Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3c24be-266e-4522-97d6-7d9e62afc444/1/LiMIlJvOaoFR_q12j_N870vC_uI.roa
File: LiMIlJvOaoFR_q12j_N870vC_uI.roa (raw, json)
Hash identifier: 7KtZsL1R9o2dHR5ml/bgc1RX4+65V9XYkK/keInqSzA=
Subject key identifier: 2E:23:08:94:9B:CE:6A:81:51:FE:AD:76:8F:F3:7C:EF:4B:C2:FE:E2
Certificate issuer: /CN=a4133524f24a4a8a21d46c06c1025f40f34ad27a
Certificate serial: 018571F11C5658B092EA04DBE9FC64F6E1B1
Authority key identifier: A4:13:35:24:F2:4A:4A:8A:21:D4:6C:06:C1:02:5F:40:F3:4A:D2:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pBM1JPJKSooh1GwGwQJfQPNK0no.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3c24be-266e-4522-97d6-7d9e62afc444/1/LiMIlJvOaoFR_q12j_N870vC_uI.roa
Signing time: Mon 02 Jan 2023 10:05:04 +0000
ROA not before: Mon 02 Jan 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13030
IP address blocks: 185.78.120.0/24 maxlen: 24
185.78.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:1c:56:58:b0:92:ea:04:db:e9:fc:64:f6:e1:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4133524f24a4a8a21d46c06c1025f40f34ad27a
Validity
Not Before: Jan 2 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e2308949bce6a8151fead768ff37cef4bc2fee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6f:dd:ce:82:3c:e8:43:21:33:d3:87:5a:03:
0f:eb:09:6e:62:ce:cf:66:af:bc:e9:08:30:6a:4f:
cc:75:57:e4:76:3c:10:cd:e2:0b:5f:14:1f:d3:24:
ab:3f:af:0b:98:83:cd:4c:d7:b3:a9:49:8c:63:cd:
40:d5:44:c8:ff:84:24:82:c7:bb:bc:47:1d:65:ae:
8e:a6:6a:7a:1d:34:70:a5:aa:06:d1:78:74:c6:65:
c6:83:10:b4:1c:7b:48:d4:46:fb:0a:29:2c:e1:b1:
a6:1a:74:2f:6b:bf:03:44:14:c2:1b:53:1f:9d:08:
22:d6:ca:d4:d2:67:4c:4a:94:c6:86:c7:91:26:9d:
99:bf:b2:17:1f:af:84:63:c8:de:45:75:01:a0:cd:
89:d2:07:72:8e:cb:7b:99:24:a9:aa:3f:49:f3:04:
4c:34:35:68:ae:1b:db:28:20:d6:cf:a0:95:fc:e6:
aa:87:b7:3a:d3:19:a3:c0:eb:5b:bd:8c:1d:97:7a:
c4:7f:ef:61:c6:06:cc:c8:84:78:17:2f:2d:6d:4a:
6b:7c:1a:15:29:f5:b2:a5:43:ea:0d:b5:56:1f:d6:
24:c1:e1:9f:fb:8b:9c:b9:4a:ee:ee:c4:e8:84:0c:
39:42:7f:7e:dd:0b:e0:cf:f9:3e:e3:89:f1:82:0a:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:23:08:94:9B:CE:6A:81:51:FE:AD:76:8F:F3:7C:EF:4B:C2:FE:E2
X509v3 Authority Key Identifier:
keyid:A4:13:35:24:F2:4A:4A:8A:21:D4:6C:06:C1:02:5F:40:F3:4A:D2:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pBM1JPJKSooh1GwGwQJfQPNK0no.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3c24be-266e-4522-97d6-7d9e62afc444/1/LiMIlJvOaoFR_q12j_N870vC_uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3c24be-266e-4522-97d6-7d9e62afc444/1/pBM1JPJKSooh1GwGwQJfQPNK0no.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.120.0/24
185.78.122.0/24
Signature Algorithm: sha256WithRSAEncryption
24:e3:35:a3:cf:20:da:24:a1:5d:2d:62:82:22:1b:c0:b7:29:
d5:49:03:47:34:95:ec:7b:49:82:1e:f7:71:71:47:5d:72:26:
48:cc:90:94:00:51:ae:90:97:d6:17:81:95:26:60:6f:63:4f:
5e:04:a0:2d:81:6b:f3:5e:95:d7:9e:41:ec:02:5f:c2:da:7c:
29:f4:a0:43:f4:36:ff:0a:ad:44:73:a7:3c:f2:16:8d:68:b2:
82:97:70:db:45:a3:99:e9:03:87:c5:1f:b5:57:67:47:58:d7:
b4:4a:40:84:f8:58:5e:cc:1e:d2:9f:fd:3e:af:74:30:26:ac:
fd:a9:51:08:8a:e1:a5:22:e3:93:95:d0:6b:5f:04:a4:4a:e9:
28:5a:6d:a8:90:6e:47:1e:2a:f5:f6:a3:ab:79:0f:df:ca:6f:
30:4b:55:32:7e:f4:02:59:a2:d1:85:bb:cd:1e:ee:18:b5:41:
51:30:41:54:e0:9d:b5:ea:30:9d:31:57:ff:dd:0e:d8:a5:df:
7d:86:bf:b6:e7:52:d0:ec:13:16:f4:96:89:43:65:e8:b3:9e:
09:30:c0:fa:9f:e1:57:98:d2:65:cb:10:d1:06:5b:0b:74:a9:
5d:6d:40:44:22:7a:16:ed:c1:9b:46:5c:bb:50:7f:a8:26:ae:
d5:5e:cf:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx8RxWWLCS6gTb6fxk9uGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MTMzNTI0ZjI0YTRhOGEyMWQ0NmMwNmMxMDI1ZjQwZjM0
YWQyN2EwHhcNMjMwMTAyMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTIzMDg5NDliY2U2YTgxNTFmZWFkNzY4ZmYzN2NlZjRiYzJmZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm/dzoI86EMhM9OHWgMP6wluYs7P
Zq+86Qgwak/MdVfkdjwQzeILXxQf0ySrP68LmIPNTNezqUmMY81A1UTI/4Qkgse7
vEcdZa6Opmp6HTRwpaoG0Xh0xmXGgxC0HHtI1Eb7Ciks4bGmGnQva78DRBTCG1Mf
nQgi1srU0mdMSpTGhseRJp2Zv7IXH6+EY8jeRXUBoM2J0gdyjst7mSSpqj9J8wRM
NDVorhvbKCDWz6CV/Oaqh7c60xmjwOtbvYwdl3rEf+9hxgbMyIR4Fy8tbUprfBoV
KfWypUPqDbVWH9YkweGf+4ucuUru7sTohAw5Qn9+3Qvgz/k+44nxggqi5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC4jCJSbzmqBUf6tdo/zfO9Lwv7iMB8GA1UdIwQY
MBaAFKQTNSTySkqKIdRsBsECX0DzStJ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEJNMUpQSktTb29oMUd3R3dRSmZRUE5LMG5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zYzI0YmUtMjY2ZS00NTIyLTk3ZDYt
N2Q5ZTYyYWZjNDQ0LzEvTGlNSWxKdk9hb0ZSX3ExMmpfTjg3MHZDX3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zYzI0YmUtMjY2ZS00NTIyLTk3ZDYtN2Q5ZTYyYWZjNDQ0
LzEvcEJNMUpQSktTb29oMUd3R3dRSmZRUE5LMG5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuU54AwQA
uU56MA0GCSqGSIb3DQEBCwUAA4IBAQAk4zWjzyDaJKFdLWKCIhvAtynVSQNHNJXs
e0mCHvdxcUddciZIzJCUAFGukJfWF4GVJmBvY09eBKAtgWvzXpXXnkHsAl/C2nwp
9KBD9Db/Cq1Ec6c88haNaLKCl3DbRaOZ6QOHxR+1V2dHWNe0SkCE+FhezB7Sn/0+
r3QwJqz9qVEIiuGlIuOTldBrXwSkSukoWm2okG5HHir19qOreQ/fym8wS1UyfvQC
WaLRhbvNHu4YtUFRMEFU4J216jCdMVf/3Q7Ypd99hr+251LQ7BMW9JaJQ2Xos54J
MMD6n+FXmNJlyxDRBlsLdKldbUBEInoW7cGbRly7UH+oJq7VXs9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org