Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/bH5_gfW6toDCoehQCAiyyEaslfA.roa
File: bH5_gfW6toDCoehQCAiyyEaslfA.roa (raw, json)
Hash identifier: Y7HFh1ptlIUnOeuNQn+xULXitxLDsl2CW9OHDJU6NRs=
Subject key identifier: 6C:7E:7F:81:F5:BA:B6:80:C2:A1:E8:50:08:08:B2:C8:46:AC:95:F0
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 018CC64B43A1102974040E78A3F5913D6071
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/bH5_gfW6toDCoehQCAiyyEaslfA.roa
Signing time: Mon 01 Jan 2024 18:31:10 +0000
ROA not before: Mon 01 Jan 2024 18:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60079
IP address blocks: 78.158.87.0/24 maxlen: 24
194.104.123.0/24 maxlen: 24
2a05:e201::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 07 Jun 2024 23:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:43:a1:10:29:74:04:0e:78:a3:f5:91:3d:60:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Jan 1 18:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7e7f81f5bab680c2a1e8500808b2c846ac95f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8d:91:c6:c3:9e:53:95:c0:60:95:a3:d9:1d:
e8:69:f6:f1:8d:95:bc:89:67:0e:cf:88:86:b9:a2:
6a:c2:08:2a:26:08:b0:4e:7d:40:a0:a9:e5:f2:d6:
53:3c:d5:40:ef:8a:9d:7a:96:09:6e:be:4b:c8:7d:
16:7c:2f:71:68:03:f1:27:77:78:b4:95:15:11:a8:
e7:99:13:9e:3e:70:52:3b:ac:62:cc:5d:d2:9f:29:
c5:78:10:7d:eb:77:59:a6:67:36:49:06:9a:ca:f5:
3b:d1:18:08:28:8c:7d:1c:a1:b1:f5:01:fe:07:43:
47:89:d4:af:43:26:9b:b5:29:13:3c:dc:66:dc:ec:
29:10:48:2b:54:45:73:70:c2:5f:3c:75:88:61:b5:
19:03:76:9a:8e:fa:1d:8b:67:33:d8:23:b1:f0:34:
1d:3d:0c:a4:2f:2a:e8:de:27:38:ce:3f:25:92:30:
a4:02:cb:ac:a0:7f:ed:d0:28:a4:d2:09:15:04:c3:
42:58:70:ce:b8:13:07:9a:74:2a:41:41:b0:fa:7f:
f6:f4:57:d5:f5:49:e5:da:fc:ce:b2:07:15:7d:5d:
94:08:3f:a1:c4:46:16:56:cd:16:43:83:10:a1:a1:
6f:e6:ce:cd:e3:ea:8a:d9:83:7e:f6:da:a3:09:a4:
3f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:7F:81:F5:BA:B6:80:C2:A1:E8:50:08:08:B2:C8:46:AC:95:F0
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/bH5_gfW6toDCoehQCAiyyEaslfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.87.0/24
194.104.123.0/24
IPv6:
2a05:e201::/32
Signature Algorithm: sha256WithRSAEncryption
5e:bc:ae:8c:b2:a6:17:4b:d9:c7:a7:58:0d:d2:f2:1b:ec:0c:
3e:68:68:63:be:2d:c8:a1:66:d5:de:c9:99:95:55:cf:d5:dd:
01:64:48:d4:2a:90:09:78:99:a1:0c:6e:3a:78:ef:b3:ff:92:
32:7f:2b:52:a6:2d:9e:a8:b0:2d:9f:37:ed:52:68:f3:28:c2:
6e:60:46:73:a2:cb:68:d3:98:fc:08:2f:60:34:1a:1c:8e:0c:
49:42:c3:23:94:1d:07:01:21:40:20:c3:c8:2e:16:5d:99:d6:
60:53:72:6d:b6:98:1b:55:ab:8c:41:f0:62:78:f7:cf:f4:30:
1a:33:9b:f0:d2:b7:a1:d9:5b:f4:b2:03:23:d0:ab:0b:7b:bc:
17:38:9f:d9:cd:f9:01:74:8d:fd:92:83:73:42:4e:b1:98:c3:
6e:b8:fa:ab:e0:90:c2:34:56:d9:21:fc:13:14:74:3d:ae:b9:
8c:1c:11:80:97:f5:88:45:74:87:6f:2d:5f:db:a3:14:4a:b3:
8f:fa:9e:c9:93:21:a1:85:3d:1f:62:18:e3:c3:bc:8b:bb:02:
34:97:b7:cf:ec:09:73:2d:66:69:ba:5a:48:e3:5c:33:a9:93:
96:4e:59:6d:a5:2d:9a:32:52:f4:77:65:5a:c2:90:5b:ec:68:
8d:91:64:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS0OhECl0BA54o/WRPWBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjQwMTAxMTgzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdlN2Y4MWY1YmFiNjgwYzJhMWU4NTAwODA4YjJjODQ2YWM5NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI2RxsOeU5XAYJWj2R3oafbxjZW8
iWcOz4iGuaJqwggqJgiwTn1AoKnl8tZTPNVA74qdepYJbr5LyH0WfC9xaAPxJ3d4
tJUVEajnmROePnBSO6xizF3SnynFeBB963dZpmc2SQaayvU70RgIKIx9HKGx9QH+
B0NHidSvQyabtSkTPNxm3OwpEEgrVEVzcMJfPHWIYbUZA3aajvodi2cz2COx8DQd
PQykLyro3ic4zj8lkjCkAsusoH/t0Cik0gkVBMNCWHDOuBMHmnQqQUGw+n/29FfV
9Unl2vzOsgcVfV2UCD+hxEYWVs0WQ4MQoaFv5s7N4+qK2YN+9tqjCaQ/QwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGx+f4H1uraAwqHoUAgIsshGrJXwMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvYkg1X2dmVzZ0b0RDb2VoUUNBaXl5RWFzbGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATp5XAwQA
wmh7MA0EAgACMAcDBQAqBeIBMA0GCSqGSIb3DQEBCwUAA4IBAQBevK6MsqYXS9nH
p1gN0vIb7Aw+aGhjvi3IoWbV3smZlVXP1d0BZEjUKpAJeJmhDG46eO+z/5IyfytS
pi2eqLAtnzftUmjzKMJuYEZzosto05j8CC9gNBocjgxJQsMjlB0HASFAIMPILhZd
mdZgU3JttpgbVauMQfBiePfP9DAaM5vw0reh2Vv0sgMj0KsLe7wXOJ/ZzfkBdI39
koNzQk6xmMNuuPqr4JDCNFbZIfwTFHQ9rrmMHBGAl/WIRXSHby1f26MUSrOP+p7J
kyGhhT0fYhjjw7yLuwI0l7fP7AlzLWZpulpI41wzqZOWTlltpS2aMlL0d2VawpBb
7GiNkWSA
-----END CERTIFICATE-----
Generated at Sat Jun 8 00:57:34 2024 by rpki-client on console-fra.rpki-client.org