Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/0DglUDBpleTA1nfZaFTCb9gt3gU.roa
File: 0DglUDBpleTA1nfZaFTCb9gt3gU.roa (raw, json)
Hash identifier: g3SCQv1WZQUEzS1qS+aVls0zuEAXT0xPPelI/w5cwSc=
Subject key identifier: D0:38:25:50:30:69:95:E4:C0:D6:77:D9:68:54:C2:6F:D8:2D:DE:05
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018BD2638AD58BE71A8C157338860263314B
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/0DglUDBpleTA1nfZaFTCb9gt3gU.roa
Signing time: Wed 15 Nov 2023 09:50:20 +0000
ROA not before: Wed 15 Nov 2023 09:50:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 88.204.44.0/23 maxlen: 24
88.204.42.0/23 maxlen: 24
88.204.46.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
78.136.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:63:8a:d5:8b:e7:1a:8c:15:73:38:86:02:63:31:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Nov 15 09:50:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0382550306995e4c0d677d96854c26fd82dde05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:76:22:79:7f:d5:f6:0a:69:90:ef:28:21:0d:
0a:0e:f1:4a:62:46:3a:b3:89:e1:39:d9:31:b8:e6:
5b:d0:0d:aa:2b:81:12:97:ff:25:c8:1b:f1:a1:69:
0a:a0:6d:41:b6:b3:ce:4c:52:27:81:85:f2:2a:b2:
f1:97:45:69:74:99:da:fc:1c:5f:ce:4e:ab:00:1a:
e8:4c:38:e8:c6:30:96:4b:e4:c9:5d:0e:a5:d1:c8:
fe:b7:85:80:2b:cb:77:07:8b:e7:77:f1:f5:a9:04:
c5:24:f8:f5:21:00:b1:7f:73:3c:7b:24:54:d4:b2:
c1:79:b3:d1:45:ee:24:7b:76:23:a2:d7:71:77:05:
cd:77:13:66:73:6f:14:10:7e:bf:29:a7:95:9d:9a:
6e:58:fe:f7:b6:e7:2f:7c:2d:f8:8b:e5:70:7c:72:
43:e4:e6:de:2e:cf:86:41:4b:99:22:ff:f9:6b:86:
9b:8c:95:84:43:57:c9:34:d8:5d:a1:58:93:47:d2:
13:63:4e:85:ed:b1:ca:a7:8f:b6:1f:20:25:65:7b:
45:73:66:17:3f:06:e2:18:ec:08:3e:bb:9b:eb:1c:
55:80:75:77:91:86:27:07:26:e6:59:15:56:b4:d3:
42:1c:2f:ea:b0:a3:d6:9f:5c:14:8e:1d:f3:12:f8:
f6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:38:25:50:30:69:95:E4:C0:D6:77:D9:68:54:C2:6F:D8:2D:DE:05
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/0DglUDBpleTA1nfZaFTCb9gt3gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.248.0/21
88.204.42.0-88.204.47.255
Signature Algorithm: sha256WithRSAEncryption
78:6d:78:59:eb:6d:d4:88:73:87:74:6b:6a:80:58:0c:23:fe:
cc:49:f0:b7:1f:e4:75:d0:0d:39:80:9c:0e:06:75:c9:44:2c:
28:bd:df:6e:1b:10:de:2b:ce:8b:8d:f7:70:e7:5e:b2:43:82:
07:7f:d0:80:85:e6:71:c2:df:e7:67:35:5e:81:65:a3:ca:26:
32:97:55:f9:e1:60:d6:ad:6d:64:53:1a:7c:3a:5e:e5:30:7f:
4e:b4:c8:f4:de:90:ca:ec:c7:07:6b:1b:31:be:d1:63:70:6a:
4f:31:cd:69:4f:8c:f2:88:5b:68:5a:58:36:37:d4:53:d5:0c:
45:09:57:70:fa:f2:eb:66:eb:15:41:1c:ba:5b:78:ef:87:b8:
fc:de:c1:ec:79:62:e7:5b:de:1a:4b:23:39:9a:55:db:0f:43:
dc:54:c5:60:63:e2:86:d2:23:80:9a:76:af:f1:47:78:1c:fb:
1f:8c:53:79:87:b3:6c:a2:be:c5:99:53:1c:f2:76:66:1f:7c:
8d:17:7a:51:8d:b1:0d:45:ad:9f:42:8f:af:d6:7d:df:f5:9c:
d6:41:b7:bc:94:15:73:b7:5c:b6:d6:e6:ca:7b:11:13:aa:aa:
08:6c:4b:1d:1e:c4:ca:75:37:02:c7:30:25:93:b8:33:4b:5b:
bb:ff:04:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvSY4rVi+cajBVzOIYCYzFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjMxMTE1MDk1MDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDM4MjU1MDMwNjk5NWU0YzBkNjc3ZDk2ODU0YzI2ZmQ4MmRkZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnYieX/V9gppkO8oIQ0KDvFKYkY6
s4nhOdkxuOZb0A2qK4ESl/8lyBvxoWkKoG1BtrPOTFIngYXyKrLxl0VpdJna/Bxf
zk6rABroTDjoxjCWS+TJXQ6l0cj+t4WAK8t3B4vnd/H1qQTFJPj1IQCxf3M8eyRU
1LLBebPRRe4ke3YjotdxdwXNdxNmc28UEH6/KaeVnZpuWP73tucvfC34i+VwfHJD
5ObeLs+GQUuZIv/5a4abjJWEQ1fJNNhdoViTR9ITY06F7bHKp4+2HyAlZXtFc2YX
PwbiGOwIPrub6xxVgHV3kYYnBybmWRVWtNNCHC/qsKPWn1wUjh3zEvj28QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNA4JVAwaZXkwNZ32WhUwm/YLd4FMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvMERnbFVEQnBsZVRBMW5mWmFGVENiOWd0M2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDToj4MAwD
BAFYzCoDBARYzCAwDQYJKoZIhvcNAQELBQADggEBAHhteFnrbdSIc4d0a2qAWAwj
/sxJ8Lcf5HXQDTmAnA4GdclELCi9324bEN4rzouN93DnXrJDggd/0ICF5nHC3+dn
NV6BZaPKJjKXVfnhYNatbWRTGnw6XuUwf060yPTekMrsxwdrGzG+0WNwak8xzWlP
jPKIW2haWDY31FPVDEUJV3D68utm6xVBHLpbeO+HuPzewex5Yudb3hpLIzmaVdsP
Q9xUxWBj4obSI4Cadq/xR3gc+x+MU3mHs2yivsWZUxzydmYffI0XelGNsQ1FrZ9C
j6/Wfd/1nNZBt7yUFXO3XLbW5sp7EROqqghsSx0exMp1NwLHMCWTuDNLW7v/BPQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:41 2024 by rpki-client on console-fra.rpki-client.org