Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/MCfWxnPuk_Ryhd13yVMBGKl0_Oo.roa
File: MCfWxnPuk_Ryhd13yVMBGKl0_Oo.roa (raw, json)
Hash identifier: ypKRQ509vw33n18iVwf2lAi5kvK5rklkQSIwn9wTZv0=
Subject key identifier: 30:27:D6:C6:73:EE:93:F4:72:85:DD:77:C9:53:01:18:A9:74:FC:EA
Certificate issuer: /CN=f5d901201ff0b1b97ef3d1a72da41e18f0145762
Certificate serial: 018CC424825188DC04CB87D80FFED92BA65F
Authority key identifier: F5:D9:01:20:1F:F0:B1:B9:7E:F3:D1:A7:2D:A4:1E:18:F0:14:57:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dkBIB_wsbl-89GnLaQeGPAUV2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/MCfWxnPuk_Ryhd13yVMBGKl0_Oo.roa
Signing time: Mon 01 Jan 2024 08:29:36 +0000
ROA not before: Mon 01 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8855
IP address blocks: 212.78.26.0/24 maxlen: 24
212.78.28.0/23 maxlen: 23
212.78.31.0/24 maxlen: 24
212.78.0.0/24 maxlen: 24
212.78.3.0/24 maxlen: 24
212.78.2.0/24 maxlen: 24
212.78.4.0/24 maxlen: 24
212.78.10.0/24 maxlen: 24
212.78.11.0/24 maxlen: 24
212.78.5.0/24 maxlen: 24
212.78.7.0/24 maxlen: 24
212.78.13.0/24 maxlen: 24
212.78.12.0/24 maxlen: 24
212.78.15.0/24 maxlen: 24
212.78.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 08:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:82:51:88:dc:04:cb:87:d8:0f:fe:d9:2b:a6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d901201ff0b1b97ef3d1a72da41e18f0145762
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3027d6c673ee93f47285dd77c9530118a974fcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:d4:de:32:c2:af:a8:b8:83:77:24:ba:c1:
5e:0a:6f:63:cc:ce:b3:41:5f:28:f6:4a:84:21:1c:
11:66:0c:52:66:51:bb:31:f0:ae:27:f3:ea:30:b4:
0d:e0:4c:5f:6c:1c:ab:d7:69:8e:5e:b2:16:5d:22:
7d:32:a3:fa:95:ba:30:9e:f9:17:e8:9a:07:22:17:
c8:18:19:1d:63:a0:92:4e:b1:3e:83:ee:16:d3:f8:
b1:b3:55:8d:71:01:92:60:31:51:01:bf:00:e7:ec:
d6:8b:39:ce:d9:6d:35:6e:ba:e9:0d:c4:a3:26:f8:
5a:1f:4c:a7:87:1d:0d:0a:cd:5a:9f:b6:33:24:0c:
d9:dd:c7:68:71:90:a3:ba:3c:82:ed:16:89:f8:6e:
bb:ec:8f:0a:cb:4d:a2:db:7e:7a:74:8d:2d:e3:dd:
fc:04:03:d4:48:31:fe:9a:6a:e9:be:5c:4e:4a:c9:
1b:e3:ed:78:7e:41:57:f5:0a:2e:16:68:7a:cb:fe:
b6:a9:97:8d:31:c6:1c:0d:8a:ce:08:79:44:37:cb:
95:49:36:19:2a:29:f5:2e:3e:22:ba:fd:06:a2:e9:
ac:b0:6f:8c:9c:8f:d0:2c:34:4b:87:9d:07:41:4c:
7b:fc:49:5e:bf:3f:57:40:ef:d8:8a:6d:52:fd:c3:
b9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:27:D6:C6:73:EE:93:F4:72:85:DD:77:C9:53:01:18:A9:74:FC:EA
X509v3 Authority Key Identifier:
keyid:F5:D9:01:20:1F:F0:B1:B9:7E:F3:D1:A7:2D:A4:1E:18:F0:14:57:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dkBIB_wsbl-89GnLaQeGPAUV2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/MCfWxnPuk_Ryhd13yVMBGKl0_Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ad5545-f8af-4278-90a5-a3bbc87a77cc/1/9dkBIB_wsbl-89GnLaQeGPAUV2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.78.0.0/24
212.78.2.0-212.78.5.255
212.78.7.0/24
212.78.10.0-212.78.15.255
212.78.26.0/24
212.78.28.0/23
212.78.31.0/24
Signature Algorithm: sha256WithRSAEncryption
82:13:72:4a:d8:10:3d:40:b2:1e:bc:0b:a9:d2:2f:88:95:96:
ea:f7:a5:bb:5f:f0:31:f2:91:cc:bf:c6:6f:40:cb:86:fc:a1:
18:17:b6:40:a8:9f:34:0b:10:3e:3a:09:24:d8:41:49:71:c7:
77:7b:d3:f2:27:03:b1:96:0d:fa:3d:7a:da:9a:70:de:e7:57:
79:c3:61:27:b1:8c:64:57:cb:0d:28:31:23:80:a6:a8:7e:54:
bd:a9:71:77:a6:b2:28:82:52:30:c5:1a:76:d5:63:f5:cc:a3:
0c:72:e8:19:c6:99:a0:1d:e6:cd:97:c1:b7:2d:0f:b4:29:b2:
1d:7e:00:13:a9:b1:e1:5c:a4:a2:d6:96:10:79:35:db:03:c4:
bf:b3:82:64:33:5a:5f:85:84:dd:ba:09:29:53:fe:80:b7:90:
7c:21:14:37:61:a6:78:c9:f2:8b:bc:f7:73:81:09:b7:b3:5f:
01:8b:76:30:79:db:38:48:c7:c0:6b:75:01:95:79:1c:5e:6d:
af:f6:fc:82:15:2a:fb:3f:a2:bb:9d:54:71:29:f3:4f:6a:dc:
a4:ad:aa:a0:af:7f:98:77:95:cb:6c:1a:e1:25:d5:c0:55:37:
47:ca:f2:e2:b7:26:30:06:b3:57:fe:a1:f1:8a:4a:c0:a8:da:
ad:b7:20:1a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzEJIJRiNwEy4fYD/7ZK6ZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDkwMTIwMWZmMGIxYjk3ZWYzZDFhNzJkYTQxZTE4ZjAx
NDU3NjIwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI3ZDZjNjczZWU5M2Y0NzI4NWRkNzdjOTUzMDExOGE5NzRmY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRbU3jLCr6i4g3ckusFeCm9jzM6z
QV8o9kqEIRwRZgxSZlG7MfCuJ/PqMLQN4ExfbByr12mOXrIWXSJ9MqP6lbownvkX
6JoHIhfIGBkdY6CSTrE+g+4W0/ixs1WNcQGSYDFRAb8A5+zWiznO2W01brrpDcSj
JvhaH0ynhx0NCs1an7YzJAzZ3cdocZCjujyC7RaJ+G677I8Ky02i2356dI0t4938
BAPUSDH+mmrpvlxOSskb4+14fkFX9QouFmh6y/62qZeNMcYcDYrOCHlEN8uVSTYZ
Kin1Lj4iuv0GoumssG+MnI/QLDRLh50HQUx7/Elevz9XQO/Yim1S/cO52wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDAn1sZz7pP0coXdd8lTARipdPzqMB8GA1UdIwQY
MBaAFPXZASAf8LG5fvPRpy2kHhjwFFdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRrQklCX3dzYmwtODlHbkxhUWVHUEFVVjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hZDU1NDUtZjhhZi00Mjc4LTkwYTUt
YTNiYmM4N2E3N2NjLzEvTUNmV3huUHVrX1J5aGQxM3lWTUJHS2wwX09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hZDU1NDUtZjhhZi00Mjc4LTkwYTUtYTNiYmM4N2E3N2Nj
LzEvOWRrQklCX3dzYmwtODlHbkxhUWVHUEFVVjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQA1E4AMAwD
BAHUTgIDBAHUTgQDBADUTgcwDAMEAdROCgMEBNROAAMEANROGgMEAdROHAMEANRO
HzANBgkqhkiG9w0BAQsFAAOCAQEAghNyStgQPUCyHrwLqdIviJWW6velu1/wMfKR
zL/Gb0DLhvyhGBe2QKifNAsQPjoJJNhBSXHHd3vT8icDsZYN+j162ppw3udXecNh
J7GMZFfLDSgxI4CmqH5Uvalxd6ayKIJSMMUadtVj9cyjDHLoGcaZoB3mzZfBty0P
tCmyHX4AE6mx4VykotaWEHk12wPEv7OCZDNaX4WE3boJKVP+gLeQfCEUN2GmeMny
i7z3c4EJt7NfAYt2MHnbOEjHwGt1AZV5HF5tr/b8ghUq+z+iu51UcSnzT2rcpK2q
oK9/mHeVy2wa4SXVwFU3R8ry4rcmMAazV/6h8YpKwKjarbcgGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org