Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/v6C-n-bY1HP2j6Y3lWbXwyHBKVg.roa
File: v6C-n-bY1HP2j6Y3lWbXwyHBKVg.roa (raw, json)
Hash identifier: RJ9b68KlqcvRaRgNntz4CN0tKATw+SD9dnj0oZrKqlY=
Subject key identifier: BF:A0:BE:9F:E6:D8:D4:73:F6:8F:A6:37:95:66:D7:C3:21:C1:29:58
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 018FF5049027B1F0BCC52B79BE32881E0D56
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/v6C-n-bY1HP2j6Y3lWbXwyHBKVg.roa
Signing time: Fri 07 Jun 2024 23:24:27 +0000
ROA not before: Fri 07 Jun 2024 23:24:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39767
IP address blocks: 78.158.72.0/21 maxlen: 21
78.158.80.0/20 maxlen: 21
185.90.140.0/22 maxlen: 22
194.88.12.0/23 maxlen: 23
194.104.123.0/24 maxlen: 24
2a05:e200::/29 maxlen: 30
Validation: Failed, certificate revoked on Sat 08 Jun 2024 17:40:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f5:04:90:27:b1:f0:bc:c5:2b:79:be:32:88:1e:0d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Jun 7 23:24:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfa0be9fe6d8d473f68fa6379566d7c321c12958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0e:24:7b:88:4a:e7:6c:48:ca:8c:45:8c:ba:
b7:c5:1c:c6:00:09:b2:4a:23:53:fd:0e:6c:b8:37:
3d:fb:f7:33:f7:7b:5b:43:26:0c:75:5a:4e:18:90:
00:20:8f:e2:f7:8e:c3:86:40:8e:51:09:27:f2:04:
51:75:34:ec:76:de:4b:11:e2:85:88:92:b2:f5:f1:
f0:42:71:b0:4c:78:a1:21:50:71:ba:72:79:ca:c0:
df:96:05:dc:f4:72:f8:e6:53:b9:4a:df:7e:60:c7:
f7:11:f4:e5:2a:6d:2b:49:57:a6:eb:3b:54:39:14:
a9:58:bd:9b:8f:22:0b:53:37:b4:c6:63:a8:75:fb:
1b:80:8f:bd:dc:6f:59:12:f0:2c:0c:72:33:df:30:
87:e9:9c:07:21:cb:a0:54:75:a8:f4:d2:62:b7:c8:
45:97:60:14:99:ca:23:93:b1:a3:6d:3a:a1:b4:5e:
2a:b1:70:79:d0:c2:81:e7:99:6b:ad:f2:bd:a1:1c:
86:00:1a:d0:e9:70:36:38:59:97:d1:4d:ca:c0:d0:
53:1d:6d:c5:76:9b:90:bb:a1:0e:22:06:e6:7e:14:
33:0b:cb:6b:0f:d0:f8:69:aa:f1:d1:73:77:f1:b1:
6f:00:15:c7:aa:e1:26:0c:d4:a4:ef:78:c0:aa:d5:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A0:BE:9F:E6:D8:D4:73:F6:8F:A6:37:95:66:D7:C3:21:C1:29:58
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/v6C-n-bY1HP2j6Y3lWbXwyHBKVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.72.0-78.158.95.255
185.90.140.0/22
194.88.12.0/23
194.104.123.0/24
IPv6:
2a05:e200::/29
Signature Algorithm: sha256WithRSAEncryption
67:48:96:30:7f:0f:fb:69:19:f7:e3:d1:91:b1:ff:09:d6:d7:
43:ef:25:3e:06:c7:e3:38:08:4f:84:e5:0e:c8:c8:6d:53:36:
1a:4d:6f:af:1a:b8:44:7f:16:4b:65:e8:e4:6c:a2:bd:19:7e:
78:28:f5:92:18:c5:82:31:ff:31:05:59:94:b9:2a:46:60:8c:
6c:90:0a:ef:57:63:0f:68:f2:81:5c:ac:d7:00:4f:e1:24:16:
3d:55:02:c8:d3:1f:f1:c1:6b:3f:b2:3b:3e:e3:bf:9e:cc:18:
e4:60:01:d5:3b:49:1b:11:a6:62:1f:bb:ef:28:ed:85:2b:c5:
2b:be:13:53:66:99:e5:41:0c:ba:b6:61:63:d2:5e:8a:ac:85:
6a:c4:7f:ed:03:10:2f:da:89:57:00:06:a4:9d:91:cb:ca:44:
d4:e8:e6:ad:01:c7:6b:97:eb:c2:6a:a4:b8:03:7a:2c:1d:bb:
29:17:cf:9a:6e:b7:aa:9b:f3:32:12:84:70:66:96:f2:c4:09:
d6:8c:34:a6:56:87:b4:22:88:2a:2c:4d:9d:8d:ad:03:bb:95:
d8:ec:af:ae:28:d4:74:8f:01:db:4b:c8:d0:49:e7:38:a8:09:
52:7d:7c:6c:db:29:fe:2d:10:12:92:a2:91:4e:4c:0b:03:bc:
a5:f7:56:bd
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY/1BJAnsfC8xSt5vjKIHg1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjQwNjA3MjMyNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmEwYmU5ZmU2ZDhkNDczZjY4ZmE2Mzc5NTY2ZDdjMzIxYzEyOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw4ke4hK52xIyoxFjLq3xRzGAAmy
SiNT/Q5suDc9+/cz93tbQyYMdVpOGJAAII/i947DhkCOUQkn8gRRdTTsdt5LEeKF
iJKy9fHwQnGwTHihIVBxunJ5ysDflgXc9HL45lO5St9+YMf3EfTlKm0rSVem6ztU
ORSpWL2bjyILUze0xmOodfsbgI+93G9ZEvAsDHIz3zCH6ZwHIcugVHWo9NJit8hF
l2AUmcojk7GjbTqhtF4qsXB50MKB55lrrfK9oRyGABrQ6XA2OFmX0U3KwNBTHW3F
dpuQu6EOIgbmfhQzC8trD9D4aarx0XN38bFvABXHquEmDNSk73jAqtXpWwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL+gvp/m2NRz9o+mN5Vm18MhwSlYMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvdjZDLW4tYlkxSFAyajZZM2xXYlh3eUhCS1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBANOnkgD
BAVOnkADBAK5WowDBAHCWAwDBADCaHswDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcN
AQELBQADggEBAGdIljB/D/tpGffj0ZGx/wnW10PvJT4Gx+M4CE+E5Q7IyG1TNhpN
b68auER/Fktl6ORsor0Zfngo9ZIYxYIx/zEFWZS5KkZgjGyQCu9XYw9o8oFcrNcA
T+EkFj1VAsjTH/HBaz+yOz7jv57MGORgAdU7SRsRpmIfu+8o7YUrxSu+E1NmmeVB
DLq2YWPSXoqshWrEf+0DEC/aiVcABqSdkcvKRNTo5q0Bx2uX68JqpLgDeiwduykX
z5put6qb8zIShHBmlvLECdaMNKZWh7QiiCosTZ2NrQO7ldjsr64o1HSPAdtLyNBJ
5zioCVJ9fGzbKf4tEBKSopFOTAsDvKX3Vr0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:32 2025 by rpki-client