Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/st57HqdK-0bll-_MPykDiyC_4Wo.roa
File: st57HqdK-0bll-_MPykDiyC_4Wo.roa (raw, json)
Hash identifier: w+hrXhwV6BUMaCAC8VkKpxZgBa3jsApqvzuF1yA1RuE=
Subject key identifier: B2:DE:7B:1E:A7:4A:FB:46:E5:97:EF:CC:3F:29:03:8B:20:BF:E1:6A
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018CE2B3DFC628F486577388BC8D4A6EE324
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/st57HqdK-0bll-_MPykDiyC_4Wo.roa
Signing time: Sun 07 Jan 2024 06:54:48 +0000
ROA not before: Sun 07 Jan 2024 06:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.225.0/24 maxlen: 24
78.109.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 19:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e2:b3:df:c6:28:f4:86:57:73:88:bc:8d:4a:6e:e3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 7 06:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2de7b1ea74afb46e597efcc3f29038b20bfe16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:8b:2e:ba:7b:c1:4a:02:27:b4:d6:c4:55:
c9:d7:ff:14:84:a5:8c:37:6d:a5:f8:19:ab:7d:27:
d2:af:73:39:a0:3f:8c:53:b5:01:d7:48:6a:8b:c4:
cf:e5:8d:77:f0:14:94:66:e4:b1:9b:0e:b7:c6:c8:
09:5d:54:67:8f:a1:03:53:d3:15:03:7e:d5:cb:b0:
b8:9a:46:bf:ce:6a:3c:03:0e:a7:c8:4f:f2:36:55:
c0:1c:cc:75:ff:ac:2b:1b:99:41:1c:06:09:b2:24:
26:0e:30:29:11:f0:0f:fb:5c:89:33:42:ff:23:a3:
05:e2:96:57:f5:2d:46:c1:38:b7:4d:16:f4:b8:12:
49:17:d7:4d:9b:a5:1e:7c:e5:31:d8:d3:d3:d9:ac:
8e:fc:75:4b:3e:da:1f:56:0c:19:5f:13:53:90:3b:
21:76:ca:15:e7:54:77:47:57:e9:21:80:83:44:7a:
10:c2:eb:42:ba:c7:bd:6a:f9:b1:f9:ba:03:2e:6c:
d8:2b:16:15:5d:13:6c:77:db:a7:b0:68:b7:4a:dd:
11:e0:20:80:48:3a:ad:28:e2:c7:9c:58:f4:6f:56:
6d:7d:7f:32:7f:88:1a:dc:89:4a:f7:8b:6d:ae:00:
8a:06:ca:6e:27:74:84:6d:d3:a2:aa:cb:da:90:46:
db:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DE:7B:1E:A7:4A:FB:46:E5:97:EF:CC:3F:29:03:8B:20:BF:E1:6A
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/st57HqdK-0bll-_MPykDiyC_4Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.225.0-78.109.226.255
Signature Algorithm: sha256WithRSAEncryption
78:2c:34:d6:28:50:3b:14:50:57:cc:63:98:92:a2:d4:42:72:
0f:f1:9b:e8:b5:d7:42:b3:3c:67:e5:94:c5:30:da:a5:ba:e5:
9f:8f:73:c7:13:12:f8:29:bf:dc:40:1c:ed:a1:92:14:da:43:
66:9d:16:e2:da:60:23:55:7d:ea:74:16:ba:8b:ff:22:15:63:
a3:ff:fa:e2:c5:ce:04:ba:31:1b:b7:89:59:5a:63:00:7c:d5:
32:df:0d:a5:e7:72:cc:0c:68:d8:bc:8d:00:1e:f3:d1:fe:b3:
d7:ff:ef:e0:ba:37:e2:c7:f2:83:fb:6f:40:f5:40:fc:7b:86:
78:9c:7f:36:1b:c9:23:ad:6e:2a:f9:cf:8e:1a:84:4b:48:7c:
cd:20:e8:27:e3:6e:fe:52:3c:2a:56:3a:d5:fc:d8:86:20:ce:
4c:eb:db:f3:12:2a:3d:de:c5:2f:d0:77:62:ab:0d:c7:93:11:
68:8c:5f:b4:bb:a8:65:b0:79:6e:41:17:5e:a6:57:c3:6a:68:
d5:4b:e3:ad:71:7f:7b:93:7b:50:f0:db:78:82:45:c1:1f:78:
2b:23:db:67:74:25:3e:1a:69:be:e3:67:e7:37:23:44:1f:72:
e6:50:a0:1d:0f:66:a9:7d:b9:a2:3b:b5:fa:05:d9:df:7b:db:
bd:90:3a:a6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzis9/GKPSGV3OIvI1KbuMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMTA3MDY1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRlN2IxZWE3NGFmYjQ2ZTU5N2VmY2MzZjI5MDM4YjIwYmZlMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOWLLrp7wUoCJ7TWxFXJ1/8UhKWM
N22l+BmrfSfSr3M5oD+MU7UB10hqi8TP5Y138BSUZuSxmw63xsgJXVRnj6EDU9MV
A37Vy7C4mka/zmo8Aw6nyE/yNlXAHMx1/6wrG5lBHAYJsiQmDjApEfAP+1yJM0L/
I6MF4pZX9S1GwTi3TRb0uBJJF9dNm6UefOUx2NPT2ayO/HVLPtofVgwZXxNTkDsh
dsoV51R3R1fpIYCDRHoQwutCuse9avmx+boDLmzYKxYVXRNsd9unsGi3St0R4CCA
SDqtKOLHnFj0b1ZtfX8yf4ga3IlK94ttrgCKBspuJ3SEbdOiqsvakEbbGQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLLeex6nSvtG5ZfvzD8pA4sgv+FqMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL3N0NTdIcWRLLTBibGwtX01QeWtEaXlDXzRXby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAE5t
4QMEAE5t4jANBgkqhkiG9w0BAQsFAAOCAQEAeCw01ihQOxRQV8xjmJKi1EJyD/Gb
6LXXQrM8Z+WUxTDapbrln49zxxMS+Cm/3EAc7aGSFNpDZp0W4tpgI1V96nQWuov/
IhVjo//64sXOBLoxG7eJWVpjAHzVMt8NpedyzAxo2LyNAB7z0f6z1//v4Lo34sfy
g/tvQPVA/HuGeJx/NhvJI61uKvnPjhqES0h8zSDoJ+Nu/lI8KlY61fzYhiDOTOvb
8xIqPd7FL9B3YqsNx5MRaIxftLuoZbB5bkEXXqZXw2po1UvjrXF/e5N7UPDbeIJF
wR94KyPbZ3QlPhppvuNn5zcjRB9y5lCgHQ9mqX25oju1+gXZ33vbvZA6pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:29 2024 by rpki-client on console-ams.rpki-client.org