Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HvdNbeYL9ZalMLoT9Gsr4oICwqw.roa
File: HvdNbeYL9ZalMLoT9Gsr4oICwqw.roa (raw, json)
Hash identifier: aTmv8Wuzq4Okjf1l44RHSan6s5HdexyxEPgQ6TjjV3w=
Subject key identifier: 1E:F7:4D:6D:E6:0B:F5:96:A5:30:BA:13:F4:6B:2B:E2:82:02:C2:AC
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018CA4E4F83E8E264C43607E2989A647C120
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HvdNbeYL9ZalMLoT9Gsr4oICwqw.roa
Signing time: Tue 26 Dec 2023 06:51:58 +0000
ROA not before: Tue 26 Dec 2023 06:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203214
IP address blocks: 78.109.236.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
78.109.237.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
185.52.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a4:e4:f8:3e:8e:26:4c:43:60:7e:29:89:a6:47:c1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Dec 26 06:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ef74d6de60bf596a530ba13f46b2be28202c2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b6:46:cc:8a:bd:bf:1e:ff:9c:74:8b:2e:f2:
a3:6b:4c:03:54:fd:29:6e:be:e5:07:91:cd:43:63:
f4:b1:94:f8:55:de:0c:59:95:fc:0e:55:8c:48:dc:
0b:a4:3c:41:a2:63:26:fd:4a:8f:6b:d4:ce:90:38:
bf:7f:da:1e:16:2f:87:47:7d:6a:31:38:30:eb:c0:
d9:33:4e:da:7c:3a:cf:31:be:57:ca:34:85:4b:5a:
d9:e5:8f:74:69:a8:8d:de:1c:a1:d2:e1:b1:e0:22:
74:2b:74:57:6a:27:cc:b2:c5:92:b0:06:45:23:1b:
ba:0a:4e:ab:d4:69:52:aa:0f:34:b5:18:3f:71:77:
d6:2d:a9:7f:2c:e7:04:a2:a0:90:31:48:f1:7a:b8:
5f:de:44:f6:50:16:01:be:a4:49:65:a1:dd:f4:3a:
0c:2d:b0:d2:95:51:04:72:8e:84:91:da:9b:c7:c1:
53:a9:5c:ec:2b:8b:61:5b:29:70:58:77:e6:4b:cf:
ac:31:32:6d:2b:56:ed:42:78:14:56:b6:e4:54:6e:
8d:0e:b1:d6:ee:73:06:54:bb:a3:93:06:fd:83:10:
fa:d0:bb:f3:b5:87:66:8d:b4:f9:3f:b0:c6:db:41:
8a:c2:ad:69:aa:e9:40:36:56:b1:61:56:b9:0f:ad:
42:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F7:4D:6D:E6:0B:F5:96:A5:30:BA:13:F4:6B:2B:E2:82:02:C2:AC
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HvdNbeYL9ZalMLoT9Gsr4oICwqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.235.0-78.109.238.255
185.52.100.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:c0:a9:2c:74:e6:de:2b:b5:37:2c:c7:af:be:17:93:b4:f3:
c8:6a:62:84:8f:46:10:47:70:7d:e6:08:c1:87:f5:1e:39:c8:
ff:bb:06:05:78:42:d0:c7:a1:18:00:73:6c:49:32:02:e1:17:
a9:88:72:ab:55:0c:cb:2c:04:43:22:e3:69:2e:65:9f:1d:fa:
83:2f:8f:91:b7:26:b5:bb:34:03:d9:cf:d7:65:01:64:bf:8a:
65:ed:21:70:d7:b5:e8:0f:73:31:fa:f0:42:1a:c0:22:fc:2d:
c0:87:de:8f:64:b9:3a:b1:a9:bf:4a:c8:c5:8d:d1:b4:ec:08:
54:b9:a2:47:2d:a9:13:82:21:44:85:59:d7:97:46:76:98:b7:
a7:42:9b:3d:85:97:2a:75:1d:e8:6c:48:3d:39:b3:fa:43:b6:
29:3b:d8:0a:00:2d:c8:2e:e5:a6:c7:5b:24:42:f8:0a:f9:26:
3a:49:35:90:ea:65:cf:3a:a2:62:98:56:01:f1:98:db:2e:f0:
22:c5:3a:29:f3:ed:1d:1b:3b:a9:eb:5d:2a:38:78:66:0b:ef:
a2:13:e0:19:49:d0:4c:22:9d:73:8e:95:8d:f4:db:94:94:c4:
46:e2:aa:c7:73:2e:bf:d6:1f:f8:33:40:0f:5a:9d:00:42:c6:
44:cb:23:3c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYyk5Pg+jiZMQ2B+KYmmR8EgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjMxMjI2MDY1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWY3NGQ2ZGU2MGJmNTk2YTUzMGJhMTNmNDZiMmJlMjgyMDJjMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLZGzIq9vx7/nHSLLvKja0wDVP0p
br7lB5HNQ2P0sZT4Vd4MWZX8DlWMSNwLpDxBomMm/UqPa9TOkDi/f9oeFi+HR31q
MTgw68DZM07afDrPMb5XyjSFS1rZ5Y90aaiN3hyh0uGx4CJ0K3RXaifMssWSsAZF
Ixu6Ck6r1GlSqg80tRg/cXfWLal/LOcEoqCQMUjxerhf3kT2UBYBvqRJZaHd9DoM
LbDSlVEEco6Ekdqbx8FTqVzsK4thWylwWHfmS8+sMTJtK1btQngUVrbkVG6NDrHW
7nMGVLujkwb9gxD60LvztYdmjbT5P7DG20GKwq1pqulANlaxYVa5D61CywIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB73TW3mC/WWpTC6E/RrK+KCAsKsMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL0h2ZE5iZVlMOVphbE1Mb1Q5R3NyNG9JQ3dxdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAE5t
6wMEAE5t7gMEAbk0ZDANBgkqhkiG9w0BAQsFAAOCAQEADcCpLHTm3iu1NyzHr74X
k7TzyGpihI9GEEdwfeYIwYf1HjnI/7sGBXhC0MehGABzbEkyAuEXqYhyq1UMyywE
QyLjaS5lnx36gy+Pkbcmtbs0A9nP12UBZL+KZe0hcNe16A9zMfrwQhrAIvwtwIfe
j2S5OrGpv0rIxY3RtOwIVLmiRy2pE4IhRIVZ15dGdpi3p0KbPYWXKnUd6GxIPTmz
+kO2KTvYCgAtyC7lpsdbJEL4CvkmOkk1kOplzzqiYphWAfGY2y7wIsU6KfPtHRs7
qetdKjh4ZgvvohPgGUnQTCKdc46VjfTblJTERuKqx3Muv9Yf+DNAD1qdAELGRMsj
PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:29 2024 by rpki-client on console-ams.rpki-client.org