Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/pSNYiDdG0XlrCVynqYWKD9qYXks.roa
File: pSNYiDdG0XlrCVynqYWKD9qYXks.roa (raw, json)
Hash identifier: CricYFH1S2wiVv5ZE+FWDuHp7U8ZAC+9/ZyipxK4Y2c=
Subject key identifier: A5:23:58:88:37:46:D1:79:6B:09:5C:A7:A9:85:8A:0F:DA:98:5E:4B
Certificate issuer: /CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Certificate serial: 01856E38B0D483EA821E369284FB900A4BAF
Authority key identifier: 1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/pSNYiDdG0XlrCVynqYWKD9qYXks.roa
Signing time: Sun 01 Jan 2023 16:44:47 +0000
ROA not before: Sun 01 Jan 2023 16:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43728
IP address blocks: 78.31.0.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:b0:d4:83:ea:82:1e:36:92:84:fb:90:0a:4b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Validity
Not Before: Jan 1 16:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a52358883746d1796b095ca7a9858a0fda985e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c5:07:d8:83:dc:20:55:ac:b0:d2:6b:1f:8e:
d1:7e:22:b9:ed:ee:62:4b:0a:e6:de:d8:df:1b:d1:
f6:00:83:85:93:31:cd:24:cf:6d:4e:44:1c:e8:e6:
da:83:aa:07:64:ea:13:c7:5f:f4:ac:d3:7f:eb:5f:
25:2d:bc:e0:80:d3:96:a6:93:97:1d:75:bd:a3:f8:
cd:dc:2d:f3:ee:e0:b8:60:60:09:77:56:4b:ad:25:
77:1c:4f:8c:09:d2:58:f1:a8:dc:8b:18:b3:64:a2:
d6:ec:f6:1b:a3:ff:9e:2a:60:bf:42:6a:c1:4c:84:
ba:52:dc:1b:28:3a:24:ca:a2:07:b3:0b:88:26:ac:
20:ae:54:3c:11:9f:62:61:db:97:51:b6:1d:ac:8f:
33:29:33:fc:25:1b:1d:fd:14:f6:b8:56:df:6a:1c:
3a:78:2c:fc:15:d7:c9:0c:a7:fc:cd:bc:80:00:72:
8a:76:81:af:41:49:ed:ca:2a:e4:c8:fe:8e:52:df:
70:d6:29:3b:da:3a:b0:43:01:a2:b3:06:71:36:3a:
cd:1e:26:83:ed:12:67:09:84:f9:1e:7e:ae:d0:4f:
04:a3:6f:ea:5f:b0:ae:e1:e8:79:b8:72:5a:73:6f:
10:a1:f0:65:6f:fe:9b:89:74:8d:f7:1e:f3:e1:51:
69:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:23:58:88:37:46:D1:79:6B:09:5C:A7:A9:85:8A:0F:DA:98:5E:4B
X509v3 Authority Key Identifier:
keyid:1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/pSNYiDdG0XlrCVynqYWKD9qYXks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.0.0/21
Signature Algorithm: sha256WithRSAEncryption
20:7b:73:ab:94:1f:da:88:53:3c:2c:3b:91:4c:07:e7:d9:1b:
59:ec:1f:7d:e7:55:98:45:51:37:3d:87:e3:68:2f:9d:37:eb:
f6:f1:04:87:24:b5:a1:c6:98:26:91:28:ba:61:8f:b0:cf:4b:
a3:1e:d8:9b:52:74:09:33:73:a8:59:67:3c:f3:bb:1d:a2:c8:
f7:ec:2f:3c:be:dc:ed:c9:15:8e:bf:4d:7d:aa:a3:70:6c:c1:
98:dc:4c:ed:00:bb:e9:7c:a2:b9:77:b5:90:f2:40:79:dd:8a:
f3:25:b9:26:06:c9:0b:66:66:41:07:25:68:56:5e:83:b6:d7:
c7:00:7c:91:5e:c4:c9:35:37:cb:ff:56:24:fb:f6:3c:67:6a:
cb:8a:d8:8e:36:df:37:e4:c0:fc:97:59:ac:d3:9b:0b:ce:34:
ba:aa:d0:c0:f4:fa:c7:2d:55:9f:b7:35:c3:6a:79:38:93:54:
07:a6:52:4a:f6:d6:ac:3c:af:32:d7:81:d9:2a:1e:82:de:ff:
7b:0f:63:a1:14:8d:d3:89:84:8f:4d:06:58:08:a7:a4:84:a0:
4e:7b:e4:86:17:c3:85:21:31:eb:a7:b0:64:d9:93:73:be:04:
2d:72:c3:14:f6:4d:15:ac:72:c8:8e:52:52:fd:10:64:00:57:
ac:67:83:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOLDUg+qCHjaShPuQCkuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmUzZTUyMTQwN2Y1OTdmMjU1ZjNmYjRlMGI1NjljMzIw
ODM1NTIwHhcNMjMwMTAxMTY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIzNTg4ODM3NDZkMTc5NmIwOTVjYTdhOTg1OGEwZmRhOTg1ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMUH2IPcIFWssNJrH47RfiK57e5i
Swrm3tjfG9H2AIOFkzHNJM9tTkQc6Obag6oHZOoTx1/0rNN/618lLbzggNOWppOX
HXW9o/jN3C3z7uC4YGAJd1ZLrSV3HE+MCdJY8ajcixizZKLW7PYbo/+eKmC/QmrB
TIS6UtwbKDokyqIHswuIJqwgrlQ8EZ9iYduXUbYdrI8zKTP8JRsd/RT2uFbfahw6
eCz8FdfJDKf8zbyAAHKKdoGvQUntyirkyP6OUt9w1ik72jqwQwGiswZxNjrNHiaD
7RJnCYT5Hn6u0E8Eo2/qX7Cu4eh5uHJac28QofBlb/6biXSN9x7z4VFpkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUjWIg3RtF5awlcp6mFig/amF5LMB8GA1UdIwQY
MBaAFB6+PlIUB/WX8lXz+04LVpwyCDVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHI0LVVoUUg5WmZ5VmZQN1RndFduRElJTlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xMjRhYzgtZmE5My00YzIzLWJkNjIt
NWI0YWZmN2E2Mzk4LzEvcFNOWWlEZEcwWGxyQ1Z5bnFZV0tEOXFZWGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xMjRhYzgtZmE5My00YzIzLWJkNjItNWI0YWZmN2E2Mzk4
LzEvSHI0LVVoUUg5WmZ5VmZQN1RndFduRElJTlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTh8AMA0G
CSqGSIb3DQEBCwUAA4IBAQAge3OrlB/aiFM8LDuRTAfn2RtZ7B9951WYRVE3PYfj
aC+dN+v28QSHJLWhxpgmkSi6YY+wz0ujHtibUnQJM3OoWWc887sdosj37C88vtzt
yRWOv019qqNwbMGY3EztALvpfKK5d7WQ8kB53YrzJbkmBskLZmZBByVoVl6DttfH
AHyRXsTJNTfL/1Yk+/Y8Z2rLitiONt835MD8l1ms05sLzjS6qtDA9PrHLVWftzXD
ank4k1QHplJK9tasPK8y14HZKh6C3v97D2OhFI3TiYSPTQZYCKekhKBOe+SGF8OF
ITHrp7Bk2ZNzvgQtcsMU9k0VrHLIjlJS/RBkAFesZ4Mt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org