Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/3RTCW5Eh3WMf6K84-FD9U1yVLSY.roa
File: 3RTCW5Eh3WMf6K84-FD9U1yVLSY.roa (raw, json)
Hash identifier: 09NVm6+6g/Kw0Z4JDl4HZTL1EJwkG05O39IrYi68wa8=
Subject key identifier: DD:14:C2:5B:91:21:DD:63:1F:E8:AF:38:F8:50:FD:53:5C:95:2D:26
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BD6D444FF17F51DC25C2FBB2CC54E32F3
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/3RTCW5Eh3WMf6K84-FD9U1yVLSY.roa
Signing time: Thu 16 Nov 2023 06:31:57 +0000
ROA not before: Thu 16 Nov 2023 06:31:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58250
IP address blocks: 78.93.178.0/24 maxlen: 24
78.93.82.0/23 maxlen: 23
86.60.127.0/24 maxlen: 24
212.93.203.0/24 maxlen: 24
86.60.32.0/19 maxlen: 19
78.93.10.0/24 maxlen: 24
78.93.117.0/24 maxlen: 24
86.60.56.0/21 maxlen: 21
2a02:df4::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:d4:44:ff:17:f5:1d:c2:5c:2f:bb:2c:c5:4e:32:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 16 06:31:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd14c25b9121dd631fe8af38f850fd535c952d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:88:6c:3f:50:1e:d6:93:dd:e5:a1:68:ed:09:
71:a2:b8:72:cf:b1:34:b2:a2:54:f7:a2:1f:a3:42:
94:7b:65:4b:40:6e:e1:10:cd:81:0c:c7:cb:c0:ee:
d5:25:df:ce:5d:45:22:2b:4f:75:81:2b:8e:28:a0:
4e:7a:36:42:03:c7:2a:72:e6:22:36:06:4d:06:4c:
bb:af:8f:e0:ce:8a:88:c9:de:5e:ff:de:71:9d:d6:
ec:78:e8:22:d5:c8:1c:03:33:a7:e6:26:a8:c6:22:
dc:95:1e:a0:df:7d:09:93:53:24:6c:17:27:d1:88:
7b:ec:88:28:06:4f:9d:9d:b3:90:d1:0c:78:47:63:
7c:d1:b2:c8:4e:e6:5c:53:f8:d4:06:58:ea:86:ca:
6c:a2:58:bf:06:d4:2d:71:d9:dd:99:a6:77:19:76:
c7:8c:bc:39:12:99:c7:61:07:77:00:be:89:d9:08:
a4:aa:e4:12:57:b5:a7:8d:e4:26:65:f6:50:0e:6d:
ed:61:80:75:56:95:0a:4c:38:04:3a:c6:2c:26:82:
21:4d:d8:1e:ff:75:c7:58:7a:cf:2c:ac:33:15:5f:
4e:9c:11:09:2c:37:43:07:3d:fa:8e:43:c7:7f:58:
d2:4c:52:8d:64:12:c2:31:f7:05:d4:75:12:2a:28:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:14:C2:5B:91:21:DD:63:1F:E8:AF:38:F8:50:FD:53:5C:95:2D:26
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/3RTCW5Eh3WMf6K84-FD9U1yVLSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.93.10.0/24
78.93.82.0/23
78.93.117.0/24
78.93.178.0/24
86.60.32.0/19
86.60.127.0/24
212.93.203.0/24
IPv6:
2a02:df4::/32
Signature Algorithm: sha256WithRSAEncryption
4d:1f:82:a4:30:db:62:d2:56:7d:e0:44:c5:d1:73:47:35:3d:
ab:3b:dc:02:a5:ba:2c:b6:4d:2f:8b:47:63:41:4f:3c:13:52:
82:f3:3b:9b:06:bb:70:c4:f3:38:4c:0d:e6:aa:6d:20:9f:35:
51:32:da:c2:44:c7:03:16:a6:04:06:f4:98:86:ab:98:0a:53:
3f:0d:d2:34:2e:90:63:37:74:fd:4e:b1:ac:be:33:7b:91:5e:
aa:a3:8e:7c:2a:5e:62:96:df:a5:71:ad:89:43:7e:c8:af:19:
a4:71:5c:25:a0:f1:0a:e6:dd:9e:5d:34:4d:88:d1:93:6a:94:
c1:1c:5f:18:4c:bf:f6:71:65:ae:c9:a9:2e:cc:1d:65:ad:bd:
2e:b1:a1:eb:56:ec:6b:0f:41:33:d2:3e:cb:b8:95:ac:9d:53:
99:1b:a0:cc:9b:8e:e3:cd:a9:d3:aa:b9:33:47:77:0a:66:3b:
a8:bd:f9:2b:34:8b:cb:2c:66:94:bf:05:88:43:71:ed:e0:b9:
d1:dd:21:38:87:af:91:62:58:76:ab:2e:68:6c:ac:95:2d:5a:
2a:30:7e:4e:bb:e5:58:1c:8b:39:8d:c6:82:5d:5e:59:42:9a:
05:79:53:40:28:3f:82:da:2b:8e:6b:ec:96:e1:c3:ef:ba:3b:
2b:98:ea:ba
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYvW1ET/F/UdwlwvuyzFTjLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTE2MDYzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE0YzI1YjkxMjFkZDYzMWZlOGFmMzhmODUwZmQ1MzVjOTUyZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwohsP1Ae1pPd5aFo7Qlxorhyz7E0
sqJU96Ifo0KUe2VLQG7hEM2BDMfLwO7VJd/OXUUiK091gSuOKKBOejZCA8cqcuYi
NgZNBky7r4/gzoqIyd5e/95xndbseOgi1cgcAzOn5iaoxiLclR6g330Jk1MkbBcn
0Yh77IgoBk+dnbOQ0Qx4R2N80bLITuZcU/jUBljqhspsoli/BtQtcdndmaZ3GXbH
jLw5EpnHYQd3AL6J2QikquQSV7WnjeQmZfZQDm3tYYB1VpUKTDgEOsYsJoIhTdge
/3XHWHrPLKwzFV9OnBEJLDdDBz36jkPHf1jSTFKNZBLCMfcF1HUSKijKcwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFN0UwluRId1jH+ivOPhQ/VNclS0mMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvM1JUQ1c1RWgzV01mNks4NC1GRDlVMXlWTFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQATl0KAwQB
Tl1SAwQATl11AwQATl2yAwQFVjwgAwQAVjx/AwQA1F3LMA0EAgACMAcDBQAqAg30
MA0GCSqGSIb3DQEBCwUAA4IBAQBNH4KkMNti0lZ94ETF0XNHNT2rO9wCpbostk0v
i0djQU88E1KC8zubBrtwxPM4TA3mqm0gnzVRMtrCRMcDFqYEBvSYhquYClM/DdI0
LpBjN3T9TrGsvjN7kV6qo458Kl5ilt+lca2JQ37IrxmkcVwloPEK5t2eXTRNiNGT
apTBHF8YTL/2cWWuyakuzB1lrb0usaHrVuxrD0Ez0j7LuJWsnVOZG6DMm47jzanT
qrkzR3cKZjuovfkrNIvLLGaUvwWIQ3Ht4LnR3SE4h6+RYlh2qy5obKyVLVoqMH5O
u+VYHIs5jcaCXV5ZQpoFeVNAKD+C2iuOa+yW4cPvujsrmOq6
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:37 2024 by rpki-client on console-fra.rpki-client.org