Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4hkYycgF6PK-jY4TBM9qfUJ2DRI.roa
File: 4hkYycgF6PK-jY4TBM9qfUJ2DRI.roa (raw, json)
Hash identifier: /ms3Csc/hhsukClC3NvjkkQEyvR/ihP00/Wnl+cvoss=
Subject key identifier: E2:19:18:C9:C8:05:E8:F2:BE:8D:8E:13:04:CF:6A:7D:42:76:0D:12
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C1F342A709C209A3B92D7C9FC32AA9A07
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4hkYycgF6PK-jY4TBM9qfUJ2DRI.roa
Signing time: Thu 30 Nov 2023 07:49:21 +0000
ROA not before: Thu 30 Nov 2023 07:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:34:2a:70:9c:20:9a:3b:92:d7:c9:fc:32:aa:9a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 30 07:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21918c9c805e8f2be8d8e1304cf6a7d42760d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4b:59:68:b3:fd:d7:7d:24:c5:11:c8:5f:40:
ac:da:ac:db:02:04:bc:c2:65:a6:c7:37:80:d4:2d:
e4:15:2d:40:bb:98:14:b7:45:47:24:e4:29:3a:3a:
e6:4a:73:f3:72:51:fc:ca:12:45:0a:8b:9e:1c:3e:
e6:0e:c0:54:ad:32:e3:79:1d:2b:f4:45:64:84:f6:
30:5c:e1:73:57:99:be:f3:35:a3:dd:34:29:49:d8:
24:d1:60:2d:f7:11:7b:62:ac:8c:b9:30:85:46:7b:
c4:27:79:93:67:cb:8c:72:1b:5c:b4:e3:99:79:ea:
d1:d0:43:23:5b:a5:fe:71:d2:c0:96:50:0a:b5:a6:
a3:07:08:a5:2f:24:52:b4:8c:86:7a:c3:36:91:de:
49:ae:52:25:cd:b8:c5:d2:12:8a:76:99:31:58:51:
5e:f8:c2:b7:b5:60:38:c2:b4:cd:16:1c:9b:d7:be:
e9:e8:ab:64:20:79:0e:92:4a:9a:56:93:17:11:4f:
17:28:bd:c9:95:42:75:64:2e:b1:1b:b8:75:24:f1:
b9:9e:de:d3:50:d8:71:00:46:c3:36:68:34:34:c4:
a1:57:a6:d7:dc:4a:fa:59:e2:b7:d8:b4:0c:b3:d4:
60:0d:32:77:cd:73:25:b3:77:49:1c:ed:ee:19:51:
d2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:19:18:C9:C8:05:E8:F2:BE:8D:8E:13:04:CF:6A:7D:42:76:0D:12
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4hkYycgF6PK-jY4TBM9qfUJ2DRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0-78.142.243.255
89.47.89.0/24
103.212.82.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
22:09:ee:dc:7c:4d:2c:45:5c:9b:f4:2f:b8:9c:1f:ec:6b:7c:
8a:53:21:e0:3a:75:66:8c:57:53:dd:ef:9a:9a:8d:a4:ba:f3:
fd:c8:cc:70:c4:21:d2:de:9d:3a:cf:53:fc:f8:8f:89:0d:df:
7d:90:da:57:07:f0:be:6c:36:ea:3f:cd:2d:6b:11:e7:bb:f5:
c0:3f:59:ed:92:f5:63:87:02:8e:be:57:07:81:e7:60:67:89:
ad:47:32:62:09:62:4c:14:d2:9f:19:75:0f:b8:e4:39:e1:b6:
92:60:6a:31:f7:4d:ea:23:88:53:23:52:8c:39:e2:63:06:ee:
5f:af:ed:31:70:bb:9f:c1:32:d0:15:e3:0a:e2:04:96:ae:35:
4b:15:d5:ac:ce:5a:d2:d9:05:b7:9b:4a:c5:ed:14:e2:9a:1b:
23:2e:59:ed:87:c0:4f:2d:f6:3d:25:b5:54:00:f9:5a:72:40:
ef:8b:08:94:13:7d:fa:bb:f0:8e:15:df:83:28:49:37:bd:c8:
96:14:b3:68:f1:cf:81:16:85:49:5c:78:cc:32:02:96:96:81:
b1:32:0c:b6:1a:01:e0:2b:69:36:ed:5e:92:71:75:d7:ab:db:
e8:4e:0d:49:94:8c:54:54:12:25:53:62:80:8c:ac:39:eb:d6:
8f:dd:20:ea
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYwfNCpwnCCaO5LXyfwyqpoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTMwMDc0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE5MThjOWM4MDVlOGYyYmU4ZDhlMTMwNGNmNmE3ZDQyNzYwZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEtZaLP9130kxRHIX0Cs2qzbAgS8
wmWmxzeA1C3kFS1Au5gUt0VHJOQpOjrmSnPzclH8yhJFCoueHD7mDsBUrTLjeR0r
9EVkhPYwXOFzV5m+8zWj3TQpSdgk0WAt9xF7YqyMuTCFRnvEJ3mTZ8uMchtctOOZ
eerR0EMjW6X+cdLAllAKtaajBwilLyRStIyGesM2kd5JrlIlzbjF0hKKdpkxWFFe
+MK3tWA4wrTNFhyb177p6KtkIHkOkkqaVpMXEU8XKL3JlUJ1ZC6xG7h1JPG5nt7T
UNhxAEbDNmg0NMShV6bX3Er6WeK32LQMs9RgDTJ3zXMls3dJHO3uGVHSAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOIZGMnIBejyvo2OEwTPan1Cdg0SMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNGhrWXljZ0Y2UEstalk0VEJNOXFmVUoyRFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABOjvED
BAJOjvADBABZL1kDBABn1FIDBAHLAAgDBADfG3IwDQYJKoZIhvcNAQELBQADggEB
ACIJ7tx8TSxFXJv0L7icH+xrfIpTIeA6dWaMV1Pd75qajaS68/3IzHDEIdLenTrP
U/z4j4kN332Q2lcH8L5sNuo/zS1rEee79cA/We2S9WOHAo6+VweB52Bnia1HMmIJ
YkwU0p8ZdQ+45DnhtpJgajH3TeojiFMjUow54mMG7l+v7TFwu5/BMtAV4wriBJau
NUsV1azOWtLZBbebSsXtFOKaGyMuWe2HwE8t9j0ltVQA+VpyQO+LCJQTffq78I4V
34MoSTe9yJYUs2jxz4EWhUlceMwyApaWgbEyDLYaAeAraTbtXpJxdder2+hODUmU
jFRUEiVTYoCMrDnr1o/dIOo=
-----END CERTIFICATE-----
Generated at Thu Nov 30 20:31:56 2023 by rpki-client on console-fra.rpki-client.org