AME
AlkusDANBgkqhkiG9w0BAQsFAAOCAQEAVqHctynziTC+vdE91mwY/1n0S804v3M8
E7yoT0lf9Ya1ueoy08RSn1h6f5pJk/fy7nE3CD8yDaEX7/jbOighxMmU86F/dzbb
EAQ68Y1hSrQfrUgXB8zSklZGZcDGBf4hL0jUae0XLJYfLNlZjXtBhfMm6q1dM42M
OLwybEusmnkHjV1DrOKMaezUQxx449X1CQm2Fpaqbe7etImV9gJDTHwDTBG8gBLd
dq4nCPbzZYtUrWB9nIK3DBXkbcFyX7l+ZFtET56uIL7wXiWMzMXD0KSYQIHZpKk/
18MyCniURQQBbrk5Wsp3zdxRgJn19qGH4O4KrF05hEveD4W9HWlEMw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:21 2025 by rpki-client