Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8SM19nexYxTHeIgw8oPWLc3Ajh0.roa
File: 8SM19nexYxTHeIgw8oPWLc3Ajh0.roa (raw, json)
Hash identifier: NDHPQ1f/cBzQG3bvGRM5PsvQ1b7mQyrL6k0eDcBoYnk=
Subject key identifier: F1:23:35:F6:77:B1:63:14:C7:78:88:30:F2:83:D6:2D:CD:C0:8E:1D
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571154FDD4584DF496BD9622AEE0C5384
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8SM19nexYxTHeIgw8oPWLc3Ajh0.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51277
IP address blocks: 94.42.132.0/24 maxlen: 24
78.133.153.0/24 maxlen: 24
78.133.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4f:dd:45:84:df:49:6b:d9:62:2a:ee:0c:53:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f12335f677b16314c7788830f283d62dcdc08e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:a5:03:37:65:14:5e:00:8a:3c:c3:01:10:
cb:38:3d:5e:5b:c0:72:6b:3e:dd:9d:38:ed:53:67:
04:b2:26:60:2b:e2:81:a4:97:8c:c3:0a:37:a1:ea:
8c:13:1a:ec:6e:bd:09:04:1f:80:66:b5:03:31:38:
2e:1c:6d:08:ce:eb:36:88:a6:7f:d6:4c:64:80:11:
bc:4f:c8:f8:3e:ac:73:53:a6:37:6f:60:1b:96:dd:
d2:e8:c6:f0:ae:95:59:74:a6:19:e6:c6:3a:60:02:
c8:cc:95:86:55:46:6a:c7:30:48:d9:9b:88:97:1c:
9b:98:12:79:13:3c:51:e1:f8:72:3d:db:d1:10:d8:
1a:b6:58:07:52:03:38:e6:01:30:be:df:ce:e2:e6:
4f:20:1f:e2:63:22:ca:25:15:8b:19:7f:9e:b4:34:
8e:7a:8d:a8:28:8f:34:e7:29:07:ce:7c:42:4d:ab:
25:e3:8a:5b:86:69:d4:56:48:06:1c:0f:6c:e5:12:
d6:84:2c:90:12:de:ba:fd:db:aa:c6:0e:09:38:87:
61:c3:af:e1:be:45:fc:07:0e:74:da:24:10:b7:04:
b3:01:7f:8a:d8:46:f6:4c:25:83:50:57:39:3f:95:
37:99:d6:90:a7:74:41:ae:07:02:7b:ed:a8:0c:b0:
5b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:23:35:F6:77:B1:63:14:C7:78:88:30:F2:83:D6:2D:CD:C0:8E:1D
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8SM19nexYxTHeIgw8oPWLc3Ajh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.153.0/24
78.133.170.0/23
94.42.132.0/24
Signature Algorithm: sha256WithRSAEncryption
14:37:ec:0a:ea:d0:c9:c5:97:89:0c:3d:10:9e:ed:d3:4d:38:
8c:04:f4:7a:a2:87:2e:43:63:85:1a:e8:79:58:ea:14:e8:51:
97:23:af:fc:56:0f:6e:12:1f:52:eb:3a:df:ff:91:a4:ac:c0:
27:d5:12:04:db:28:93:1b:b7:33:08:1b:62:b6:45:dd:33:5a:
04:21:03:24:37:5a:a6:8d:25:f6:d5:73:ef:83:34:d6:68:8f:
80:6c:17:de:3c:0b:dd:83:f3:47:5e:70:36:7c:f2:83:b8:5a:
22:b5:df:16:c0:1b:2a:e5:28:c0:6e:c0:ad:0d:42:34:71:fc:
af:1a:54:8b:7f:6d:48:07:ee:69:13:a7:76:07:9f:27:2a:0c:
82:d2:78:d5:fe:b8:c7:f4:e8:37:c2:b5:b6:6d:3e:b7:4f:db:
b9:17:57:87:15:d4:c2:9f:9f:65:68:80:de:77:6e:c5:b5:0d:
c8:a1:54:e9:ab:54:95:78:5d:bb:61:14:c3:e4:10:67:74:7f:
8e:61:72:d6:ff:cb:45:19:8e:b3:65:31:5e:36:9c:f6:06:d2:
98:6b:8b:61:47:85:33:2f:4e:8b:80:3e:5a:6e:47:9f:99:43:
7a:14:25:87:49:8d:02:d1:e0:7a:9c:e3:bf:f6:f9:ce:42:fb:
51:c5:71:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxFU/dRYTfSWvZYiruDFOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTIzMzVmNjc3YjE2MzE0Yzc3ODg4MzBmMjgzZDYyZGNkYzA4ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk2lAzdlFF4AijzDARDLOD1eW8By
az7dnTjtU2cEsiZgK+KBpJeMwwo3oeqMExrsbr0JBB+AZrUDMTguHG0Izus2iKZ/
1kxkgBG8T8j4PqxzU6Y3b2Ablt3S6MbwrpVZdKYZ5sY6YALIzJWGVUZqxzBI2ZuI
lxybmBJ5EzxR4fhyPdvRENgatlgHUgM45gEwvt/O4uZPIB/iYyLKJRWLGX+etDSO
eo2oKI805ykHznxCTasl44pbhmnUVkgGHA9s5RLWhCyQEt66/duqxg4JOIdhw6/h
vkX8Bw502iQQtwSzAX+K2Eb2TCWDUFc5P5U3mdaQp3RBrgcCe+2oDLBbqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPEjNfZ3sWMUx3iIMPKD1i3NwI4dMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvOFNNMTluZXhZeFRIZUlndzhvUFdMYzNBamgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAToWZAwQB
ToWqAwQAXiqEMA0GCSqGSIb3DQEBCwUAA4IBAQAUN+wK6tDJxZeJDD0Qnu3TTTiM
BPR6oocuQ2OFGuh5WOoU6FGXI6/8Vg9uEh9S6zrf/5GkrMAn1RIE2yiTG7czCBti
tkXdM1oEIQMkN1qmjSX21XPvgzTWaI+AbBfePAvdg/NHXnA2fPKDuFoitd8WwBsq
5SjAbsCtDUI0cfyvGlSLf21IB+5pE6d2B58nKgyC0njV/rjH9Og3wrW2bT63T9u5
F1eHFdTCn59laIDed27FtQ3IoVTpq1SVeF27YRTD5BBndH+OYXLW/8tFGY6zZTFe
Npz2BtKYa4thR4UzL06LgD5abkefmUN6FCWHSY0C0eB6nOO/9vnOQvtRxXGw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org