Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/fE1y8hHi0wm4OEjWfgylIRsHtyE.roa
File: fE1y8hHi0wm4OEjWfgylIRsHtyE.roa (raw, json)
Hash identifier: Q8cHbXWqJHhi9qlVWEVivsYtsjlUYh+hAPSkpHXrrBI=
Subject key identifier: 7C:4D:72:F2:11:E2:D3:09:B8:38:48:D6:7E:0C:A5:21:1B:07:B7:21
Certificate issuer: /CN=c8f6a72c343e764776244a2ff11271feb22edff9
Certificate serial: 018CC64B530D15FC0EC48EC292E2F53D3DC6
Authority key identifier: C8:F6:A7:2C:34:3E:76:47:76:24:4A:2F:F1:12:71:FE:B2:2E:DF:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPanLDQ-dkd2JEov8RJx_rIu3_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/fE1y8hHi0wm4OEjWfgylIRsHtyE.roa
Signing time: Mon 01 Jan 2024 18:31:14 +0000
ROA not before: Mon 01 Jan 2024 18:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43655
IP address blocks: 193.148.2.0/23 maxlen: 23
78.24.137.0/24 maxlen: 24
78.24.136.0/23 maxlen: 23
78.24.136.0/24 maxlen: 24
78.24.136.0/21 maxlen: 21
2a00:e70::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:42:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:53:0d:15:fc:0e:c4:8e:c2:92:e2:f5:3d:3d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6a72c343e764776244a2ff11271feb22edff9
Validity
Not Before: Jan 1 18:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c4d72f211e2d309b83848d67e0ca5211b07b721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6d:be:74:0d:33:90:0c:35:21:73:a1:60:f5:
28:6e:31:47:9b:07:8c:37:29:14:48:84:8b:7b:57:
ee:44:52:ec:4b:0c:79:ed:c8:46:01:7e:cb:f0:e7:
af:04:70:1b:ea:9e:ed:4a:5b:d2:3e:63:7d:2e:96:
34:e1:52:fe:2d:db:dc:02:ef:97:23:df:2e:ca:f2:
07:44:66:97:39:6b:a5:c7:0c:68:fe:52:57:f6:df:
ac:3d:87:d4:fa:21:03:60:6f:33:b2:8c:6e:37:f7:
d8:3b:38:71:45:94:3a:49:c0:b4:57:2f:98:30:78:
bf:c4:ab:1b:70:ea:7c:9e:ad:0c:f5:5a:34:23:4e:
73:ad:75:e4:f4:03:e5:d6:60:37:00:d6:1d:7d:6e:
e9:18:51:6b:75:2c:d6:3a:79:98:3f:01:de:dc:25:
c5:f9:8e:64:61:96:5f:3f:4c:7c:aa:1c:7f:78:79:
cd:e1:cb:03:6d:1e:ae:32:fe:0d:b0:92:45:ac:91:
92:64:7f:d6:a6:01:62:e0:88:5e:4c:8f:e7:6e:59:
2d:50:eb:5d:20:dd:87:40:89:0e:97:91:91:d7:37:
d5:cd:7f:b2:77:e4:fb:ad:59:37:7d:0c:35:d0:e5:
bb:11:1a:af:9c:8e:7c:cf:1e:9d:3d:31:ed:6a:06:
6c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4D:72:F2:11:E2:D3:09:B8:38:48:D6:7E:0C:A5:21:1B:07:B7:21
X509v3 Authority Key Identifier:
keyid:C8:F6:A7:2C:34:3E:76:47:76:24:4A:2F:F1:12:71:FE:B2:2E:DF:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPanLDQ-dkd2JEov8RJx_rIu3_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/fE1y8hHi0wm4OEjWfgylIRsHtyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yPanLDQ-dkd2JEov8RJx_rIu3_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.136.0/21
193.148.2.0/23
IPv6:
2a00:e70::/32
Signature Algorithm: sha256WithRSAEncryption
8a:18:02:e4:9a:87:a9:19:12:70:0d:e1:da:18:e7:a1:d7:08:
d8:2e:aa:35:0c:c9:72:b3:f7:2e:5d:28:d2:e2:c3:61:0f:3c:
cc:68:2c:2e:34:35:76:83:e5:89:c8:b9:b0:08:3c:36:12:3f:
89:2b:06:76:67:a3:9a:ad:f4:4b:28:f1:14:49:fb:f2:99:09:
7e:05:09:9d:4d:b1:e1:eb:6b:20:68:79:6b:32:0f:df:f0:63:
59:76:6c:4a:5c:97:4c:c1:e1:0f:a3:d8:71:fb:63:09:38:8c:
23:fd:87:41:15:b2:13:5c:c0:4a:fb:7e:70:36:45:b0:87:cb:
1e:2e:01:cf:35:64:d1:3e:7e:09:2a:93:d2:55:5f:4b:f3:6e:
a4:9e:07:30:98:17:7c:b3:33:7e:77:24:94:18:35:12:57:ae:
bf:c4:aa:a5:20:36:d0:f5:e9:f7:c5:d3:9f:a9:a2:d2:06:3a:
d3:dd:cf:30:b3:5d:44:6c:3c:37:04:3c:b6:3b:1e:6b:63:0f:
85:6f:e1:ad:9d:f9:b3:bc:3f:47:a4:1c:44:56:a2:97:65:77:
bf:10:a4:db:d5:86:f0:c6:9d:f7:d7:1c:d4:0e:bf:85:30:ce:
9a:3e:75:72:a9:a4:02:d3:a1:e3:f7:1f:88:32:a1:5f:69:01:
31:c1:93:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS1MNFfwOxI7CkuL1PT3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZhNzJjMzQzZTc2NDc3NjI0NGEyZmYxMTI3MWZlYjIy
ZWRmZjkwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRkNzJmMjExZTJkMzA5YjgzODQ4ZDY3ZTBjYTUyMTFiMDdiNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm2+dA0zkAw1IXOhYPUobjFHmweM
NykUSISLe1fuRFLsSwx57chGAX7L8OevBHAb6p7tSlvSPmN9LpY04VL+LdvcAu+X
I98uyvIHRGaXOWulxwxo/lJX9t+sPYfU+iEDYG8zsoxuN/fYOzhxRZQ6ScC0Vy+Y
MHi/xKsbcOp8nq0M9Vo0I05zrXXk9APl1mA3ANYdfW7pGFFrdSzWOnmYPwHe3CXF
+Y5kYZZfP0x8qhx/eHnN4csDbR6uMv4NsJJFrJGSZH/WpgFi4IheTI/nblktUOtd
IN2HQIkOl5GR1zfVzX+yd+T7rVk3fQw10OW7ERqvnI58zx6dPTHtagZs1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHxNcvIR4tMJuDhI1n4MpSEbB7chMB8GA1UdIwQY
MBaAFMj2pyw0PnZHdiRKL/EScf6yLt/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBhbkxEUS1ka2QySkVvdjhSSnhfckl1M19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mMzBiNTQtMjRmNy00MDE5LTkxY2It
YWRhNmU2NDMwN2M5LzEvZkUxeThoSGkwd200T0VqV2ZneWxJUnNIdHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mMzBiNTQtMjRmNy00MDE5LTkxY2ItYWRhNmU2NDMwN2M5
LzEveVBhbkxEUS1ka2QySkVvdjhSSnhfckl1M19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDThiIAwQB
wZQCMA0EAgACMAcDBQAqAA5wMA0GCSqGSIb3DQEBCwUAA4IBAQCKGALkmoepGRJw
DeHaGOeh1wjYLqo1DMlys/cuXSjS4sNhDzzMaCwuNDV2g+WJyLmwCDw2Ej+JKwZ2
Z6OarfRLKPEUSfvymQl+BQmdTbHh62sgaHlrMg/f8GNZdmxKXJdMweEPo9hx+2MJ
OIwj/YdBFbITXMBK+35wNkWwh8seLgHPNWTRPn4JKpPSVV9L826kngcwmBd8szN+
dySUGDUSV66/xKqlIDbQ9en3xdOfqaLSBjrT3c8ws11EbDw3BDy2Ox5rYw+Fb+Gt
nfmzvD9HpBxEVqKXZXe/EKTb1Ybwxp331xzUDr+FMM6aPnVyqaQC06Hj9x+IMqFf
aQExwZMG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:16 2024 by rpki-client on console-fra.rpki-client.org