Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/P8JKiJEEuVpVBDX6gLRZKiZUkoM.roa
File: P8JKiJEEuVpVBDX6gLRZKiZUkoM.roa (raw, json)
Hash identifier: VaN7f0a+VuDpGOXvE5HQ57WbBl3+RAL5INJXiRLKdt0=
Subject key identifier: 3F:C2:4A:88:91:04:B9:5A:55:04:35:FA:80:B4:59:2A:26:54:92:83
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 018E3BB2EAFB4DCCAE72E32AF25B31BE5A5F
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/P8JKiJEEuVpVBDX6gLRZKiZUkoM.roa
Signing time: Thu 14 Mar 2024 06:42:45 +0000
ROA not before: Thu 14 Mar 2024 06:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.236.224.0/23 maxlen: 24
178.236.226.0/24 maxlen: 24
178.236.227.0/24 maxlen: 24
178.236.235.0/24 maxlen: 24
178.236.238.0/23 maxlen: 24
185.2.49.0/24 maxlen: 24
185.2.50.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 01:25:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3b:b2:ea:fb:4d:cc:ae:72:e3:2a:f2:5b:31:be:5a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Mar 14 06:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fc24a889104b95a550435fa80b4592a26549283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d4:a3:21:b6:61:c8:2c:95:b2:9a:17:f3:c5:
81:31:2c:79:db:4d:d7:55:0b:c3:7c:d2:ee:b4:d5:
d0:2e:ea:70:50:b8:6c:03:57:37:7d:dc:52:b5:1d:
58:8e:a8:35:58:ed:e1:24:ea:44:a8:db:91:d9:ff:
80:67:23:43:e5:75:d2:46:dc:bf:07:27:aa:29:df:
1f:2d:9d:9c:b6:91:fa:54:dc:a5:71:5e:6b:7b:3c:
8e:13:9e:fb:e8:49:93:1e:62:4a:bf:3a:2c:f5:1c:
fc:24:ed:52:fb:4d:17:c7:f3:92:b5:ca:39:9e:3e:
f0:39:a9:8b:5c:ef:91:18:8d:2a:f3:d0:96:4c:8d:
38:12:bc:84:e9:61:21:52:60:f3:a3:f8:34:48:87:
a9:b9:cf:d3:d7:cd:75:f7:84:db:e9:64:63:bf:d4:
35:7b:69:58:bc:d2:5d:fa:4f:b3:b4:aa:ef:f3:fb:
68:cc:48:7e:43:92:c3:43:bd:dc:47:de:5d:6a:b9:
87:78:08:6b:4b:0c:62:96:32:95:45:17:4f:83:b0:
a2:78:c9:85:66:53:21:3c:37:67:24:aa:34:08:d0:
bc:49:54:77:6e:e0:44:69:e1:9a:1d:88:cf:22:8b:
d2:83:8e:c9:9b:5b:6b:30:8c:40:70:c7:c2:4d:41:
fc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C2:4A:88:91:04:B9:5A:55:04:35:FA:80:B4:59:2A:26:54:92:83
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/P8JKiJEEuVpVBDX6gLRZKiZUkoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.224.0/22
178.236.235.0/24
178.236.238.0/23
185.2.49.0-185.2.51.255
Signature Algorithm: sha256WithRSAEncryption
8c:d1:35:a1:82:3e:bf:54:07:58:e4:e1:4e:ca:a7:7c:60:06:
0b:a5:b8:5b:c8:3a:19:ef:51:39:b4:14:c5:e8:a9:6d:31:b0:
ac:e2:6a:9b:8b:ea:4f:29:30:4b:64:10:7f:52:b1:14:db:d4:
79:2f:39:83:b2:21:46:b4:82:f4:0f:a4:cd:17:0d:43:c2:c7:
e5:cf:ee:27:4b:76:19:9e:2c:72:d4:95:2c:a2:35:f0:72:29:
7b:86:fc:e4:b1:6e:60:6c:d7:84:43:03:ce:c7:af:80:5f:9a:
85:1c:2e:83:f9:28:14:e9:c3:c6:1f:a9:9c:b7:bf:51:c5:4f:
2f:56:bd:00:a7:95:b5:ff:90:d5:5e:80:60:2a:e9:21:55:92:
01:21:c0:d5:22:92:b0:ec:7c:73:3d:ff:76:6e:4a:96:7e:84:
33:6a:40:fb:a9:d5:a1:eb:a6:3d:50:98:e4:d7:b4:6b:e5:e9:
82:ba:5b:a8:f6:88:00:06:5e:fb:fe:4f:89:9b:9a:c4:69:1b:
2d:e9:69:25:8a:46:66:56:4d:30:cf:cd:f2:8c:2b:c2:91:4b:
61:5a:b8:a2:75:7c:87:c2:28:7f:1f:e4:f0:93:3a:11:73:0b:
67:02:f6:55:85:01:0e:bf:1c:9a:ac:99:f7:2c:fd:cb:5f:d7:
c3:41:fa:6e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY47sur7TcyucuMq8lsxvlpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjQwMzE0MDY0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmMyNGE4ODkxMDRiOTVhNTUwNDM1ZmE4MGI0NTkyYTI2NTQ5MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dSjIbZhyCyVspoX88WBMSx5203X
VQvDfNLutNXQLupwULhsA1c3fdxStR1Yjqg1WO3hJOpEqNuR2f+AZyND5XXSRty/
ByeqKd8fLZ2ctpH6VNylcV5rezyOE5776EmTHmJKvzos9Rz8JO1S+00Xx/OStco5
nj7wOamLXO+RGI0q89CWTI04EryE6WEhUmDzo/g0SIepuc/T181194Tb6WRjv9Q1
e2lYvNJd+k+ztKrv8/tozEh+Q5LDQ73cR95darmHeAhrSwxiljKVRRdPg7CieMmF
ZlMhPDdnJKo0CNC8SVR3buBEaeGaHYjPIovSg47Jm1trMIxAcMfCTUH8dQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD/CSoiRBLlaVQQ1+oC0WSomVJKDMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvUDhKS2lKRUV1VnBWQkRYNmdMUlpLaVpVa29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCsuzgAwQA
suzrAwQBsuzuMAwDBAC5AjEDBAK5AjAwDQYJKoZIhvcNAQELBQADggEBAIzRNaGC
Pr9UB1jk4U7Kp3xgBguluFvIOhnvUTm0FMXoqW0xsKziapuL6k8pMEtkEH9SsRTb
1HkvOYOyIUa0gvQPpM0XDUPCx+XP7idLdhmeLHLUlSyiNfByKXuG/OSxbmBs14RD
A87Hr4BfmoUcLoP5KBTpw8YfqZy3v1HFTy9WvQCnlbX/kNVegGAq6SFVkgEhwNUi
krDsfHM9/3ZuSpZ+hDNqQPup1aHrpj1QmOTXtGvl6YK6W6j2iAAGXvv+T4mbmsRp
Gy3paSWKRmZWTTDPzfKMK8KRS2FauKJ1fIfCKH8f5PCTOhFzC2cC9lWFAQ6/HJqs
mfcs/ctf18NB+m4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:45:31 2024 by rpki-client on console-ams.rpki-client.org