Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/t5_pOG9vThWjHbm9GRJ4N-BT2DQ.roa
File: t5_pOG9vThWjHbm9GRJ4N-BT2DQ.roa (raw, json)
Hash identifier: 9y/7AVQ/KenCKFL09KcB/TU7usYd+4UgErcJXXD9PCw=
Subject key identifier: B7:9F:E9:38:6F:6F:4E:15:A3:1D:B9:BD:19:12:78:37:E0:53:D8:34
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 01894EBF3C1A1B6AD07B48E1748BF912264F
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/t5_pOG9vThWjHbm9GRJ4N-BT2DQ.roa
Signing time: Thu 13 Jul 2023 10:15:02 +0000
ROA not before: Thu 13 Jul 2023 10:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
2a06:4800::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:bf:3c:1a:1b:6a:d0:7b:48:e1:74:8b:f9:12:26:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: Jul 13 10:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b79fe9386f6f4e15a31db9bd19127837e053d834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a8:11:63:3a:a9:a1:b5:e5:8f:75:ee:38:91:
31:c2:3e:23:86:b6:b3:b7:17:21:fb:65:86:3a:6e:
99:7e:e7:9a:e7:b4:c0:f4:14:cd:2a:a4:20:bf:74:
94:0a:34:88:96:28:87:79:ae:98:a7:de:e2:c4:73:
65:4d:4e:cb:8c:f0:94:4b:3c:dd:d0:a3:b0:2e:9c:
a6:af:20:82:ad:a2:5e:68:27:75:e5:97:2c:77:5e:
f4:5b:18:a9:7f:6c:5c:86:e3:3a:02:bd:09:17:14:
a2:e1:6a:cd:17:3e:45:18:21:20:9f:17:3b:40:4f:
03:32:7b:d0:7f:5f:1a:ed:e2:92:e9:c7:29:07:d4:
55:e3:4a:1d:e3:27:96:87:a3:e6:7a:6d:eb:25:4c:
3c:bd:e9:45:0c:24:17:56:63:29:e7:da:85:63:0c:
57:8d:dc:94:a8:7e:e6:64:3b:7d:6e:25:b8:4a:6d:
b0:1e:3f:6e:9c:5a:7b:c2:34:2f:3e:f6:9e:05:86:
0d:a2:6c:2c:8b:03:12:b8:da:05:97:5e:c9:cb:ee:
83:f0:f6:23:43:72:f4:26:d3:fa:00:25:8f:64:28:
20:6c:c9:9a:cb:ca:b8:67:bf:e2:b2:f2:9b:95:7a:
10:ec:35:37:b2:80:07:d0:68:6b:e7:08:16:14:2d:
92:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:9F:E9:38:6F:6F:4E:15:A3:1D:B9:BD:19:12:78:37:E0:53:D8:34
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/t5_pOG9vThWjHbm9GRJ4N-BT2DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/24
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
bf:49:d9:8e:f6:eb:07:47:e1:bc:f1:ea:6c:19:a7:cb:09:2c:
9d:ba:6e:78:b7:14:96:e5:f6:4a:79:41:b0:d1:24:83:81:97:
7e:73:51:76:11:9d:9a:89:24:32:79:74:a4:b0:46:90:1a:b9:
8d:3f:34:cc:4d:86:82:a7:12:84:ea:55:c9:2e:cf:e0:b9:3e:
9d:85:dd:00:72:c6:28:2c:f7:a4:5d:06:cb:49:4a:14:d9:df:
82:f6:aa:61:70:3a:f6:73:ad:ae:f0:6f:1d:96:49:a3:64:8e:
3a:51:82:7a:1f:b1:61:05:fc:e8:9c:0f:d7:ee:73:0a:67:c7:
e4:46:7d:40:24:43:ab:62:b8:13:61:7f:9e:d7:2b:a6:51:63:
07:fb:78:f1:60:df:5f:2b:44:65:b3:7c:89:04:44:98:be:4f:
f2:28:8a:99:91:52:35:4f:0e:07:ed:34:43:f6:cb:a0:67:28:
06:cd:70:41:ba:dc:4c:65:a8:22:da:ed:36:12:d2:69:42:e1:
b6:e9:31:58:8e:3c:74:2f:7e:78:b1:00:8a:cb:cf:02:9b:3a:
48:24:18:ac:ce:fb:89:ac:4e:b6:e5:b9:d0:cf:91:e1:de:5b:
d6:d6:83:60:72:a8:f7:be:3e:19:0e:14:62:90:3d:f5:41:2d:
25:7c:24:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYlOvzwaG2rQe0jhdIv5EiZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjMwNzEzMTAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzlmZTkzODZmNmY0ZTE1YTMxZGI5YmQxOTEyNzgzN2UwNTNkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6gRYzqpobXlj3XuOJExwj4jhraz
txch+2WGOm6Zfuea57TA9BTNKqQgv3SUCjSIliiHea6Yp97ixHNlTU7LjPCUSzzd
0KOwLpymryCCraJeaCd15Zcsd170Wxipf2xchuM6Ar0JFxSi4WrNFz5FGCEgnxc7
QE8DMnvQf18a7eKS6ccpB9RV40od4yeWh6Pmem3rJUw8velFDCQXVmMp59qFYwxX
jdyUqH7mZDt9biW4Sm2wHj9unFp7wjQvPvaeBYYNomwsiwMSuNoFl17Jy+6D8PYj
Q3L0JtP6ACWPZCggbMmay8q4Z7/isvKblXoQ7DU3soAH0Ghr5wgWFC2SSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLef6Thvb04Vox25vRkSeDfgU9g0MB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvdDVfcE9HOXZUaFdqSGJtOUdSSjROLUJUMkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQC/SdmO9usHR+G8
8epsGafLCSydum54txSW5fZKeUGw0SSDgZd+c1F2EZ2aiSQyeXSksEaQGrmNPzTM
TYaCpxKE6lXJLs/guT6dhd0AcsYoLPekXQbLSUoU2d+C9qphcDr2c62u8G8dlkmj
ZI46UYJ6H7FhBfzonA/X7nMKZ8fkRn1AJEOrYrgTYX+e1yumUWMH+3jxYN9fK0Rl
s3yJBESYvk/yKIqZkVI1Tw4H7TRD9sugZygGzXBButxMZagi2u02EtJpQuG26TFY
jjx0L354sQCKy88CmzpIJBiszvuJrE625bnQz5Hh3lvW1oNgcqj3vj4ZDhRikD31
QS0lfCQc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org