Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/miBdca8hiDSFwAFNTswBZRix-WM.roa
File: miBdca8hiDSFwAFNTswBZRix-WM.roa (raw, json)
Hash identifier: M8C8USbbGNocgAIk+G529uQ+AEYc0c4F5HWWi0vtOUg=
Subject key identifier: 9A:20:5D:71:AF:21:88:34:85:C0:01:4D:4E:CC:01:65:18:B1:F9:63
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018D32BDBC2D6C4909F81FADA271196AC740
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/miBdca8hiDSFwAFNTswBZRix-WM.roa
Signing time: Mon 22 Jan 2024 19:55:11 +0000
ROA not before: Mon 22 Jan 2024 19:55:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.225.0/24 maxlen: 24
78.109.226.0/24 maxlen: 24
78.109.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 15:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:bd:bc:2d:6c:49:09:f8:1f:ad:a2:71:19:6a:c7:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 22 19:55:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a205d71af21883485c0014d4ecc016518b1f963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:a8:c4:14:69:6d:cc:82:93:20:90:3d:6b:
fb:56:c0:c2:ca:14:29:9c:0c:4c:65:1a:3b:65:89:
0a:56:15:72:1c:33:ca:86:b0:27:a0:79:c4:3a:bc:
9d:44:72:67:9c:b8:e5:4c:40:33:b4:72:5f:14:b6:
f6:21:47:f4:8b:70:cd:9a:3f:43:c7:69:fb:47:e9:
41:95:f3:e4:89:21:1b:e4:60:98:cb:14:ee:c9:13:
35:b0:fa:8b:2a:ed:45:08:ac:15:d4:b5:e8:25:ee:
7f:74:36:51:85:dc:a5:33:ec:97:47:04:6c:15:b5:
c3:0c:7b:2d:40:07:bc:8a:1b:dc:b8:a8:9d:fb:7a:
41:b2:63:f7:23:d8:13:08:4a:b7:8d:0b:da:91:c4:
37:bb:e8:64:e8:32:24:cf:9c:ce:98:bf:19:00:0b:
57:fc:f0:f5:70:d9:3a:e6:9c:b4:f7:5a:33:0b:22:
8c:e8:ee:4a:31:d7:20:ed:42:61:4d:ff:47:23:10:
f8:a6:77:12:04:72:6e:78:bc:64:0e:f9:0c:d2:65:
6f:e1:3d:c7:65:8f:14:82:b0:ed:92:6e:0c:df:18:
95:4b:5a:51:8a:e9:27:98:86:bf:65:9e:15:8b:c6:
16:12:d1:18:12:3f:45:97:7d:a7:59:c8:4a:35:fc:
2a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:20:5D:71:AF:21:88:34:85:C0:01:4D:4E:CC:01:65:18:B1:F9:63
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/miBdca8hiDSFwAFNTswBZRix-WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.225.0-78.109.227.255
Signature Algorithm: sha256WithRSAEncryption
02:11:09:61:bd:21:3c:ca:69:e0:f3:c1:f9:b3:c2:da:60:be:
60:e6:f5:fb:23:5f:e8:62:58:aa:ce:1b:c1:07:f2:fd:43:57:
a6:c5:61:28:e4:14:d3:e2:96:9e:f4:05:a7:5c:fa:ed:b1:56:
dc:7e:b1:fd:eb:97:ba:c5:90:66:4b:3e:21:fc:3b:43:63:72:
5a:a4:3c:b5:46:4d:70:6a:09:50:19:21:bc:4a:22:10:e6:08:
0c:00:6a:07:30:7a:f0:a2:7e:c4:24:d1:17:fc:56:b0:93:b4:
fb:f6:07:da:c0:58:7a:88:bf:82:cd:87:6c:83:56:3c:95:df:
fa:70:1f:d4:12:cb:59:58:8c:f8:90:e5:cd:e5:eb:e5:f3:01:
66:59:a5:90:b3:c3:81:dd:02:c6:58:f3:b2:a6:fa:fa:4a:ed:
e9:f2:97:ca:6b:21:ab:88:0a:11:a1:4e:c2:20:51:a2:b9:64:
67:0d:07:df:d1:f0:e5:30:c3:56:55:7d:a6:dc:6e:f6:81:54:
a5:f3:ba:27:05:ab:65:08:da:fd:e3:b4:5b:87:c7:63:56:14:
22:99:da:58:17:cb:67:f1:36:9f:a3:fc:10:d5:06:77:5f:eb:
cf:5c:ce:cd:f1:18:bb:3b:a8:e0:37:07:e7:b0:b3:80:0e:17:
a8:b7:4b:a7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY0yvbwtbEkJ+B+tonEZasdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMTIyMTk1NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTIwNWQ3MWFmMjE4ODM0ODVjMDAxNGQ0ZWNjMDE2NTE4YjFmOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW6oxBRpbcyCkyCQPWv7VsDCyhQp
nAxMZRo7ZYkKVhVyHDPKhrAnoHnEOrydRHJnnLjlTEAztHJfFLb2IUf0i3DNmj9D
x2n7R+lBlfPkiSEb5GCYyxTuyRM1sPqLKu1FCKwV1LXoJe5/dDZRhdylM+yXRwRs
FbXDDHstQAe8ihvcuKid+3pBsmP3I9gTCEq3jQvakcQ3u+hk6DIkz5zOmL8ZAAtX
/PD1cNk65py091ozCyKM6O5KMdcg7UJhTf9HIxD4pncSBHJueLxkDvkM0mVv4T3H
ZY8UgrDtkm4M3xiVS1pRiuknmIa/ZZ4Vi8YWEtEYEj9Fl32nWchKNfwq+QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJogXXGvIYg0hcABTU7MAWUYsfljMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL21pQmRjYThoaURTRndBRk5Uc3dCWlJpeC1XTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAE5t
4QMEAk5t4DANBgkqhkiG9w0BAQsFAAOCAQEAAhEJYb0hPMpp4PPB+bPC2mC+YOb1
+yNf6GJYqs4bwQfy/UNXpsVhKOQU0+KWnvQFp1z67bFW3H6x/euXusWQZks+Ifw7
Q2NyWqQ8tUZNcGoJUBkhvEoiEOYIDABqBzB68KJ+xCTRF/xWsJO0+/YH2sBYeoi/
gs2HbINWPJXf+nAf1BLLWViM+JDlzeXr5fMBZlmlkLPDgd0Cxljzsqb6+krt6fKX
ymshq4gKEaFOwiBRorlkZw0H39Hw5TDDVlV9ptxu9oFUpfO6JwWrZQja/eO0W4fH
Y1YUIpnaWBfLZ/E2n6P8ENUGd1/rz1zOzfEYuzuo4DcH57CzgA4XqLdLpw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:19 2025 by rpki-client