Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/YX3DTjGcQd1ubvoFsaajtq6teok.roa
File: YX3DTjGcQd1ubvoFsaajtq6teok.roa (raw, json)
Hash identifier: DK0o839/q8RzPCAViFWKaaCnqZcEDNFqZmDYu0yqf2Y=
Subject key identifier: 61:7D:C3:4E:31:9C:41:DD:6E:6E:FA:05:B1:A6:A3:B6:AE:AD:7A:89
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018C9F91C09918E1756FB13B68CD9BBF22E3
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/YX3DTjGcQd1ubvoFsaajtq6teok.roa
Signing time: Mon 25 Dec 2023 06:02:58 +0000
ROA not before: Mon 25 Dec 2023 06:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.225.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 06:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9f:91:c0:99:18:e1:75:6f:b1:3b:68:cd:9b:bf:22:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Dec 25 06:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=617dc34e319c41dd6e6efa05b1a6a3b6aead7a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:3e:13:f9:31:3a:c1:a2:15:1d:08:8b:bb:
d3:8a:af:f0:aa:51:a2:45:db:c9:1b:a3:21:e7:73:
68:bc:d4:91:79:60:8d:77:41:80:76:6e:c9:73:c1:
8f:02:86:30:7b:8e:26:2b:63:ef:99:b7:15:37:e8:
b7:bf:eb:4a:a3:54:c1:c6:09:6c:8f:e6:be:34:66:
be:0a:65:d3:5f:ae:0c:15:28:31:11:f9:7e:49:b3:
ab:20:1c:63:6d:f5:0e:48:ee:2f:83:a3:45:92:2d:
0e:e2:73:24:d3:b8:b8:67:5e:36:d5:c2:2b:c2:9f:
62:f9:0a:38:68:0f:12:9b:08:d3:8e:6f:e5:c5:f3:
84:bc:c9:66:37:2e:37:d1:94:09:69:a9:ba:88:0e:
05:0c:2d:76:e2:c5:11:7e:e6:65:4c:3f:4b:dd:7e:
b6:c8:5f:52:85:a8:b5:a6:78:ea:44:4c:6e:53:f4:
34:4c:a1:4b:af:ed:90:9b:d1:3f:e4:bd:3c:8e:74:
93:fa:0b:17:3f:a5:a7:21:fb:f0:89:6a:da:da:4d:
f9:ab:b3:d2:c0:a6:96:a2:a8:be:98:73:d7:de:c5:
e5:4c:f7:45:27:23:f6:92:1f:a2:c5:85:78:50:78:
4b:32:ed:4e:c8:93:8a:8b:82:3b:37:18:14:25:0a:
c2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7D:C3:4E:31:9C:41:DD:6E:6E:FA:05:B1:A6:A3:B6:AE:AD:7A:89
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/YX3DTjGcQd1ubvoFsaajtq6teok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.225.0/24
78.109.235.0/24
Signature Algorithm: sha256WithRSAEncryption
22:bd:dd:ee:40:0b:1e:01:ad:67:f1:8f:12:f0:8a:30:93:fc:
15:e6:89:73:58:cd:78:df:33:1d:c8:fb:4d:1b:c3:3a:9d:20:
80:6f:00:33:01:77:7f:7e:8d:d1:7a:8b:9d:14:45:e3:32:cb:
af:83:9c:08:22:59:59:d4:39:0a:5c:d9:c3:ab:58:06:76:ee:
d1:5f:4e:ac:14:cd:14:33:e6:cc:62:46:90:fe:db:8d:59:1b:
12:c7:02:3a:dd:79:38:76:14:f4:27:19:29:0b:2b:c0:b0:bf:
15:e8:4e:31:82:cb:8c:b5:4e:26:53:2a:b4:af:69:fe:68:59:
99:82:9f:47:40:e5:92:4b:b9:c6:f7:11:59:0f:d1:f2:78:57:
bc:51:c5:2d:6f:26:38:11:2b:c6:3f:33:c2:a9:a5:8e:b9:0d:
52:a9:eb:a7:c4:e7:48:d3:de:35:ce:99:26:25:1d:09:fa:b5:
5c:b9:3b:19:9d:5e:8f:55:5d:f1:1b:ec:be:90:a1:ca:91:12:
b3:bf:f5:42:c4:b0:25:fa:41:22:1b:9c:a3:1c:75:46:20:41:
f6:ca:08:e6:29:4d:1a:32:94:ec:43:c0:7f:3f:f5:25:80:33:
df:8d:60:c5:76:b9:7b:57:cf:b6:e3:29:b7:cb:8f:cc:c7:21:
a1:ca:1d:64
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyfkcCZGOF1b7E7aM2bvyLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjMxMjI1MDYwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTdkYzM0ZTMxOWM0MWRkNmU2ZWZhMDViMWE2YTNiNmFlYWQ3YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHk+E/kxOsGiFR0Ii7vTiq/wqlGi
RdvJG6Mh53NovNSReWCNd0GAdm7Jc8GPAoYwe44mK2PvmbcVN+i3v+tKo1TBxgls
j+a+NGa+CmXTX64MFSgxEfl+SbOrIBxjbfUOSO4vg6NFki0O4nMk07i4Z1421cIr
wp9i+Qo4aA8SmwjTjm/lxfOEvMlmNy430ZQJaam6iA4FDC124sURfuZlTD9L3X62
yF9Shai1pnjqRExuU/Q0TKFLr+2Qm9E/5L08jnST+gsXP6WnIfvwiWra2k35q7PS
wKaWoqi+mHPX3sXlTPdFJyP2kh+ixYV4UHhLMu1OyJOKi4I7NxgUJQrC6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGF9w04xnEHdbm76BbGmo7aurXqJMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL1lYM0RUakdjUWQxdWJ2b0ZzYWFqdHE2dGVvay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABObeED
BABObeswDQYJKoZIhvcNAQELBQADggEBACK93e5ACx4BrWfxjxLwijCT/BXmiXNY
zXjfMx3I+00bwzqdIIBvADMBd39+jdF6i50UReMyy6+DnAgiWVnUOQpc2cOrWAZ2
7tFfTqwUzRQz5sxiRpD+241ZGxLHAjrdeTh2FPQnGSkLK8CwvxXoTjGCy4y1TiZT
KrSvaf5oWZmCn0dA5ZJLucb3EVkP0fJ4V7xRxS1vJjgRK8Y/M8KppY65DVKp66fE
50jT3jXOmSYlHQn6tVy5OxmdXo9VXfEb7L6QocqRErO/9ULEsCX6QSIbnKMcdUYg
QfbKCOYpTRoylOxDwH8/9SWAM9+NYMV2uXtXz7bjKbfLj8zHIaHKHWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:32 2024 by rpki-client on console-fra.rpki-client.org