Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_w9_KdBNBI6bkGbkJS_2TY0PQnw.roa
File: _w9_KdBNBI6bkGbkJS_2TY0PQnw.roa (raw, json)
Hash identifier: AQbaE827UCiS0OL4cfyx34shY3NqGXAzOcSHaJbuMRc=
Subject key identifier: FF:0F:7F:29:D0:4D:04:8E:9B:90:66:E4:25:2F:F6:4D:8D:0F:42:7C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018D5B51BC31833711F3A06B7FF0598DC365
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_w9_KdBNBI6bkGbkJS_2TY0PQnw.roa
Signing time: Tue 30 Jan 2024 17:01:39 +0000
ROA not before: Tue 30 Jan 2024 17:01:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 05:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:51:bc:31:83:37:11:f3:a0:6b:7f:f0:59:8d:c3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 30 17:01:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff0f7f29d04d048e9b9066e4252ff64d8d0f427c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:97:d0:e0:3f:2e:e8:01:8f:53:75:14:a0:e4:
e7:0a:de:f6:b6:b1:39:af:61:51:9a:0a:91:bc:f2:
07:cb:b1:06:68:72:97:c1:31:bd:b4:e4:c0:af:4f:
73:1f:34:7a:11:01:5e:4d:8b:2e:75:ea:06:42:bb:
44:a8:f2:61:9b:f0:e7:21:b2:0c:a7:0e:e3:60:75:
bf:ae:6b:80:d8:db:49:63:45:46:c8:3b:80:33:fc:
05:18:88:20:96:bd:4d:3b:bc:67:f5:68:db:e9:52:
c0:f1:76:8f:8d:4d:b5:2b:db:13:c7:b9:1a:1b:38:
d2:4b:95:19:a0:f8:66:2c:94:72:44:fd:ef:46:1c:
34:a0:09:b8:51:0f:ca:d6:0b:cc:a5:50:80:99:4e:
d0:63:79:f3:2b:13:95:7f:0f:51:5e:78:78:3e:77:
e4:d6:67:47:b9:66:af:fb:da:ae:69:64:81:63:1b:
83:97:1f:7d:7c:48:cc:8c:76:1f:6e:bd:a9:fc:f8:
d8:21:f4:cc:2c:3d:12:b2:bc:1a:b8:d7:19:fc:5f:
ba:2b:a5:bf:94:fe:fc:54:f4:3d:58:39:13:18:8c:
34:3c:50:ba:44:a0:ae:2b:17:cd:81:43:c4:34:59:
aa:99:96:d1:a3:ad:11:02:c0:15:b0:53:6c:59:8b:
ac:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0F:7F:29:D0:4D:04:8E:9B:90:66:E4:25:2F:F6:4D:8D:0F:42:7C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_w9_KdBNBI6bkGbkJS_2TY0PQnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:8a:1b:0d:89:7d:52:bd:f0:60:ae:a2:83:7b:db:3b:a6:f5:
2f:a7:a0:a5:e1:b0:17:5a:97:ae:f9:a8:ac:e1:1f:48:02:a1:
e2:20:f0:2b:b0:88:e1:97:6b:53:e1:fc:83:d9:e6:77:79:40:
1b:fb:11:61:1c:8a:e7:db:e6:49:fd:ee:6d:67:84:fc:0f:87:
94:66:96:0d:18:7b:c7:62:8e:c8:48:75:07:7c:5f:39:fa:f8:
15:11:d4:73:e3:01:f7:fc:fd:97:25:54:50:32:c3:d4:e0:2d:
e0:8a:6f:d6:c9:7e:6b:84:82:8d:cc:ff:0b:29:48:89:65:2c:
e5:d1:46:24:a2:0f:4c:ac:dd:29:2e:48:61:9c:2c:38:45:2f:
f6:b3:a9:2b:bb:ec:53:b1:45:3f:26:ca:b6:6c:63:99:64:77:
3e:48:8d:0e:2a:27:4f:26:13:08:bd:e7:d3:2a:95:38:4c:9c:
03:e4:3c:ed:21:9a:7b:27:6e:50:75:f1:a6:0e:78:97:2a:5e:
35:44:94:fd:73:c2:85:da:24:6d:06:54:6c:55:7d:8a:18:8f:
c6:4c:e8:04:6a:9c:71:b3:e8:e6:72:0a:3b:1f:7b:e0:e7:5a:
f0:2f:e1:c3:2b:2f:70:be:7f:81:bd:e7:b8:f6:98:da:48:dd:
87:9d:59:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1bUbwxgzcR86Brf/BZjcNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTMwMTcwMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjBmN2YyOWQwNGQwNDhlOWI5MDY2ZTQyNTJmZjY0ZDhkMGY0MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpfQ4D8u6AGPU3UUoOTnCt72trE5
r2FRmgqRvPIHy7EGaHKXwTG9tOTAr09zHzR6EQFeTYsudeoGQrtEqPJhm/DnIbIM
pw7jYHW/rmuA2NtJY0VGyDuAM/wFGIgglr1NO7xn9Wjb6VLA8XaPjU21K9sTx7ka
GzjSS5UZoPhmLJRyRP3vRhw0oAm4UQ/K1gvMpVCAmU7QY3nzKxOVfw9RXnh4Pnfk
1mdHuWav+9quaWSBYxuDlx99fEjMjHYfbr2p/PjYIfTMLD0SsrwauNcZ/F+6K6W/
lP78VPQ9WDkTGIw0PFC6RKCuKxfNgUPENFmqmZbRo60RAsAVsFNsWYus5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP8PfynQTQSOm5Bm5CUv9k2ND0J8MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvX3c5X0tkQk5CSTZia0dia0pTXzJUWTBQUW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbIDAwQA
LhdgAwQALhdiAwQAbc3UMA0GCSqGSIb3DQEBCwUAA4IBAQC1ihsNiX1SvfBgrqKD
e9s7pvUvp6Cl4bAXWpeu+ais4R9IAqHiIPArsIjhl2tT4fyD2eZ3eUAb+xFhHIrn
2+ZJ/e5tZ4T8D4eUZpYNGHvHYo7ISHUHfF85+vgVEdRz4wH3/P2XJVRQMsPU4C3g
im/WyX5rhIKNzP8LKUiJZSzl0UYkog9MrN0pLkhhnCw4RS/2s6kru+xTsUU/Jsq2
bGOZZHc+SI0OKidPJhMIvefTKpU4TJwD5DztIZp7J25QdfGmDniXKl41RJT9c8KF
2iRtBlRsVX2KGI/GTOgEapxxs+jmcgo7H3vg51rwL+HDKy9wvn+Bvee49pjaSN2H
nVnF
-----END CERTIFICATE-----
Generated at Thu Feb 1 10:43:27 2024 by rpki-client on console-fra.rpki-client.org