Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/hZxjTpI-4vqoGgsTZOiEf2-qP8g.roa
File: hZxjTpI-4vqoGgsTZOiEf2-qP8g.roa (raw, json)
Hash identifier: F8wsN/qGHwnUjvL6OE7y3OPkXyrX+euHJ8BSuIu2jgM=
Subject key identifier: 85:9C:63:4E:92:3E:E2:FA:A8:1A:0B:13:64:E8:84:7F:6F:AA:3F:C8
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 018A516148B3EE9E2EA8CFA2FD6E7ACA0B70
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/hZxjTpI-4vqoGgsTZOiEf2-qP8g.roa
Signing time: Fri 01 Sep 2023 15:34:04 +0000
ROA not before: Fri 01 Sep 2023 15:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43586
IP address blocks: 78.24.75.0/24 maxlen: 24
78.24.76.0/24 maxlen: 24
78.24.77.0/24 maxlen: 24
78.24.72.0/24 maxlen: 24
78.24.78.0/24 maxlen: 24
2a00:1908:e47::/48 maxlen: 48
2a00:1908:a000::/35 maxlen: 35
2a00:1908:c000::/35 maxlen: 35
2a00:1908:4000::/35 maxlen: 35
2a00:1908:2000::/35 maxlen: 35
2a00:1908::/35 maxlen: 35
2a00:1908:8000::/35 maxlen: 35
2a00:1908:6000::/35 maxlen: 35
2a00:1908:c000::/36 maxlen: 36
2a00:1908:d000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:61:48:b3:ee:9e:2e:a8:cf:a2:fd:6e:7a:ca:0b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Sep 1 15:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859c634e923ee2faa81a0b1364e8847f6faa3fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8f:73:c0:f7:fa:0a:f1:86:21:d7:74:6c:1c:
c1:9c:89:6e:fe:ea:3d:a9:63:03:09:0f:bc:9c:cb:
f4:44:1d:17:be:14:b0:9c:72:ab:0d:58:62:08:7c:
8b:78:1f:2c:b1:29:05:ec:69:07:c6:d8:bc:c0:8f:
39:2f:3d:c0:7e:6f:e4:f0:d8:c8:ef:6e:a6:35:53:
84:81:b4:fc:a2:22:db:88:c4:59:cd:bd:8f:56:7c:
32:1c:58:17:3a:6f:ed:fa:66:7c:5f:91:66:17:7e:
83:e4:8a:c4:0b:5e:68:d7:9a:c0:f5:53:2b:26:88:
1b:ad:6a:8d:cd:40:03:dd:8f:90:58:bd:5a:2c:c6:
97:4d:f4:58:4b:c1:c7:40:94:24:8c:c0:0c:e6:40:
76:e3:a5:8b:fb:34:13:d5:f5:6c:af:2b:8c:ca:1a:
cc:7e:ed:da:81:44:3c:49:28:c2:0f:5e:4b:e4:9c:
f7:d1:4b:0a:b2:23:ba:ec:06:06:7a:6e:e6:0c:78:
01:06:d0:6c:72:1a:e6:7f:35:75:a9:95:9b:ae:ca:
9f:71:aa:17:55:e2:99:80:60:99:97:bf:7a:78:4d:
56:49:19:a1:08:6a:05:5b:75:ac:06:ed:6c:17:78:
3c:4d:73:69:85:05:d3:42:8f:62:c9:57:ac:9e:8d:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:63:4E:92:3E:E2:FA:A8:1A:0B:13:64:E8:84:7F:6F:AA:3F:C8
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/hZxjTpI-4vqoGgsTZOiEf2-qP8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.72.0/24
78.24.75.0-78.24.78.255
IPv6:
2a00:1908::-2a00:1908:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:d5:48:50:c8:a8:19:f9:e6:ba:ac:d2:1d:50:71:70:25:ed:
fd:75:b3:16:32:c5:0c:f2:b1:b4:c8:7f:27:36:21:cc:62:6c:
32:e0:86:b7:d5:60:88:b3:b1:29:af:89:cf:5f:9f:c8:4e:24:
39:b4:c9:1a:be:88:fa:11:ae:25:fc:ef:95:1a:bd:4d:ae:dd:
cf:22:c2:82:43:4e:14:02:aa:f7:df:43:47:f8:73:3c:07:ea:
6d:1f:98:82:39:a0:83:6c:58:13:b9:05:62:f8:ea:ae:3a:24:
70:22:95:4a:09:b3:ea:a3:90:8a:4f:97:e5:fc:40:73:16:6d:
18:e2:b7:d5:97:ea:bb:37:29:f7:6c:35:a2:e7:dd:72:dc:6d:
a2:38:46:5e:db:e0:7b:b7:d5:3d:a7:ee:c5:c7:e9:7e:d5:3b:
19:3d:ab:0c:97:79:38:57:50:e2:72:d4:5d:f4:8e:3d:4e:62:
9d:9a:3a:c3:4c:b8:10:bd:e0:aa:be:cc:9a:52:55:d6:1d:81:
41:47:09:79:14:d3:42:e0:e2:9d:8a:23:4b:db:a5:f1:3e:36:
46:bc:f3:3f:40:ad:a1:3f:a7:dc:ec:0c:65:e9:b9:91:d7:2c:
dc:2e:f7:1b:98:69:0f:c9:58:d4:f1:14:e5:1d:c2:e2:4d:ba:
56:27:ae:0d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYpRYUiz7p4uqM+i/W56ygtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwOTAxMTUzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTljNjM0ZTkyM2VlMmZhYTgxYTBiMTM2NGU4ODQ3ZjZmYWEzZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg49zwPf6CvGGIdd0bBzBnIlu/uo9
qWMDCQ+8nMv0RB0XvhSwnHKrDVhiCHyLeB8ssSkF7GkHxti8wI85Lz3Afm/k8NjI
726mNVOEgbT8oiLbiMRZzb2PVnwyHFgXOm/t+mZ8X5FmF36D5IrEC15o15rA9VMr
JogbrWqNzUAD3Y+QWL1aLMaXTfRYS8HHQJQkjMAM5kB246WL+zQT1fVsryuMyhrM
fu3agUQ8SSjCD15L5Jz30UsKsiO67AYGem7mDHgBBtBschrmfzV1qZWbrsqfcaoX
VeKZgGCZl796eE1WSRmhCGoFW3WsBu1sF3g8TXNphQXTQo9iyVesno2QowIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIWcY06SPuL6qBoLE2TohH9vqj/IMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvaFp4alRwSS00dnFvR2dzVFpPaUVmMi1xUDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAaBAIAATAUAwQAThhIMAwD
BABOGEsDBABOGE4wFwQCAAIwETAPAwUDKgAZCAMGBSoAGQjAMA0GCSqGSIb3DQEB
CwUAA4IBAQBA1UhQyKgZ+ea6rNIdUHFwJe39dbMWMsUM8rG0yH8nNiHMYmwy4Ia3
1WCIs7Epr4nPX5/ITiQ5tMkavoj6Ea4l/O+VGr1Nrt3PIsKCQ04UAqr330NH+HM8
B+ptH5iCOaCDbFgTuQVi+OquOiRwIpVKCbPqo5CKT5fl/EBzFm0Y4rfVl+q7Nyn3
bDWi591y3G2iOEZe2+B7t9U9p+7Fx+l+1TsZPasMl3k4V1DictRd9I49TmKdmjrD
TLgQveCqvsyaUlXWHYFBRwl5FNNC4OKdiiNL26XxPjZGvPM/QK2hP6fc7Axl6bmR
1yzcLvcbmGkPyVjU8RTlHcLiTbpWJ64N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:53 2024 by rpki-client on console-fra.rpki-client.org