Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f594Zw1x3RUNLPujD9lZNMkkeFY.roa
File: f594Zw1x3RUNLPujD9lZNMkkeFY.roa (raw, json)
Hash identifier: zcIZx75l8IFFxnyyw2IuXxDyxZAevxa5wEAVjLgk5go=
Subject key identifier: 7F:9F:78:67:0D:71:DD:15:0D:2C:FB:A3:0F:D9:59:34:C9:24:78:56
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018EEAFC4977F7FC837B310DD93CCA3752D1
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f594Zw1x3RUNLPujD9lZNMkkeFY.roa
Signing time: Wed 17 Apr 2024 07:36:26 +0000
ROA not before: Wed 17 Apr 2024 07:36:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39700
IP address blocks: 78.108.128.0/20 maxlen: 24
81.30.38.0/24 maxlen: 24
91.142.240.0/22 maxlen: 22
91.142.246.0/23 maxlen: 23
91.142.248.0/22 maxlen: 22
176.74.224.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb9::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 May 2024 06:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:fc:49:77:f7:fc:83:7b:31:0d:d9:3c:ca:37:52:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 17 07:36:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f9f78670d71dd150d2cfba30fd95934c9247856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7c:9f:d9:a1:c4:d0:7f:a6:1a:49:93:80:1b:
f5:e8:d3:ce:87:75:d0:0e:c3:13:88:63:b9:95:ce:
c7:e6:c5:a1:82:e9:c4:6d:07:7b:68:12:83:24:e0:
27:09:f9:78:a4:ed:b3:6b:52:e8:6e:b9:78:91:17:
85:5d:0c:94:c9:1f:29:29:65:f6:85:0b:f1:59:41:
a1:53:0c:43:26:9d:c4:12:17:4f:11:b8:c8:e8:cc:
e5:19:97:e9:2e:57:8b:b9:82:c0:ea:d9:d7:b7:b3:
ea:a2:c0:45:36:b8:8e:95:bc:df:fb:39:5e:99:28:
4e:14:cd:25:c7:41:e6:47:17:fb:14:f0:e4:63:dc:
3f:a7:40:04:3a:24:68:f1:e5:2c:31:b6:b6:dc:54:
3d:60:e6:28:89:a9:0e:61:be:4e:dd:a6:78:3e:70:
90:2c:33:94:90:d0:c6:00:c2:83:6e:3f:cf:de:4b:
3c:a6:7c:48:25:db:3a:72:43:c4:b0:99:ed:0e:1e:
de:f3:ec:5c:8c:ee:ac:c0:45:df:25:43:2e:05:2f:
d4:8c:b9:01:0e:84:aa:63:a7:76:05:3b:6d:69:9a:
c2:07:5d:d8:08:95:5b:f6:80:f6:2f:04:b4:11:91:
95:b9:ab:b8:65:f0:2d:d3:62:6f:d9:37:e6:79:61:
5c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9F:78:67:0D:71:DD:15:0D:2C:FB:A3:0F:D9:59:34:C9:24:78:56
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f594Zw1x3RUNLPujD9lZNMkkeFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
81.30.38.0/24
91.142.240.0/22
91.142.246.0-91.142.251.255
176.74.224.0/24
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
9b:c2:42:2f:18:b1:72:ed:ca:d5:0e:ad:57:9e:08:52:60:37:
ee:59:8e:ba:26:e3:aa:a7:11:60:da:aa:1a:98:ff:3d:f9:f3:
94:1b:7c:3d:04:d9:1f:11:e7:fb:18:35:b1:5d:6b:82:b9:43:
c9:04:2f:e4:ec:68:90:98:e7:26:0c:d1:49:09:73:c4:d3:ed:
4e:94:ac:09:c7:21:7b:af:08:cb:b4:5a:52:db:c3:a4:43:bf:
27:79:8b:a0:34:3c:bf:45:27:a2:f4:e0:18:b7:4c:8d:a3:7d:
a8:0c:63:28:a8:85:97:ed:88:7a:fb:29:c9:8c:90:c6:6b:68:
5b:e0:0a:38:f3:0b:c3:76:b9:4c:aa:88:08:cd:08:4e:5c:bc:
65:2a:0d:74:8b:59:9e:be:84:bb:59:fa:07:c5:5d:fe:46:16:
35:e6:fa:57:a8:e0:20:fb:de:ed:6c:0a:b7:38:8b:7f:3e:83:
0e:16:f4:f2:93:fa:af:67:1f:80:64:e5:9f:61:18:89:be:af:
0a:11:b4:1c:a8:64:3f:45:bb:81:9e:49:d9:3a:19:66:fa:08:
09:ff:92:23:73:d1:54:9a:d4:cf:d7:c4:a6:2b:69:57:84:5c:
06:e1:bc:14:03:79:29:96:c9:7b:74:fe:b4:73:c6:33:99:ca:
e6:62:84:04
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY7q/El39/yDezEN2TzKN1LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwNDE3MDczNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjlmNzg2NzBkNzFkZDE1MGQyY2ZiYTMwZmQ5NTkzNGM5MjQ3ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnyf2aHE0H+mGkmTgBv16NPOh3XQ
DsMTiGO5lc7H5sWhgunEbQd7aBKDJOAnCfl4pO2za1Lobrl4kReFXQyUyR8pKWX2
hQvxWUGhUwxDJp3EEhdPEbjI6MzlGZfpLleLuYLA6tnXt7PqosBFNriOlbzf+zle
mShOFM0lx0HmRxf7FPDkY9w/p0AEOiRo8eUsMba23FQ9YOYoiakOYb5O3aZ4PnCQ
LDOUkNDGAMKDbj/P3ks8pnxIJds6ckPEsJntDh7e8+xcjO6swEXfJUMuBS/UjLkB
DoSqY6d2BTttaZrCB13YCJVb9oD2LwS0EZGVuau4ZfAt02Jv2TfmeWFcYQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH+feGcNcd0VDSz7ow/ZWTTJJHhWMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZjU5NFp3MXgzUlVOTFB1akQ5bFpOTWtrZUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQETmyAAwQA
UR4mAwQCW47wMAwDBAFbjvYDBAJbjvgDBACwSuAwDQQCAAIwBwMFAyABTLgwDQYJ
KoZIhvcNAQELBQADggEBAJvCQi8YsXLtytUOrVeeCFJgN+5Zjrom46qnEWDaqhqY
/z3585QbfD0E2R8R5/sYNbFda4K5Q8kEL+TsaJCY5yYM0UkJc8TT7U6UrAnHIXuv
CMu0WlLbw6RDvyd5i6A0PL9FJ6L04Bi3TI2jfagMYyiohZftiHr7KcmMkMZraFvg
CjjzC8N2uUyqiAjNCE5cvGUqDXSLWZ6+hLtZ+gfFXf5GFjXm+leo4CD73u1sCrc4
i38+gw4W9PKT+q9nH4Bk5Z9hGIm+rwoRtByoZD9Fu4GeSdk6GWb6CAn/kiNz0VSa
1M/XxKYraVeEXAbhvBQDeSmWyXt0/rRzxjOZyuZihAQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org