Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yCZJVB2NvWstBRIODrto04kMEJw.roa
File: yCZJVB2NvWstBRIODrto04kMEJw.roa (raw, json)
Hash identifier: zBUCBpXNOKhCs5uoYVHSH7qoKjkdl4a7IotyVliAW6Q=
Subject key identifier: C8:26:49:54:1D:8D:BD:6B:2D:05:12:0E:0E:BB:68:D3:89:0C:10:9C
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 018A51614850DC3460BE7A035C8CEFA8B3F3
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yCZJVB2NvWstBRIODrto04kMEJw.roa
Signing time: Fri 01 Sep 2023 15:34:04 +0000
ROA not before: Fri 01 Sep 2023 15:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3266
IP address blocks: 78.24.73.0/24 maxlen: 24
78.24.74.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1909::/32 maxlen: 32
2a00:1909::/48 maxlen: 48
2a00:190a::/32 maxlen: 32
2a00:190a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:61:48:50:dc:34:60:be:7a:03:5c:8c:ef:a8:b3:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Sep 1 15:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82649541d8dbd6b2d05120e0ebb68d3890c109c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:5e:a0:23:fd:ae:2d:bd:95:30:47:78:f4:
17:9b:d8:61:d4:b5:af:78:f4:e7:87:af:37:71:8e:
fc:e8:69:a0:17:8d:fe:2e:94:57:3f:d5:9c:40:ed:
5c:b6:75:5d:e1:ec:a6:66:82:3d:fc:c9:e5:1d:46:
a3:29:83:58:06:b6:02:e5:37:b4:58:a9:a0:84:7f:
a3:c2:44:a2:03:9b:41:49:f7:8d:15:00:3c:de:44:
7a:56:e2:37:e4:55:c9:cf:cb:02:42:21:db:13:fd:
e9:74:f2:ae:7b:2f:13:5f:3c:60:cf:99:0e:da:0c:
bc:27:d6:38:9d:28:48:8e:a3:d3:43:23:65:34:07:
bf:c6:ed:a6:8c:11:83:95:d0:cb:6c:15:3a:a3:df:
c4:63:9d:b7:53:c0:14:9c:17:a8:1a:66:97:2f:6a:
bd:0a:4a:e0:5d:e2:ff:a7:0f:a7:32:db:28:14:f4:
8d:e6:ec:de:55:b5:86:09:d5:c0:9b:76:10:b5:a6:
e5:55:f7:e3:17:76:e7:83:16:d6:35:86:bf:69:97:
46:92:a1:5e:f2:28:45:58:71:52:d2:84:cf:5c:05:
ff:f8:5a:f6:df:b6:76:31:e7:7b:24:d0:f1:f5:5c:
eb:ad:23:a1:68:f8:d4:3d:44:77:14:60:62:4c:a5:
43:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:26:49:54:1D:8D:BD:6B:2D:05:12:0E:0E:BB:68:D3:89:0C:10:9C
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/yCZJVB2NvWstBRIODrto04kMEJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.73.0-78.24.74.255
78.24.79.0/24
IPv6:
2a00:1909::-2a00:190a:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:16:7f:7e:ed:9a:df:84:e6:37:fc:38:10:fa:7d:b6:48:eb:
bb:b5:f4:e6:14:e2:d5:a0:f6:b6:5e:64:07:b2:d0:67:ad:ef:
21:25:2b:bf:04:be:9a:80:f3:7a:72:76:71:e4:8b:04:24:79:
c1:51:de:51:a7:fd:b4:32:08:30:78:36:7a:99:e6:89:32:16:
c4:01:23:3f:1b:49:62:0d:79:fd:5d:f8:9e:cb:4c:c2:24:52:
02:f0:8c:80:0b:de:1e:6a:c5:2f:5d:48:bc:66:a6:84:e0:9c:
75:60:00:70:5f:5c:4a:37:98:62:c5:a9:5d:08:3e:7e:71:4f:
2a:52:57:44:85:fd:66:ab:28:28:43:00:57:c6:5c:12:75:fd:
75:45:d1:fe:d2:fe:60:85:47:7d:c6:25:ea:04:3f:ca:67:4d:
d7:71:b8:9d:03:82:08:ac:11:c7:4c:11:2c:e1:f1:9d:14:6e:
6a:28:a4:f9:1e:c7:08:94:2f:cd:e1:35:d9:e1:01:8b:c7:c7:
cb:3e:4b:bd:42:a2:fa:92:ac:8c:95:2e:ad:a7:28:37:bc:64:
05:6f:6c:45:f8:8a:80:71:8c:1b:fc:70:64:e7:45:ed:ea:1f:
fd:f3:77:4a:3c:b7:b8:92:90:c6:37:4a:3c:f3:62:69:23:dd:
ca:8a:5f:ee
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYpRYUhQ3DRgvnoDXIzvqLPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwOTAxMTUzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI2NDk1NDFkOGRiZDZiMmQwNTEyMGUwZWJiNjhkMzg5MGMxMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLVeoCP9ri29lTBHePQXm9hh1LWv
ePTnh683cY786GmgF43+LpRXP9WcQO1ctnVd4eymZoI9/MnlHUajKYNYBrYC5Te0
WKmghH+jwkSiA5tBSfeNFQA83kR6VuI35FXJz8sCQiHbE/3pdPKuey8TXzxgz5kO
2gy8J9Y4nShIjqPTQyNlNAe/xu2mjBGDldDLbBU6o9/EY523U8AUnBeoGmaXL2q9
CkrgXeL/pw+nMtsoFPSN5uzeVbWGCdXAm3YQtablVffjF3bngxbWNYa/aZdGkqFe
8ihFWHFS0oTPXAX/+Fr237Z2Med7JNDx9VzrrSOhaPjUPUR3FGBiTKVD0wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMgmSVQdjb1rLQUSDg67aNOJDBCcMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEveUNaSlZCMk52V3N0QlJJT0RydG8wNGtNRUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBABOGEkD
BABOGEoDBABOGE8wFgQCAAIwEDAOAwUAKgAZCQMFACoAGQowDQYJKoZIhvcNAQEL
BQADggEBAJgWf37tmt+E5jf8OBD6fbZI67u19OYU4tWg9rZeZAey0Get7yElK78E
vpqA83pydnHkiwQkecFR3lGn/bQyCDB4NnqZ5okyFsQBIz8bSWINef1d+J7LTMIk
UgLwjIAL3h5qxS9dSLxmpoTgnHVgAHBfXEo3mGLFqV0IPn5xTypSV0SF/WarKChD
AFfGXBJ1/XVF0f7S/mCFR33GJeoEP8pnTddxuJ0DggisEcdMESzh8Z0UbmoopPke
xwiUL83hNdnhAYvHx8s+S71CovqSrIyVLq2nKDe8ZAVvbEX4ioBxjBv8cGTnRe3q
H/3zd0o8t7iSkMY3SjzzYmkj3cqKX+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org