Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk78fvN6YrC-MNrQ8oeWMaxadq4.roa
File: rk78fvN6YrC-MNrQ8oeWMaxadq4.roa (raw, json)
Hash identifier: LeoeFvWlIsorMt+O1FX10kp4Cm2cStefQ/41qaC0ZQw=
Subject key identifier: AE:4E:FC:7E:F3:7A:62:B0:BE:30:DA:D0:F2:87:96:31:AC:5A:76:AE
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018746D67D579D9E1382726C7E5AED1C10F6
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk78fvN6YrC-MNrQ8oeWMaxadq4.roa
Signing time: Mon 03 Apr 2023 11:17:54 +0000
ROA not before: Mon 03 Apr 2023 11:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
178.253.22.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 16:19:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:d6:7d:57:9d:9e:13:82:72:6c:7e:5a:ed:1c:10:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Apr 3 11:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae4efc7ef37a62b0be30dad0f2879631ac5a76ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:45:29:ed:a8:5e:78:f1:49:b1:8e:2c:28:
c2:14:f7:80:f6:0d:fa:52:d2:0b:6f:14:63:57:3c:
5e:dd:f6:cc:f2:e3:55:f2:3a:09:5c:55:1c:a3:53:
cc:57:32:99:15:63:11:ce:cb:9f:20:7c:17:60:51:
d0:86:33:dd:b9:7a:09:3c:ad:fd:ca:a7:cf:4a:0f:
2b:22:69:cc:56:b9:e9:59:5f:2a:41:3d:e3:1e:ca:
ce:44:a7:19:0d:73:90:3f:60:30:4e:ae:35:6e:6c:
45:45:8b:15:54:e0:c6:10:ec:be:0f:a1:7e:aa:12:
87:73:f0:8f:06:3c:16:a5:f8:a1:d2:bb:80:67:5a:
0a:0a:5d:f1:63:a4:4b:0c:36:ca:a9:27:e8:b9:60:
fa:46:68:85:c2:df:19:2b:b2:8f:ba:4d:06:21:75:
9e:ac:6f:dc:ed:cd:2a:df:70:24:bf:da:87:a3:67:
0c:6c:cc:87:f8:93:c6:37:31:aa:99:09:39:59:9a:
68:c4:68:7c:73:bd:ad:22:46:22:b4:b4:37:06:18:
f0:ec:5b:0d:34:ba:73:c4:73:20:c8:fb:5c:f7:d2:
ef:91:a8:83:1f:56:22:bb:50:3f:39:f0:48:64:da:
13:73:97:c6:5b:be:c0:c7:b5:e3:bf:22:28:aa:bc:
7a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4E:FC:7E:F3:7A:62:B0:BE:30:DA:D0:F2:87:96:31:AC:5A:76:AE
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rk78fvN6YrC-MNrQ8oeWMaxadq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.216.0/22
178.253.22.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2c:47:52:fe:a3:bd:95:7e:e6:66:a3:af:7c:08:24:0d:82:
88:f8:03:80:9c:78:3f:73:39:38:a8:48:31:99:c3:0d:b9:5d:
36:e0:4a:7c:ea:1b:fd:2c:c2:2e:2f:63:eb:ba:ad:35:bf:50:
b5:5b:1f:4c:e2:fb:a0:71:00:5a:bc:71:26:c2:cf:9d:49:59:
08:57:92:ea:9c:46:9b:98:56:82:bc:9f:5a:29:aa:8d:11:63:
dd:6d:ef:e6:8f:0a:d3:36:b3:14:7c:68:c5:98:07:26:c2:c2:
b9:c4:15:11:22:4f:1a:9c:32:5e:23:fe:80:d1:1e:0d:05:76:
d9:7a:e6:4c:75:63:5b:c4:c8:1c:0f:69:bd:57:73:12:27:6d:
33:0e:98:cc:73:39:c3:68:4b:0b:e2:e8:3a:50:b8:4c:8c:77:
2a:e3:4c:eb:7e:ea:ed:9f:85:46:77:14:4b:81:00:c9:fc:82:
fa:a1:32:ce:ae:7b:cc:c3:6c:2a:e8:22:58:7a:55:37:32:66:
2c:1e:35:dd:e7:f8:38:35:84:41:29:93:e3:f1:03:82:72:cb:
2c:73:2b:de:5e:d7:1b:aa:90:c2:4e:04:09:fd:89:3a:66:77:
b0:a2:4a:51:a2:4c:92:05:4a:57:14:64:3b:52:f7:a9:06:6d:
ba:ff:29:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdG1n1XnZ4TgnJsflrtHBD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNDAzMTExNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTRlZmM3ZWYzN2E2MmIwYmUzMGRhZDBmMjg3OTYzMWFjNWE3NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4hFKe2oXnjxSbGOLCjCFPeA9g36
UtILbxRjVzxe3fbM8uNV8joJXFUco1PMVzKZFWMRzsufIHwXYFHQhjPduXoJPK39
yqfPSg8rImnMVrnpWV8qQT3jHsrORKcZDXOQP2AwTq41bmxFRYsVVODGEOy+D6F+
qhKHc/CPBjwWpfih0ruAZ1oKCl3xY6RLDDbKqSfouWD6RmiFwt8ZK7KPuk0GIXWe
rG/c7c0q33Akv9qHo2cMbMyH+JPGNzGqmQk5WZpoxGh8c72tIkYitLQ3Bhjw7FsN
NLpzxHMgyPtc99LvkaiDH1Yiu1A/OfBIZNoTc5fGW77Ax7XjvyIoqrx6/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK5O/H7zemKwvjDa0PKHljGsWnauMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcms3OGZ2TjZZckMtTU5yUThvZVdNYXhhZHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P8AwQC
W7rYAwQBsv0WAwQAsv0gMA0GCSqGSIb3DQEBCwUAA4IBAQA3LEdS/qO9lX7mZqOv
fAgkDYKI+AOAnHg/czk4qEgxmcMNuV024Ep86hv9LMIuL2Pruq01v1C1Wx9M4vug
cQBavHEmws+dSVkIV5LqnEabmFaCvJ9aKaqNEWPdbe/mjwrTNrMUfGjFmAcmwsK5
xBURIk8anDJeI/6A0R4NBXbZeuZMdWNbxMgcD2m9V3MSJ20zDpjMcznDaEsL4ug6
ULhMjHcq40zrfurtn4VGdxRLgQDJ/IL6oTLOrnvMw2wq6CJYelU3MmYsHjXd5/g4
NYRBKZPj8QOCcssscyveXtcbqpDCTgQJ/Yk6ZnewokpRokySBUpXFGQ7UvepBm26
/yl8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org