Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/1Y9j6fCTV5b237J-3P3H_JvEhLQ.roa
File: 1Y9j6fCTV5b237J-3P3H_JvEhLQ.roa (raw, json)
Hash identifier: OUIrlvMuPb3PRDwqR71UTgaVXWP4Bd0tzGp4erIl7rs=
Subject key identifier: D5:8F:63:E9:F0:93:57:96:F6:DF:B2:7E:DC:FD:C7:FC:9B:C4:84:B4
Certificate issuer: /CN=f27a6d4d32832831725c48db518a2400f1a924bd
Certificate serial: 01856F1D98904C127632E00AA184B02915B5
Authority key identifier: F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/1Y9j6fCTV5b237J-3P3H_JvEhLQ.roa
Signing time: Sun 01 Jan 2023 20:54:48 +0000
ROA not before: Sun 01 Jan 2023 20:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 185.18.246.0/23 maxlen: 23
185.18.244.0/23 maxlen: 23
185.18.244.0/22 maxlen: 22
78.109.48.0/21 maxlen: 21
78.109.48.0/22 maxlen: 22
78.109.52.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:98:90:4c:12:76:32:e0:0a:a1:84:b0:29:15:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a6d4d32832831725c48db518a2400f1a924bd
Validity
Not Before: Jan 1 20:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d58f63e9f0935796f6dfb27edcfdc7fc9bc484b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f2:81:41:8d:8f:8a:d9:80:41:51:9f:ea:9f:
d6:8b:75:7f:ad:7b:37:84:7e:51:23:90:5a:dd:71:
de:5a:25:75:d9:54:7f:c8:40:fc:ab:db:30:b7:20:
99:26:12:ea:c8:bc:bf:c9:31:cd:60:a1:65:c1:93:
80:4b:e6:d6:ac:7e:3b:9f:63:14:33:5b:4c:0f:3d:
94:0c:35:fe:71:6c:72:37:c2:c1:36:5e:8f:2a:20:
90:0b:41:0f:dd:c2:b7:91:26:74:26:df:76:d8:54:
3f:05:e7:fc:17:1f:7f:2d:ce:4d:6b:08:9d:14:36:
83:25:be:f3:0b:02:d6:3d:42:61:58:88:3a:53:11:
46:57:f8:c2:9d:8c:b9:b9:14:74:ea:6b:5c:34:59:
8b:d5:ed:60:bb:57:5b:8d:2d:9d:f8:ee:66:15:81:
a2:22:3e:c0:be:e4:9d:7d:70:5c:f7:ac:36:ee:83:
da:8e:16:a7:7d:f0:77:6a:36:38:4a:eb:6a:7d:75:
e0:47:7b:7e:90:32:6b:87:0e:01:37:3b:8e:3b:dc:
e0:8e:db:4a:70:46:fc:dd:f7:c1:f0:55:35:a5:05:
e3:15:fa:6f:21:8d:1c:00:18:81:2d:e3:29:1d:85:
fe:09:1f:c8:87:5c:4f:f1:1f:e6:da:2d:b2:49:00:
0f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8F:63:E9:F0:93:57:96:F6:DF:B2:7E:DC:FD:C7:FC:9B:C4:84:B4
X509v3 Authority Key Identifier:
keyid:F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/1Y9j6fCTV5b237J-3P3H_JvEhLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.48.0/21
185.18.244.0/22
Signature Algorithm: sha256WithRSAEncryption
42:87:6a:25:dd:44:39:92:3c:a3:84:c5:e5:96:b1:1b:10:fd:
45:87:08:0f:59:46:02:32:85:ad:b7:ee:45:9a:d7:3f:3a:2f:
2b:c0:ba:28:f8:40:9b:a4:b3:45:3b:84:97:76:51:b7:31:c7:
68:16:8f:5b:c7:e0:5e:8a:2f:50:f3:61:36:18:e5:15:b4:13:
39:40:48:20:ba:d4:c1:22:ff:19:76:51:f4:bf:08:de:70:d6:
fd:dc:09:29:a8:42:e7:3d:1a:1d:f1:77:96:7b:4c:02:d6:a4:
29:fb:b0:8c:bd:88:10:ce:fd:4a:c4:93:9e:08:05:aa:b8:bb:
1b:30:b3:8c:6c:9b:9f:58:db:1a:90:87:23:5d:6c:61:ad:ef:
42:3b:ba:7d:83:b1:4e:84:c1:4b:41:59:23:4d:86:75:00:ab:
78:0f:14:25:e1:01:f7:b1:a0:52:aa:a1:35:1b:fc:78:ac:21:
b6:2a:d8:bb:5d:47:44:af:da:44:a5:de:a2:a0:b8:fd:e3:d9:
9c:99:f3:2a:07:34:a0:82:3c:a9:63:06:00:9a:0b:4d:ad:fa:
8d:7c:72:48:6f:0b:21:00:7e:fd:7c:dd:e2:9d:90:99:7e:2e:
69:f1:da:3f:e4:a3:2f:65:a9:12:ef:ef:1c:17:06:e8:f5:2c:
94:4a:36:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHZiQTBJ2MuAKoYSwKRW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2E2ZDRkMzI4MzI4MzE3MjVjNDhkYjUxOGEyNDAwZjFh
OTI0YmQwHhcNMjMwMTAxMjA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThmNjNlOWYwOTM1Nzk2ZjZkZmIyN2VkY2ZkYzdmYzliYzQ4NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvKBQY2PitmAQVGf6p/Wi3V/rXs3
hH5RI5Ba3XHeWiV12VR/yED8q9swtyCZJhLqyLy/yTHNYKFlwZOAS+bWrH47n2MU
M1tMDz2UDDX+cWxyN8LBNl6PKiCQC0EP3cK3kSZ0Jt922FQ/Bef8Fx9/Lc5Nawid
FDaDJb7zCwLWPUJhWIg6UxFGV/jCnYy5uRR06mtcNFmL1e1gu1dbjS2d+O5mFYGi
Ij7AvuSdfXBc96w27oPajhanffB3ajY4SutqfXXgR3t+kDJrhw4BNzuOO9zgjttK
cEb83ffB8FU1pQXjFfpvIY0cABiBLeMpHYX+CR/Ih1xP8R/m2i2ySQAPPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWPY+nwk1eW9t+yftz9x/ybxIS0MB8GA1UdIwQY
MBaAFPJ6bU0ygygxclxI21GKJADxqSS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUt
MTU3M2VmNjI3MWViLzEvMVk5ajZmQ1RWNWIyMzdKLTNQM0hfSnZFaExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUtMTU3M2VmNjI3MWVi
LzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTm0wAwQC
uRL0MA0GCSqGSIb3DQEBCwUAA4IBAQBCh2ol3UQ5kjyjhMXllrEbEP1FhwgPWUYC
MoWtt+5Fmtc/Oi8rwLoo+ECbpLNFO4SXdlG3McdoFo9bx+Beii9Q82E2GOUVtBM5
QEggutTBIv8ZdlH0vwjecNb93AkpqELnPRod8XeWe0wC1qQp+7CMvYgQzv1KxJOe
CAWquLsbMLOMbJufWNsakIcjXWxhre9CO7p9g7FOhMFLQVkjTYZ1AKt4DxQl4QH3
saBSqqE1G/x4rCG2Kti7XUdEr9pEpd6ioLj949mcmfMqBzSggjypYwYAmgtNrfqN
fHJIbwshAH79fN3inZCZfi5p8do/5KMvZakS7+8cFwbo9SyUSjZj
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:54 2024 by rpki-client on console-ams.rpki-client.org