Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/3248itj41T6zT6at_23hVxQXHJA.roa
File: 3248itj41T6zT6at_23hVxQXHJA.roa (raw, json)
Hash identifier: EZPdlYtdupr446c1lFbo7QGVArKm1GVf3X0s2FblWwo=
Subject key identifier: DF:6E:3C:8A:D8:F8:D5:3E:B3:4F:A6:AD:FF:6D:E1:57:14:17:1C:90
Certificate issuer: /CN=c07081a6f721a37a9e1d799315bb3ea2758b8877
Certificate serial: 018E0F15F5208DD79E5A9CF059D3F22A0D39
Authority key identifier: C0:70:81:A6:F7:21:A3:7A:9E:1D:79:93:15:BB:3E:A2:75:8B:88:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHCBpvcho3qeHXmTFbs-onWLiHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/3248itj41T6zT6at_23hVxQXHJA.roa
Signing time: Tue 05 Mar 2024 14:48:01 +0000
ROA not before: Tue 05 Mar 2024 14:48:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209531
IP address blocks: 147.78.168.0/22 maxlen: 22
2a09:27c0::/29 maxlen: 29
2a09:27c0::/30 maxlen: 30
2a09:27c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 18 Nov 2024 13:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:15:f5:20:8d:d7:9e:5a:9c:f0:59:d3:f2:2a:0d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c07081a6f721a37a9e1d799315bb3ea2758b8877
Validity
Not Before: Mar 5 14:48:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df6e3c8ad8f8d53eb34fa6adff6de15714171c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:8b:9d:d1:99:8f:aa:39:e9:ca:72:d0:8e:
db:86:be:0a:87:4d:af:f7:3f:8b:fe:86:1e:30:74:
84:c1:3a:d5:09:40:94:19:99:61:33:bb:21:69:64:
cb:af:1b:22:eb:1b:80:12:be:eb:16:cd:97:af:aa:
36:83:a3:dd:d0:e7:6d:02:21:75:46:f5:e9:91:25:
8c:22:09:d7:f2:ed:90:3c:1a:e5:99:93:dc:85:48:
c1:65:18:01:8a:c9:4e:8f:65:a3:2a:0b:0d:7d:5a:
a5:b2:ed:52:8a:aa:de:ca:88:db:e0:6b:91:0f:ba:
d9:30:e8:72:39:19:d7:e7:e5:58:06:45:87:4f:35:
3a:3d:c8:f6:b1:0e:f3:1c:18:0f:d8:9a:3c:75:fb:
a1:e3:11:8c:48:a0:23:a9:63:6a:8f:58:4e:02:5a:
a1:c9:01:37:ca:e2:e6:39:a8:4b:8c:fd:5f:9a:e0:
11:cd:35:ba:69:ca:91:98:5e:dd:19:60:39:20:cb:
92:05:b9:61:fb:2a:50:f2:36:e5:eb:0c:36:ee:d6:
5d:6f:ae:ae:9d:3a:8f:86:ba:c6:3f:b8:4d:98:aa:
09:a2:39:18:c7:b1:3c:17:d1:62:be:e2:d9:0a:5d:
26:25:e1:69:96:e9:0b:64:8d:4e:97:33:43:73:1c:
ea:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6E:3C:8A:D8:F8:D5:3E:B3:4F:A6:AD:FF:6D:E1:57:14:17:1C:90
X509v3 Authority Key Identifier:
keyid:C0:70:81:A6:F7:21:A3:7A:9E:1D:79:93:15:BB:3E:A2:75:8B:88:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHCBpvcho3qeHXmTFbs-onWLiHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/3248itj41T6zT6at_23hVxQXHJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/wHCBpvcho3qeHXmTFbs-onWLiHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.168.0/22
IPv6:
2a09:27c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:bc:10:e6:ac:55:4a:e7:e6:74:57:02:5e:d8:63:96:d8:40:
6d:86:e7:97:0c:29:ce:47:cd:52:04:01:2a:33:42:f9:df:96:
23:f4:2e:bd:e0:a6:1f:e8:84:a3:76:82:d8:35:1e:8b:28:74:
4c:0b:33:f4:e8:0c:42:00:e7:1e:93:e0:85:01:6c:19:a8:15:
e7:60:71:22:fb:65:a6:35:01:7c:a1:37:34:d1:5d:2a:a2:65:
57:5a:c3:89:54:d8:13:c4:b1:4d:b7:9f:93:7b:c1:56:f9:98:
42:e2:e6:60:e1:d4:65:0c:2f:e0:5f:c4:a0:c1:49:b2:d9:10:
65:27:c2:b1:5d:41:fa:5b:a3:85:18:aa:ec:99:b1:ba:53:ab:
5d:61:cb:47:cf:60:93:f9:da:01:76:28:8a:67:e3:e2:b0:07:
d9:ee:bd:d6:5d:09:79:c5:b7:b4:3c:ca:f2:4d:ae:8b:8d:37:
98:1a:72:d2:b2:eb:9f:96:a5:eb:fd:36:66:f7:7b:b1:16:ba:
1a:97:5f:c1:dc:d0:c5:a7:4d:66:64:d9:db:e7:af:d1:1c:fc:
a7:67:2b:16:0f:b9:5a:6f:37:4a:c2:c8:0f:da:2a:45:6e:76:
7b:45:0d:47:99:cf:e8:4c:2d:80:71:76:45:8f:0c:26:67:3f:
5e:90:2c:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4PFfUgjdeeWpzwWdPyKg05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzA4MWE2ZjcyMWEzN2E5ZTFkNzk5MzE1YmIzZWEyNzU4
Yjg4NzcwHhcNMjQwMzA1MTQ0ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZlM2M4YWQ4ZjhkNTNlYjM0ZmE2YWRmZjZkZTE1NzE0MTcxYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/uLndGZj6o56cpy0I7bhr4Kh02v
9z+L/oYeMHSEwTrVCUCUGZlhM7shaWTLrxsi6xuAEr7rFs2Xr6o2g6Pd0OdtAiF1
RvXpkSWMIgnX8u2QPBrlmZPchUjBZRgBislOj2WjKgsNfVqlsu1Siqreyojb4GuR
D7rZMOhyORnX5+VYBkWHTzU6Pcj2sQ7zHBgP2Jo8dfuh4xGMSKAjqWNqj1hOAlqh
yQE3yuLmOahLjP1fmuARzTW6acqRmF7dGWA5IMuSBblh+ypQ8jbl6ww27tZdb66u
nTqPhrrGP7hNmKoJojkYx7E8F9FivuLZCl0mJeFplukLZI1OlzNDcxzq3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN9uPIrY+NU+s0+mrf9t4VcUFxyQMB8GA1UdIwQY
MBaAFMBwgab3IaN6nh15kxW7PqJ1i4h3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hDQnB2Y2hvM3FlSFhtVEZicy1vbldMaUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85YWZkMjMtZDI4MC00OTVjLWIyNTIt
ZjYwMDMxN2IxOTc4LzEvMzI0OGl0ajQxVDZ6VDZhdF8yM2hWeFFYSEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85YWZkMjMtZDI4MC00OTVjLWIyNTItZjYwMDMxN2IxOTc4
LzEvd0hDQnB2Y2hvM3FlSFhtVEZicy1vbldMaUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk06oMA0E
AgACMAcDBQMqCSfAMA0GCSqGSIb3DQEBCwUAA4IBAQBZvBDmrFVK5+Z0VwJe2GOW
2EBthueXDCnOR81SBAEqM0L535Yj9C694KYf6ISjdoLYNR6LKHRMCzP06AxCAOce
k+CFAWwZqBXnYHEi+2WmNQF8oTc00V0qomVXWsOJVNgTxLFNt5+Te8FW+ZhC4uZg
4dRlDC/gX8SgwUmy2RBlJ8KxXUH6W6OFGKrsmbG6U6tdYctHz2CT+doBdiiKZ+Pi
sAfZ7r3WXQl5xbe0PMryTa6LjTeYGnLSsuuflqXr/TZm93uxFroal1/B3NDFp01m
ZNnb56/RHPynZysWD7labzdKwsgP2ipFbnZ7RQ1Hmc/oTC2AcXZFjwwmZz9ekCz0
-----END CERTIFICATE-----
Generated at Mon Nov 18 16:23:41 2024 by rpki-client on console-ams.rpki-client.org