Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I3f5uVRc_ZD1z3Mhw8UWCzagdU4.roa
File: I3f5uVRc_ZD1z3Mhw8UWCzagdU4.roa (raw, json)
Hash identifier: 89MD62LG9sG+FHHY5g/LRD2y9vyUhugTs0ev1bqs7L0=
Subject key identifier: 23:77:F9:B9:54:5C:FD:90:F5:CF:73:21:C3:C5:16:0B:36:A0:75:4E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C5F5D69CD06DD14B2C3168B6E088922ED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I3f5uVRc_ZD1z3Mhw8UWCzagdU4.roa
Signing time: Tue 12 Dec 2023 18:50:06 +0000
ROA not before: Tue 12 Dec 2023 18:50:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.241.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
103.212.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 16:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:5d:69:cd:06:dd:14:b2:c3:16:8b:6e:08:89:22:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 12 18:50:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2377f9b9545cfd90f5cf7321c3c5160b36a0754e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c1:8f:7f:88:c0:7c:3c:f8:50:ad:dd:94:d5:
e3:3f:11:f4:fc:f1:a3:eb:1f:d5:0c:65:2c:7d:d5:
35:0d:0b:c6:90:aa:f6:16:40:11:e6:aa:8b:bc:41:
ba:86:7a:f5:35:4f:f3:09:bc:79:c8:9d:5e:a3:5d:
a5:66:87:c0:54:1a:46:4d:43:35:f1:3c:44:48:6d:
62:4f:ec:ad:92:e6:d3:0b:94:d8:1d:86:2d:a4:5c:
ee:70:96:d8:23:fd:e6:f3:34:02:84:df:0f:a0:f2:
24:d7:84:3b:7b:9a:6a:d0:ca:24:d3:54:70:24:67:
87:db:f2:55:90:c3:e1:e5:20:97:cc:5a:c7:22:30:
83:83:9b:b7:0b:02:b1:d1:5c:46:22:8d:64:64:c9:
d2:09:7e:5d:17:f1:80:65:c0:9a:2f:01:cf:2b:07:
a3:b6:97:11:74:da:98:c7:fc:71:c8:37:4f:9a:8e:
b8:5e:57:27:f0:21:9d:c9:ed:7a:56:03:dc:28:43:
ab:d7:8f:be:5f:cf:93:ae:e2:2b:80:88:42:af:dc:
69:6f:03:1c:01:3f:5d:e6:9a:44:05:da:f0:64:35:
0e:aa:f4:cb:1e:8a:33:8f:57:1c:8d:1a:54:6b:80:
6c:b3:a2:b4:26:8d:61:c2:f2:b3:b5:c5:f4:4f:d4:
98:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:77:F9:B9:54:5C:FD:90:F5:CF:73:21:C3:C5:16:0B:36:A0:75:4E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I3f5uVRc_ZD1z3Mhw8UWCzagdU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0/24
103.212.81.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
67:51:55:09:6c:0d:6f:80:5d:b8:68:45:1a:ff:90:7f:8f:42:
85:73:a9:f8:71:12:2d:02:64:d3:96:5b:45:0b:0c:42:16:23:
04:d9:1e:1d:0d:aa:83:9b:d4:bd:15:20:dc:3b:26:bc:16:c8:
60:85:31:9b:4f:bc:4d:c5:aa:b9:20:5a:17:7b:37:46:a1:99:
17:87:c3:35:f2:01:e0:eb:5a:aa:74:3d:bb:d2:1b:85:e3:08:
0f:5d:69:19:55:28:69:47:48:82:d0:ed:b2:87:fc:37:b7:50:
40:cf:d7:66:94:e6:c1:db:42:e5:cb:06:53:e5:22:3b:24:06:
40:b7:ed:a8:f1:69:1e:f7:69:d3:19:04:e7:b2:b1:32:cb:1d:
3b:74:41:b8:73:6c:0b:29:a5:c9:fb:8b:08:ef:0c:f3:ac:a3:
f6:2b:2e:4d:3d:2c:13:f6:f4:08:a2:86:1b:7d:7a:c4:95:4c:
27:e8:df:ea:7a:40:57:f5:64:00:0a:fa:2f:ae:35:e0:7f:88:
91:14:5a:54:df:2d:e4:ca:31:59:2b:96:ca:c8:c5:ea:3f:19:
05:aa:c0:f6:cb:a5:37:60:9a:9d:5a:0b:e4:e2:a2:14:bb:2a:
cc:21:fe:fd:e0:da:40:f1:20:3a:0f:80:e8:f3:09:ae:5d:c2:
f3:1e:7a:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxfXWnNBt0UssMWi24IiSLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjEyMTg1MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc3ZjliOTU0NWNmZDkwZjVjZjczMjFjM2M1MTYwYjM2YTA3NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8GPf4jAfDz4UK3dlNXjPxH0/PGj
6x/VDGUsfdU1DQvGkKr2FkAR5qqLvEG6hnr1NU/zCbx5yJ1eo12lZofAVBpGTUM1
8TxESG1iT+ytkubTC5TYHYYtpFzucJbYI/3m8zQChN8PoPIk14Q7e5pq0Mok01Rw
JGeH2/JVkMPh5SCXzFrHIjCDg5u3CwKx0VxGIo1kZMnSCX5dF/GAZcCaLwHPKwej
tpcRdNqYx/xxyDdPmo64Xlcn8CGdye16VgPcKEOr14++X8+TruIrgIhCr9xpbwMc
AT9d5ppEBdrwZDUOqvTLHoozj1ccjRpUa4Bss6K0Jo1hwvKztcX0T9SY2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCN3+blUXP2Q9c9zIcPFFgs2oHVOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSTNmNXVWUmNfWkQxejNNaHc4VVdDemFnZFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATo7xAwQA
Z9RRAwQBywAIAwQA3xtyMA0GCSqGSIb3DQEBCwUAA4IBAQBnUVUJbA1vgF24aEUa
/5B/j0KFc6n4cRItAmTTlltFCwxCFiME2R4dDaqDm9S9FSDcOya8FshghTGbT7xN
xaq5IFoXezdGoZkXh8M18gHg61qqdD270huF4wgPXWkZVShpR0iC0O2yh/w3t1BA
z9dmlObB20LlywZT5SI7JAZAt+2o8Wke92nTGQTnsrEyyx07dEG4c2wLKaXJ+4sI
7wzzrKP2Ky5NPSwT9vQIooYbfXrElUwn6N/qekBX9WQACvovrjXgf4iRFFpU3y3k
yjFZK5bKyMXqPxkFqsD2y6U3YJqdWgvk4qIUuyrMIf794NpA8SA6D4Do8wmuXcLz
Hnrl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org