Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/IAceBAVSvWwiTtJwcNjhtzqNsOM.roa
File: IAceBAVSvWwiTtJwcNjhtzqNsOM.roa (raw, json)
Hash identifier: /4R61MLRhjm8r+yOJnP8zyGy1Dxte6pZF6QjdADfKw8=
Subject key identifier: 20:07:1E:04:05:52:BD:6C:22:4E:D2:70:70:D8:E1:B7:3A:8D:B0:E3
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018AEFD0E7CF8553B842E39C17D8B29EEB82
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/IAceBAVSvWwiTtJwcNjhtzqNsOM.roa
Signing time: Mon 02 Oct 2023 09:55:59 +0000
ROA not before: Mon 02 Oct 2023 09:55:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39700
IP address blocks: 78.108.128.0/20 maxlen: 24
176.74.224.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb9::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Oct 2023 07:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:d0:e7:cf:85:53:b8:42:e3:9c:17:d8:b2:9e:eb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Oct 2 09:55:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20071e040552bd6c224ed27070d8e1b73a8db0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:36:5b:e7:37:30:1b:29:64:b8:20:7f:59:39:
c0:50:f9:cc:19:65:f0:34:4a:30:0a:7d:b4:aa:b8:
66:5b:a2:1a:f6:50:55:fc:84:8d:29:e8:c7:7e:14:
44:95:9d:1d:a6:91:4d:68:e6:b5:73:6b:63:d7:9a:
14:bc:cf:d4:14:e2:05:23:d6:6f:a8:8d:4a:b0:32:
87:9b:af:33:fb:83:49:27:2f:09:1d:8c:e0:bd:67:
15:89:7c:5b:d6:cf:e9:a6:bc:49:12:4e:14:e9:22:
d3:7b:2a:20:44:e1:ba:57:50:d8:33:37:af:c9:d5:
8e:21:b0:f2:34:32:a3:d8:1f:b5:46:69:ac:53:f0:
97:73:e9:78:0a:61:f0:81:5a:28:27:95:e4:7b:33:
93:c5:14:47:db:f3:39:f0:e8:87:02:d9:d5:ec:7d:
8c:7f:2d:78:35:49:34:a4:6f:4b:d4:2e:da:41:7b:
33:7f:ee:4b:c6:42:ca:42:81:20:0b:4e:96:a4:20:
40:41:ca:28:c7:0b:3c:11:4e:b8:0c:91:d3:b2:d6:
55:2f:40:cc:9a:4c:d6:ac:e5:32:32:5b:19:cf:3a:
54:10:81:3f:a4:1c:d0:5a:dc:c7:d3:ac:d9:8b:60:
f2:e3:23:a3:55:f1:ab:f2:e6:97:56:a7:5b:1d:d6:
f9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:07:1E:04:05:52:BD:6C:22:4E:D2:70:70:D8:E1:B7:3A:8D:B0:E3
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/IAceBAVSvWwiTtJwcNjhtzqNsOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
176.74.224.0/24
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
5a:66:1f:e0:66:d5:ba:a8:45:cb:1d:a4:52:66:78:c1:14:d5:
b7:37:fe:ff:4e:62:8d:50:2b:a4:57:ee:a0:d0:81:10:4b:34:
04:f0:7b:19:6c:01:0c:64:a6:98:28:d2:34:c5:42:6a:f0:9e:
ca:80:85:2c:2c:88:c0:38:97:ec:8f:33:e8:13:75:90:a5:99:
44:a2:7d:f4:04:b2:49:9b:7d:f2:12:83:e9:fa:70:a4:23:dd:
1d:dd:6a:a4:24:00:c2:0a:d3:b5:80:3d:8e:0b:57:a4:57:af:
94:80:e1:0b:1b:7e:e4:eb:15:bc:ed:0e:a3:71:50:2b:81:da:
a8:0c:9e:d9:02:f7:de:64:b2:85:f8:ec:26:e8:b8:08:d4:4f:
2d:00:1c:3f:ea:80:26:96:d5:0d:86:43:90:88:15:00:fa:31:
b8:d8:5c:e3:d7:cf:2f:a6:84:bf:ee:c9:fe:b3:98:22:96:1b:
0e:5a:29:94:b4:de:2c:98:ab:ec:73:72:57:6c:14:df:dc:88:
cd:b5:ca:56:4c:86:70:84:86:e0:e9:39:17:19:19:e6:64:11:
24:27:24:4d:3a:f2:1b:c1:79:f1:b1:7f:9c:b8:4e:9d:96:97:
64:a4:53:43:a0:48:8b:76:06:1f:e6:60:18:bd:b2:4a:db:b4:
ff:ad:dc:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYrv0OfPhVO4QuOcF9iynuuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMxMDAyMDk1NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA3MWUwNDA1NTJiZDZjMjI0ZWQyNzA3MGQ4ZTFiNzNhOGRiMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzZb5zcwGylkuCB/WTnAUPnMGWXw
NEowCn20qrhmW6Ia9lBV/ISNKejHfhRElZ0dppFNaOa1c2tj15oUvM/UFOIFI9Zv
qI1KsDKHm68z+4NJJy8JHYzgvWcViXxb1s/pprxJEk4U6SLTeyogROG6V1DYMzev
ydWOIbDyNDKj2B+1RmmsU/CXc+l4CmHwgVooJ5XkezOTxRRH2/M58OiHAtnV7H2M
fy14NUk0pG9L1C7aQXszf+5LxkLKQoEgC06WpCBAQcooxws8EU64DJHTstZVL0DM
mkzWrOUyMlsZzzpUEIE/pBzQWtzH06zZi2Dy4yOjVfGr8uaXVqdbHdb5EwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCAHHgQFUr1sIk7ScHDY4bc6jbDjMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvSUFjZUJBVlN2V3dpVHRKd2NOamh0enFOc09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETmyAAwQA
sErgMA0EAgACMAcDBQMgAUy4MA0GCSqGSIb3DQEBCwUAA4IBAQBaZh/gZtW6qEXL
HaRSZnjBFNW3N/7/TmKNUCukV+6g0IEQSzQE8HsZbAEMZKaYKNI0xUJq8J7KgIUs
LIjAOJfsjzPoE3WQpZlEon30BLJJm33yEoPp+nCkI90d3WqkJADCCtO1gD2OC1ek
V6+UgOELG37k6xW87Q6jcVArgdqoDJ7ZAvfeZLKF+Owm6LgI1E8tABw/6oAmltUN
hkOQiBUA+jG42Fzj188vpoS/7sn+s5gilhsOWimUtN4smKvsc3JXbBTf3IjNtcpW
TIZwhIbg6TkXGRnmZBEkJyRNOvIbwXnxsX+cuE6dlpdkpFNDoEiLdgYf5mAYvbJK
27T/rdyf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org