Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/kbF5asciOJYLs30USj1fsY4rf6s.roa
File: kbF5asciOJYLs30USj1fsY4rf6s.roa (raw, json)
Hash identifier: Ypd0qc2p+yE7OnJSwp7nLHNeLT12ac17tsoRSNZHq1s=
Subject key identifier: 91:B1:79:6A:C7:22:38:96:0B:B3:7D:14:4A:3D:5F:B1:8E:2B:7F:AB
Certificate issuer: /CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Certificate serial: 01856FC255C022E961DD97B3056FE106993A
Authority key identifier: 87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/kbF5asciOJYLs30USj1fsY4rf6s.roa
Signing time: Sun 01 Jan 2023 23:54:44 +0000
ROA not before: Sun 01 Jan 2023 23:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43204
IP address blocks: 78.108.122.0/24 maxlen: 24
185.36.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:55:c0:22:e9:61:dd:97:b3:05:6f:e1:06:99:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Validity
Not Before: Jan 1 23:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91b1796ac72238960bb37d144a3d5fb18e2b7fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:3e:ba:38:68:07:ff:b2:d8:db:68:24:b7:
ea:18:7c:90:d8:a7:35:7d:49:04:eb:11:12:44:8e:
e5:b6:06:f1:92:7b:77:45:5d:75:98:b3:f8:d4:dc:
43:e2:e7:95:59:80:d4:2c:bb:e4:26:43:00:b1:a5:
fa:ee:80:d8:18:8c:97:ca:20:9d:1d:da:07:34:2c:
17:de:ef:44:aa:bc:26:40:d7:2f:ef:e1:e2:8d:7b:
ee:eb:a5:ab:5c:73:36:9d:aa:76:1e:89:2f:5c:c2:
e6:71:07:37:60:4e:1d:38:44:18:f9:ff:e8:d5:6c:
ac:f7:88:92:21:fd:22:02:50:82:44:f0:3e:bc:3a:
a8:01:68:27:d5:ff:38:00:9c:71:43:65:9d:bb:8b:
33:2e:0b:d2:5c:68:9e:07:05:59:3b:ae:5f:37:15:
2c:45:ae:b1:ee:f1:7e:3d:9b:93:2a:a2:9c:f9:8b:
e8:0d:b7:18:2e:05:84:7d:08:6c:02:b4:33:43:32:
84:26:79:7f:80:eb:d2:45:58:5a:6c:9e:d0:cb:1a:
d5:1d:e5:82:95:f7:cf:9a:bb:a9:de:0e:cd:7e:b6:
7e:92:1c:00:2d:75:98:cf:98:c0:cd:bb:8c:c6:cc:
61:a2:43:38:c6:34:1d:3a:07:3f:64:fc:8c:9c:c2:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B1:79:6A:C7:22:38:96:0B:B3:7D:14:4A:3D:5F:B1:8E:2B:7F:AB
X509v3 Authority Key Identifier:
keyid:87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/kbF5asciOJYLs30USj1fsY4rf6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.122.0/24
185.36.21.0/24
Signature Algorithm: sha256WithRSAEncryption
97:15:06:20:45:e8:91:2d:6f:24:26:05:bd:17:58:24:f3:3a:
8d:48:55:79:fd:4f:af:28:0c:37:91:7e:d1:87:b7:46:a6:8c:
bd:40:85:a5:f0:08:cf:70:c2:27:b0:1f:d1:2d:8d:dd:1e:ff:
c7:e9:6d:f7:af:22:92:4a:58:01:67:d0:16:74:7c:c2:2f:ce:
24:31:9a:5b:c3:6e:a6:ba:9f:2e:77:80:d7:2f:7d:bb:8b:e1:
39:49:98:51:a3:61:ea:1c:df:19:69:f6:7d:0f:ae:9b:d3:a6:
a6:a9:08:5b:f5:72:0b:bd:7c:55:96:35:86:a7:1a:ec:ad:57:
b4:ae:7f:69:9f:79:84:97:aa:51:84:e0:3c:bf:74:ba:98:48:
67:81:11:0f:cd:e6:6e:be:a1:e3:62:9b:e2:74:3a:24:67:1f:
bc:ce:0a:a2:a6:b5:30:2b:c9:5f:6f:86:18:8a:9e:1f:e4:98:
79:cc:34:47:f6:0a:8b:52:9c:43:de:0e:7a:e0:6e:4b:3a:0e:
73:f2:75:ca:53:80:b3:b6:68:1e:86:b7:b1:57:9e:89:8c:73:
df:90:3e:96:b6:06:c6:f0:f1:d5:e1:98:e0:ae:0e:73:e9:4d:
80:e2:ef:d6:6a:c1:bb:00:bc:ab:11:12:c4:9a:80:d7:42:c3:
75:96:2b:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvwlXAIulh3ZezBW/hBpk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWUwYWYyODJkZDRlOWJjMWI4MjE5NGFlZDNiMTk2OTNk
ODcyOTgwHhcNMjMwMTAxMjM1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWIxNzk2YWM3MjIzODk2MGJiMzdkMTQ0YTNkNWZiMThlMmI3ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nM+ujhoB/+y2NtoJLfqGHyQ2Kc1
fUkE6xESRI7ltgbxknt3RV11mLP41NxD4ueVWYDULLvkJkMAsaX67oDYGIyXyiCd
HdoHNCwX3u9EqrwmQNcv7+HijXvu66WrXHM2nap2HokvXMLmcQc3YE4dOEQY+f/o
1Wys94iSIf0iAlCCRPA+vDqoAWgn1f84AJxxQ2Wdu4szLgvSXGieBwVZO65fNxUs
Ra6x7vF+PZuTKqKc+YvoDbcYLgWEfQhsArQzQzKEJnl/gOvSRVhabJ7QyxrVHeWC
lffPmrup3g7NfrZ+khwALXWYz5jAzbuMxsxhokM4xjQdOgc/ZPyMnMJ2twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGxeWrHIjiWC7N9FEo9X7GOK3+rMB8GA1UdIwQY
MBaAFIeuCvKC3U6bwbghlK7TsZaT2HKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQt
Y2VmMDEzNjJjNGE4LzEva2JGNWFzY2lPSllMczMwVVNqMWZzWTRyZjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQtY2VmMDEzNjJjNGE4
LzEvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATmx6AwQA
uSQVMA0GCSqGSIb3DQEBCwUAA4IBAQCXFQYgReiRLW8kJgW9F1gk8zqNSFV5/U+v
KAw3kX7Rh7dGpoy9QIWl8AjPcMInsB/RLY3dHv/H6W33ryKSSlgBZ9AWdHzCL84k
MZpbw26mup8ud4DXL327i+E5SZhRo2HqHN8ZafZ9D66b06amqQhb9XILvXxVljWG
pxrsrVe0rn9pn3mEl6pRhOA8v3S6mEhngREPzeZuvqHjYpvidDokZx+8zgqiprUw
K8lfb4YYip4f5Jh5zDRH9gqLUpxD3g564G5LOg5z8nXKU4CztmgehrexV56JjHPf
kD6WtgbG8PHV4Zjgrg5z6U2A4u/WasG7ALyrERLEmoDXQsN1litl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:25 2024 by rpki-client on console-ams.rpki-client.org