Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/RJIf8nqZnyFfBDin6LSdKFNYhgk.roa
File: RJIf8nqZnyFfBDin6LSdKFNYhgk.roa (raw, json)
Hash identifier: F9/1ZDoL+SyQkNi9U5Ctj+3wz8IbIvhvaqUoRRAm5gg=
Subject key identifier: 44:92:1F:F2:7A:99:9F:21:5F:04:38:A7:E8:B4:9D:28:53:58:86:09
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018D5F2DBB2FE5A7241A1EE12738A63616A9
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/RJIf8nqZnyFfBDin6LSdKFNYhgk.roa
Signing time: Wed 31 Jan 2024 11:00:49 +0000
ROA not before: Wed 31 Jan 2024 11:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201769
IP address blocks: 78.93.50.0/24 maxlen: 24
185.114.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 15:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:2d:bb:2f:e5:a7:24:1a:1e:e1:27:38:a6:36:16:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Jan 31 11:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44921ff27a999f215f0438a7e8b49d2853588609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:94:85:c7:1d:d6:0d:14:fd:52:98:e7:f4:
cd:f5:4f:67:1a:74:97:37:07:d1:1b:29:b6:7e:05:
0e:5d:57:91:03:0c:fc:a6:a6:4c:4c:a4:93:53:63:
41:48:bb:b7:f1:74:6d:2c:4e:a6:00:6c:2e:7a:52:
ee:03:87:47:3b:30:42:44:82:3e:f6:c8:4b:3d:4a:
58:75:6d:9c:fc:d4:c8:1e:b2:2e:75:d3:a2:a3:4d:
da:3c:a5:84:00:2b:8b:5b:45:fc:22:ca:47:5b:71:
d1:55:53:7f:cb:6b:ac:f7:8a:ef:8f:a8:71:63:56:
f9:0a:6b:78:f5:b8:73:de:2c:20:cd:c1:2f:55:89:
93:5c:a1:a2:b6:4a:5c:11:fc:ad:ba:b9:ef:ad:20:
38:4e:49:66:13:b8:e3:08:90:75:eb:2e:1d:66:d5:
33:1f:0f:a0:4d:2b:29:ab:98:c4:38:5b:34:8c:53:
21:1d:40:2d:49:17:27:81:52:b9:a8:9c:68:60:4f:
40:e7:51:c4:21:a6:8d:62:a2:7a:25:09:33:30:6f:
3d:83:32:1a:eb:e6:33:44:a4:0e:f7:6f:43:7b:f7:
fa:f2:86:2c:80:0b:20:b5:8b:65:59:5b:71:8c:26:
68:fa:d8:2c:50:54:e1:fa:a8:00:d6:43:a3:50:5e:
6e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:92:1F:F2:7A:99:9F:21:5F:04:38:A7:E8:B4:9D:28:53:58:86:09
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/RJIf8nqZnyFfBDin6LSdKFNYhgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.93.50.0/24
185.114.68.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ba:fc:cb:d2:7d:3f:d6:2a:52:ec:f8:05:a7:0b:fc:b8:df:
ca:af:e3:51:da:b0:f8:c8:5b:0f:5f:c3:30:ad:cf:e8:ff:e8:
0b:f7:1f:10:5d:81:c6:a4:65:bb:ad:e1:23:4a:23:89:38:23:
a0:81:e5:cc:25:cf:48:96:aa:8f:89:75:91:cb:b4:54:35:19:
79:44:1f:52:e1:19:72:45:33:96:ef:56:c4:bc:ef:e3:8c:9c:
f9:d1:f8:11:3d:ec:c5:7c:96:d5:d1:b0:9f:09:50:34:0d:69:
06:71:c3:a7:04:b2:83:39:c8:5f:aa:83:9f:b0:16:4f:94:52:
8b:b1:70:cc:12:42:19:85:b1:86:ea:a9:02:e7:42:8b:90:fc:
8a:4f:d3:c2:1f:f5:29:8e:be:66:79:88:94:1a:1f:bf:39:a2:
03:bb:b9:d3:96:e3:c5:82:32:40:c7:1e:ae:0e:0a:c0:d8:ff:
e8:e0:3c:65:f6:80:0b:07:eb:72:19:02:0e:36:e5:4b:e4:2a:
07:bc:ee:4f:95:30:5d:5f:ab:f3:05:3e:62:50:5f:b3:61:5d:
ea:29:18:14:88:c0:c1:f5:05:e3:9f:50:27:15:b5:a5:86:21:
17:77:5f:b0:6b:ba:b8:ed:19:e7:7e:30:be:9a:bc:0c:71:de:
88:5e:d9:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1fLbsv5ackGh7hJzimNhapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjQwMTMxMTEwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDkyMWZmMjdhOTk5ZjIxNWYwNDM4YTdlOGI0OWQyODUzNTg4NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnGUhccd1g0U/VKY5/TN9U9nGnSX
NwfRGym2fgUOXVeRAwz8pqZMTKSTU2NBSLu38XRtLE6mAGwuelLuA4dHOzBCRII+
9shLPUpYdW2c/NTIHrIuddOio03aPKWEACuLW0X8IspHW3HRVVN/y2us94rvj6hx
Y1b5Cmt49bhz3iwgzcEvVYmTXKGitkpcEfyturnvrSA4TklmE7jjCJB16y4dZtUz
Hw+gTSspq5jEOFs0jFMhHUAtSRcngVK5qJxoYE9A51HEIaaNYqJ6JQkzMG89gzIa
6+YzRKQO929De/f68oYsgAsgtYtlWVtxjCZo+tgsUFTh+qgA1kOjUF5u0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESSH/J6mZ8hXwQ4p+i0nShTWIYJMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvUkpJZjhucVpueUZmQkRpbjZMU2RLRk5ZaGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATl0yAwQA
uXJEMA0GCSqGSIb3DQEBCwUAA4IBAQCAuvzL0n0/1ipS7PgFpwv8uN/Kr+NR2rD4
yFsPX8Mwrc/o/+gL9x8QXYHGpGW7reEjSiOJOCOggeXMJc9IlqqPiXWRy7RUNRl5
RB9S4RlyRTOW71bEvO/jjJz50fgRPezFfJbV0bCfCVA0DWkGccOnBLKDOchfqoOf
sBZPlFKLsXDMEkIZhbGG6qkC50KLkPyKT9PCH/Upjr5meYiUGh+/OaIDu7nTluPF
gjJAxx6uDgrA2P/o4Dxl9oALB+tyGQIONuVL5CoHvO5PlTBdX6vzBT5iUF+zYV3q
KRgUiMDB9QXjn1AnFbWlhiEXd1+wa7q47RnnfjC+mrwMcd6IXtkY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:58 2025 by rpki-client