Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/acec3d-775e-4d0e-8433-fc3d5c2230b2/1/Cd-ygl3w4itH-Hc4vSzx54N1kaM.roa
File: Cd-ygl3w4itH-Hc4vSzx54N1kaM.roa (raw, json)
Hash identifier: 9159OKZDWoH/2jDEYpU0KWDO3OwJNoMF+MJ0dcHAy6g=
Subject key identifier: 09:DF:B2:82:5D:F0:E2:2B:47:F8:77:38:BD:2C:F1:E7:83:75:91:A3
Certificate issuer: /CN=d271ea06b1a756cbf46ae046484bbd3e4fce4ca5
Certificate serial: 01856B8A0BC8F500E4A44181C436F8C990F9
Authority key identifier: D2:71:EA:06:B1:A7:56:CB:F4:6A:E0:46:48:4B:BD:3E:4F:CE:4C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nHqBrGnVsv0auBGSEu9Pk_OTKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/acec3d-775e-4d0e-8433-fc3d5c2230b2/1/Cd-ygl3w4itH-Hc4vSzx54N1kaM.roa
Signing time: Sun 01 Jan 2023 04:14:47 +0000
ROA not before: Sun 01 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49944
IP address blocks: 78.153.96.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:0b:c8:f5:00:e4:a4:41:81:c4:36:f8:c9:90:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d271ea06b1a756cbf46ae046484bbd3e4fce4ca5
Validity
Not Before: Jan 1 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09dfb2825df0e22b47f87738bd2cf1e7837591a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ec:42:ce:16:2a:cf:84:1c:3d:05:a4:33:8b:
0d:f7:14:82:68:2f:98:c0:c9:1e:a8:6d:5a:75:0b:
16:71:56:9d:0f:6d:35:a0:2f:ca:ae:1e:ae:35:65:
a1:69:e5:15:6a:91:3e:3e:02:8b:10:e9:10:a8:a7:
92:15:e2:0c:d9:92:76:a0:8c:9a:97:5c:7f:34:ce:
99:50:75:d2:7f:c7:53:03:16:8c:e5:a6:51:a0:09:
3c:24:e6:0e:6a:21:d0:3b:63:08:0e:6a:80:fa:1b:
ea:20:e0:5e:08:17:92:c3:fb:26:7f:e2:59:0d:04:
9a:46:9c:af:8c:74:87:f4:37:93:39:b9:3e:aa:f3:
fd:93:83:9e:e2:15:86:ed:cf:ad:0e:90:fb:3b:0c:
5e:51:80:67:19:06:bb:3d:e1:cc:12:3c:0a:c5:67:
8c:32:a5:7d:c5:24:ee:3e:35:90:fa:43:d3:31:8e:
97:2c:94:b8:40:5d:83:ee:eb:9d:94:ff:14:d0:34:
11:26:23:8d:e0:d3:6a:2c:ae:65:c4:f7:74:b7:92:
63:1f:05:99:19:97:be:fa:c7:d4:d2:28:0f:f3:9c:
6e:98:26:60:ec:7c:a1:8d:30:dc:5e:6b:98:55:7c:
0d:6e:28:58:81:54:4a:2b:f0:e2:0d:e3:f7:04:fa:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DF:B2:82:5D:F0:E2:2B:47:F8:77:38:BD:2C:F1:E7:83:75:91:A3
X509v3 Authority Key Identifier:
keyid:D2:71:EA:06:B1:A7:56:CB:F4:6A:E0:46:48:4B:BD:3E:4F:CE:4C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHqBrGnVsv0auBGSEu9Pk_OTKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/acec3d-775e-4d0e-8433-fc3d5c2230b2/1/Cd-ygl3w4itH-Hc4vSzx54N1kaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/acec3d-775e-4d0e-8433-fc3d5c2230b2/1/0nHqBrGnVsv0auBGSEu9Pk_OTKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.96.0/19
Signature Algorithm: sha256WithRSAEncryption
08:41:6c:20:56:b7:90:e2:f0:20:40:a8:21:3b:44:4d:da:58:
26:da:c2:e0:2d:94:f6:49:26:57:06:36:6d:76:ec:9d:39:e5:
28:49:c3:88:13:d2:cf:39:7e:30:d4:dd:ef:f3:3d:7f:f8:72:
79:24:90:3d:ec:59:53:6b:fc:45:e9:eb:e0:d8:c5:a2:62:e1:
2e:cf:30:f2:6e:a2:32:5c:81:88:0c:25:da:5c:cc:5c:45:22:
9b:30:ec:b4:ff:c0:d4:11:01:5d:ee:bc:a3:c0:27:dd:2d:8d:
7c:40:73:e1:18:7d:4d:f9:2c:39:ac:b4:01:11:e9:42:fb:dc:
b0:0f:f4:2f:12:e2:8c:f7:e9:6c:30:33:84:19:d3:03:2a:e3:
e5:57:12:cc:3d:ac:b2:2b:31:9d:88:05:c5:d2:ca:87:7b:7f:
aa:15:31:5b:56:4f:2a:2a:0c:a8:ba:6f:55:ec:9c:07:db:4a:
a2:a1:41:fb:61:14:d2:39:a4:68:f6:ad:d6:0d:45:36:af:91:
36:eb:1a:74:81:b4:12:17:c2:ce:23:39:4c:25:fd:03:ab:86:
ae:85:4c:6a:af:d1:8e:ea:6c:fc:6b:c8:41:32:c4:d8:b6:c4:
43:78:95:01:ef:59:06:93:ff:9c:02:13:cf:ca:9d:9b:59:a1:
dd:82:ed:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrigvI9QDkpEGBxDb4yZD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlYTA2YjFhNzU2Y2JmNDZhZTA0NjQ4NGJiZDNlNGZj
ZTRjYTUwHhcNMjMwMTAxMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRmYjI4MjVkZjBlMjJiNDdmODc3MzhiZDJjZjFlNzgzNzU5MWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgexCzhYqz4QcPQWkM4sN9xSCaC+Y
wMkeqG1adQsWcVadD201oC/Krh6uNWWhaeUVapE+PgKLEOkQqKeSFeIM2ZJ2oIya
l1x/NM6ZUHXSf8dTAxaM5aZRoAk8JOYOaiHQO2MIDmqA+hvqIOBeCBeSw/smf+JZ
DQSaRpyvjHSH9DeTObk+qvP9k4Oe4hWG7c+tDpD7OwxeUYBnGQa7PeHMEjwKxWeM
MqV9xSTuPjWQ+kPTMY6XLJS4QF2D7uudlP8U0DQRJiON4NNqLK5lxPd0t5JjHwWZ
GZe++sfU0igP85xumCZg7HyhjTDcXmuYVXwNbihYgVRKK/DiDeP3BPpY3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAnfsoJd8OIrR/h3OL0s8eeDdZGjMB8GA1UdIwQY
MBaAFNJx6gaxp1bL9GrgRkhLvT5PzkylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IcUJyR25Wc3YwYXVCR1NFdTlQa19PVEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hY2VjM2QtNzc1ZS00ZDBlLTg0MzMt
ZmMzZDVjMjIzMGIyLzEvQ2QteWdsM3c0aXRILUhjNHZTeng1NE4xa2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hY2VjM2QtNzc1ZS00ZDBlLTg0MzMtZmMzZDVjMjIzMGIy
LzEvMG5IcUJyR25Wc3YwYXVCR1NFdTlQa19PVEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFTplgMA0G
CSqGSIb3DQEBCwUAA4IBAQAIQWwgVreQ4vAgQKghO0RN2lgm2sLgLZT2SSZXBjZt
duydOeUoScOIE9LPOX4w1N3v8z1/+HJ5JJA97FlTa/xF6evg2MWiYuEuzzDybqIy
XIGIDCXaXMxcRSKbMOy0/8DUEQFd7ryjwCfdLY18QHPhGH1N+Sw5rLQBEelC+9yw
D/QvEuKM9+lsMDOEGdMDKuPlVxLMPayyKzGdiAXF0sqHe3+qFTFbVk8qKgyoum9V
7JwH20qioUH7YRTSOaRo9q3WDUU2r5E26xp0gbQSF8LOIzlMJf0Dq4auhUxqr9GO
6mz8a8hBMsTYtsRDeJUB71kGk/+cAhPPyp2bWaHdgu2X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:46 2024 by rpki-client on console-ams.rpki-client.org