Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-hxtdVufIOIBInK_XCGLOnskP4g.roa
File: 1-hxtdVufIOIBInK_XCGLOnskP4g.roa (raw, json)
Hash identifier: KdvkvCvnBth0ErkC5Nbngfk71ur6KnLnlFGHeGjcM94=
Subject key identifier: FA:1C:6D:75:5B:9F:20:E2:01:22:72:BF:5C:21:8B:3A:7B:24:3F:88
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018717C16F2BAA6C38D70992FB9581F1625A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-hxtdVufIOIBInK_XCGLOnskP4g.roa
Signing time: Sat 25 Mar 2023 07:52:45 +0000
ROA not before: Sat 25 Mar 2023 07:52:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 78.143.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 05:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:c1:6f:2b:aa:6c:38:d7:09:92:fb:95:81:f1:62:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 25 07:52:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa1c6d755b9f20e2012272bf5c218b3a7b243f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7e:c1:c1:03:25:3b:3f:82:b2:ef:0c:6b:ca:
2d:91:ab:a1:38:c1:94:2f:82:7b:ba:1a:5e:9b:82:
42:d2:fb:8e:eb:ac:e2:70:04:9f:3b:63:53:ba:3d:
d6:9e:a1:19:2e:0d:02:91:c7:5a:7f:f8:d7:ac:a0:
e4:d6:4c:4a:a5:ed:79:c1:cc:fa:cf:10:49:c9:13:
e9:75:81:8a:85:30:df:79:22:93:1c:4c:36:71:ac:
5d:e0:98:25:60:e0:aa:15:21:1b:df:ea:f0:5e:f8:
45:48:14:6c:ca:3d:19:02:8c:b3:85:89:7a:fc:29:
4b:1d:30:e9:57:ac:03:93:3f:de:7f:12:d5:af:ea:
53:69:e5:9f:b5:1f:65:bd:68:a5:b2:a3:c4:b9:8d:
da:b0:cc:ec:fd:bd:ab:46:87:8d:61:93:e7:a7:81:
e8:60:a7:7b:b2:a4:e3:8d:d4:24:c7:4f:81:76:00:
0d:1e:14:24:b1:f4:b5:3c:b7:9c:b3:2d:7c:87:f6:
e0:a5:d1:c5:3d:3d:9c:06:6b:72:aa:16:66:12:e3:
2e:21:05:c5:60:b2:2d:c5:ee:a9:86:81:e1:e3:89:
fa:80:21:a0:a3:cc:5c:09:a8:11:df:54:1d:a6:49:
84:a1:67:ea:58:44:68:75:53:56:73:b0:a8:c0:5e:
ff:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1C:6D:75:5B:9F:20:E2:01:22:72:BF:5C:21:8B:3A:7B:24:3F:88
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-hxtdVufIOIBInK_XCGLOnskP4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.232.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:d0:69:89:00:78:16:2c:83:1a:9c:53:95:3b:42:dd:54:43:
29:34:bd:15:2b:95:27:aa:de:65:d3:5d:f0:12:e5:86:8f:0e:
ea:81:6f:ec:bd:a0:35:ec:5e:c0:90:06:96:71:f0:32:c4:a1:
17:33:d8:69:38:00:31:30:ea:25:54:90:e6:7a:c1:d5:8b:95:
65:1a:11:05:eb:98:7f:e6:c5:b4:03:99:af:9b:55:27:8a:f5:
ab:fc:a0:56:5a:d6:74:1c:30:f8:92:c0:ed:e7:d5:da:94:77:
61:f0:d5:63:5b:5b:73:07:ae:b7:f2:84:60:33:7f:ea:df:9b:
ba:ab:c2:2a:06:17:f7:8b:d5:31:44:e3:d5:03:51:a1:69:65:
e0:ba:22:70:c4:60:fb:85:d0:22:7b:5c:e2:e2:82:dc:9b:79:
b5:03:11:31:63:ce:db:0d:43:2f:af:bb:cd:db:0c:64:6d:83:
20:c0:6f:02:64:a8:35:5a:56:1e:a7:dc:18:03:44:67:ac:7d:
36:56:7d:b1:ec:9a:ca:e9:24:49:85:2e:12:fb:28:7b:cd:e0:
92:6b:ca:3b:c5:f9:76:97:1e:64:dd:f7:01:72:8d:d1:a1:f1:
65:05:c9:5f:ae:b6:97:3c:90:5c:7d:db:a4:73:10:ee:34:37:
b1:05:10:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcXwW8rqmw41wmS+5WB8WJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwMzI1MDc1MjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFjNmQ3NTViOWYyMGUyMDEyMjcyYmY1YzIxOGIzYTdiMjQzZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm37BwQMlOz+Csu8Ma8otkauhOMGU
L4J7uhpem4JC0vuO66zicASfO2NTuj3WnqEZLg0Ckcdaf/jXrKDk1kxKpe15wcz6
zxBJyRPpdYGKhTDfeSKTHEw2caxd4JglYOCqFSEb3+rwXvhFSBRsyj0ZAoyzhYl6
/ClLHTDpV6wDkz/efxLVr+pTaeWftR9lvWilsqPEuY3asMzs/b2rRoeNYZPnp4Ho
YKd7sqTjjdQkx0+BdgANHhQksfS1PLecsy18h/bgpdHFPT2cBmtyqhZmEuMuIQXF
YLItxe6phoHh44n6gCGgo8xcCagR31QdpkmEoWfqWERodVNWc7CowF7/CwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPocbXVbnyDiASJyv1whizp7JD+IMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1oeHRkVnVmSU9JQkluS19YQ0dMT25za1A0Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA06P6DAN
BgkqhkiG9w0BAQsFAAOCAQEALdBpiQB4FiyDGpxTlTtC3VRDKTS9FSuVJ6reZdNd
8BLlho8O6oFv7L2gNexewJAGlnHwMsShFzPYaTgAMTDqJVSQ5nrB1YuVZRoRBeuY
f+bFtAOZr5tVJ4r1q/ygVlrWdBww+JLA7efV2pR3YfDVY1tbcweut/KEYDN/6t+b
uqvCKgYX94vVMUTj1QNRoWll4LoicMRg+4XQIntc4uKC3Jt5tQMRMWPO2w1DL6+7
zdsMZG2DIMBvAmSoNVpWHqfcGANEZ6x9NlZ9seyayukkSYUuEvsoe83gkmvKO8X5
dpceZN33AXKN0aHxZQXJX662lzyQXH3bpHMQ7jQ3sQUQNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org