Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eD98CSQE1ghGqA5nillinFVUVfI.roa
File: eD98CSQE1ghGqA5nillinFVUVfI.roa (raw, json)
Hash identifier: Lm1eYJJNp2ZCUPTZeLG9PCD7qV0IBW64k0c3kAAFf1g=
Subject key identifier: 78:3F:7C:09:24:04:D6:08:46:A8:0E:67:8A:59:62:9C:55:54:55:F2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCE08FEF8EB5DBBD825C41403080A5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eD98CSQE1ghGqA5nillinFVUVfI.roa
Signing time: Mon 01 Jan 2024 16:30:36 +0000
ROA not before: Mon 01 Jan 2024 16:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 78.143.224.0/22 maxlen: 22
78.143.232.0/21 maxlen: 21
78.143.228.0/22 maxlen: 22
89.46.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Oct 2024 07:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e0:8f:ef:8e:b5:db:bd:82:5c:41:40:30:80:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=783f7c092404d60846a80e678a59629c555455f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9b:d7:63:d7:8f:37:7f:2f:c9:23:4a:96:af:
d5:d9:f1:65:5b:7c:c2:31:e8:ac:af:04:dd:ba:3d:
3f:5a:c6:1d:79:a1:bf:a5:e3:fa:33:6a:87:61:49:
c2:d4:a0:dd:43:09:9d:f1:01:8f:67:9f:9a:2c:df:
0e:e7:2b:b6:7e:23:d1:d4:cf:10:30:48:ab:f6:42:
b6:ee:cf:24:af:59:20:ca:07:62:29:a7:8b:f4:99:
cc:7c:40:54:1e:ae:32:72:b0:a0:9f:e4:2d:11:36:
3d:26:34:71:9b:a8:02:4e:c4:d5:5e:a0:57:32:7e:
1f:b6:3e:13:77:02:69:73:34:c1:e9:81:23:89:b6:
84:a1:1e:e4:ef:cf:85:05:59:d1:65:13:3b:63:e7:
d2:d3:89:7a:58:a6:4a:5a:6f:79:e6:2e:51:89:99:
27:79:5b:b6:14:91:c0:b2:6b:6d:70:72:e8:a6:3b:
7c:83:94:d0:a6:f0:20:ce:8d:9d:76:66:06:0d:05:
a9:f1:8d:fd:10:cd:de:2b:5c:fa:47:d7:f8:09:e5:
74:cc:33:95:95:60:77:35:02:ac:9e:f5:4a:a1:ac:
12:e9:5c:21:30:b6:41:4b:01:c9:c7:aa:26:9f:a4:
f4:ab:be:c1:b9:28:97:c3:71:d6:1d:68:16:06:9b:
46:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3F:7C:09:24:04:D6:08:46:A8:0E:67:8A:59:62:9C:55:54:55:F2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eD98CSQE1ghGqA5nillinFVUVfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/20
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:f3:38:fd:e7:1e:dd:76:36:be:ab:73:a4:5f:24:ea:c5:20:
1f:fb:20:0e:2e:6a:d0:b4:fd:5e:ce:fe:f7:8f:9d:50:61:d6:
68:10:a4:7d:f6:c5:59:6b:b0:d8:8c:98:48:ae:a3:8c:9e:2a:
4c:d2:52:46:37:24:9c:39:c2:bb:10:da:4b:24:f4:f0:8b:77:
99:39:a4:8d:fe:2b:2c:07:5d:59:3b:86:6a:25:17:1e:ca:b8:
3f:e7:a9:7d:de:af:3a:8a:1c:23:fa:0b:5c:d3:8b:50:8f:6d:
1c:a1:d9:4d:5a:be:7c:4a:47:0e:0d:74:90:0c:35:68:1c:4e:
f0:4a:34:e7:a5:f1:b2:93:fa:9d:08:0d:bd:96:c9:6e:e4:09:
65:d0:c8:fb:05:0c:13:64:fe:b7:15:d0:80:c4:45:47:ee:38:
36:a5:d8:f9:3c:60:20:af:28:53:ed:6f:9b:53:6f:aa:71:22:
36:83:f0:52:df:00:14:65:18:df:c1:b6:a0:b3:33:81:02:55:
bd:6c:db:9d:0a:2f:ac:cd:38:9e:a5:08:18:18:3c:27:6c:62:
b3:f3:1f:fd:0f:0a:07:5b:69:a4:5f:a4:15:6d:38:52:f4:1a:
49:1e:64:84:0e:5e:64:a5:3e:ec:b3:f5:e3:a0:42:60:fd:47:
96:a3:9e:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3OCP7461272CXEFAMIClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODNmN2MwOTI0MDRkNjA4NDZhODBlNjc4YTU5NjI5YzU1NTQ1NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZvXY9ePN38vySNKlq/V2fFlW3zC
MeisrwTduj0/WsYdeaG/peP6M2qHYUnC1KDdQwmd8QGPZ5+aLN8O5yu2fiPR1M8Q
MEir9kK27s8kr1kgygdiKaeL9JnMfEBUHq4ycrCgn+QtETY9JjRxm6gCTsTVXqBX
Mn4ftj4TdwJpczTB6YEjibaEoR7k78+FBVnRZRM7Y+fS04l6WKZKWm955i5RiZkn
eVu2FJHAsmttcHLopjt8g5TQpvAgzo2ddmYGDQWp8Y39EM3eK1z6R9f4CeV0zDOV
lWB3NQKsnvVKoawS6VwhMLZBSwHJx6omn6T0q77BuSiXw3HWHWgWBptG4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHg/fAkkBNYIRqgOZ4pZYpxVVFXyMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZUQ5OENTUUUxZ2hHcUE1bmlsbGluRlZVVmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETo/gAwQC
WS6wMA0GCSqGSIb3DQEBCwUAA4IBAQA+8zj95x7ddja+q3OkXyTqxSAf+yAOLmrQ
tP1ezv73j51QYdZoEKR99sVZa7DYjJhIrqOMnipM0lJGNyScOcK7ENpLJPTwi3eZ
OaSN/issB11ZO4ZqJRceyrg/56l93q86ihwj+gtc04tQj20codlNWr58SkcODXSQ
DDVoHE7wSjTnpfGyk/qdCA29lslu5All0Mj7BQwTZP63FdCAxEVH7jg2pdj5PGAg
ryhT7W+bU2+qcSI2g/BS3wAUZRjfwbagszOBAlW9bNudCi+szTiepQgYGDwnbGKz
8x/9DwoHW2mkX6QVbThS9BpJHmSEDl5kpT7ss/XjoEJg/UeWo57A
-----END CERTIFICATE-----
Generated at Mon Oct 28 08:56:18 2024 by rpki-client on console-fra.rpki-client.org