Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AZJhE_Db8p96XZVQ9e4fBWYUEpc.roa
File: AZJhE_Db8p96XZVQ9e4fBWYUEpc.roa (raw, json)
Hash identifier: fjpxbvrOHwsb0bxHHtErLxDkHQKz2uXHWThvxo7NYz0=
Subject key identifier: 01:92:61:13:F0:DB:F2:9F:7A:5D:95:50:F5:EE:1F:05:66:14:12:97
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF362B5D601D352EAA52AFCAE411C
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AZJhE_Db8p96XZVQ9e4fBWYUEpc.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49040
IP address blocks: 109.160.56.0/24 maxlen: 24
109.160.59.0/24 maxlen: 24
78.108.246.0/24 maxlen: 24
78.108.245.0/24 maxlen: 24
78.108.244.0/24 maxlen: 24
83.222.160.0/24 maxlen: 24
83.222.172.0/24 maxlen: 24
83.222.170.0/24 maxlen: 24
83.222.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 16:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f3:62:b5:d6:01:d3:52:ea:a5:2a:fc:ae:41:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01926113f0dbf29f7a5d9550f5ee1f0566141297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5d:25:cf:c5:68:fe:6c:86:54:0f:64:27:05:
2e:5d:82:49:31:17:09:9b:06:87:cb:92:35:b8:0e:
25:8b:d2:e7:34:b8:4e:16:c3:61:2c:02:b6:8d:79:
2c:00:d9:e7:b6:1a:7e:2d:6c:c8:1c:aa:25:12:4b:
12:bb:68:78:69:f3:df:25:17:76:33:60:33:e5:68:
71:f7:fd:05:3d:28:5e:45:ff:db:6b:26:1f:71:32:
7e:4e:cd:8a:54:e9:e6:59:32:b0:77:88:8e:ab:81:
40:8c:ca:f7:ce:d7:96:5d:8c:d0:7a:63:7a:f0:7a:
b6:7e:82:7f:38:1a:01:a9:62:5f:38:38:8a:8d:6f:
d9:a9:90:bd:e7:db:76:8b:3c:51:54:d3:17:65:7d:
18:47:3d:10:ce:3c:f5:0d:e4:4b:d0:f4:a9:cf:95:
f2:f8:a0:b8:3c:6a:4a:a3:b6:6f:b4:f1:3a:de:32:
a4:a8:10:6f:88:19:5a:25:5a:a4:e2:ca:31:40:4f:
6b:24:14:cc:14:83:52:01:3a:a9:9f:1e:50:9b:50:
90:50:62:3f:f6:82:09:18:34:f4:a0:df:bd:e1:86:
4b:ec:66:eb:f1:7f:7a:3c:d5:f2:1e:95:ea:85:03:
c2:2e:04:5d:fc:0d:c5:02:fe:1a:45:07:ea:33:03:
bf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:92:61:13:F0:DB:F2:9F:7A:5D:95:50:F5:EE:1F:05:66:14:12:97
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AZJhE_Db8p96XZVQ9e4fBWYUEpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.244.0-78.108.246.255
83.222.160.0/24
83.222.167.0/24
83.222.170.0/24
83.222.172.0/24
109.160.56.0/24
109.160.59.0/24
Signature Algorithm: sha256WithRSAEncryption
75:90:44:e1:00:8b:56:b1:d7:d7:7a:e2:49:cd:9e:3f:31:c1:
43:e5:cd:bf:74:91:d7:c2:ea:57:29:0d:eb:b6:42:34:7f:12:
4b:54:75:7a:c1:2a:20:65:38:22:cd:64:e4:71:87:18:a1:34:
fa:ac:a1:d8:87:42:6c:17:2b:59:5a:2d:d2:28:41:82:88:5f:
2c:01:47:11:31:f3:09:1c:6f:75:06:40:18:fa:56:f4:9b:ba:
e4:dd:1a:15:a6:73:33:b1:b1:5f:39:52:73:c8:17:ee:26:94:
40:86:2e:d2:9c:34:ae:f6:bb:40:dc:31:e6:88:7f:47:3e:83:
b8:3a:27:89:02:73:56:9d:b5:73:16:a0:b5:1c:43:ac:e1:88:
a5:7d:d4:a6:bf:9a:46:78:36:a1:97:76:48:ff:fc:2c:98:61:
36:4a:0f:d4:ee:86:46:f8:fc:38:2f:a0:02:82:5d:25:65:26:
f5:14:09:1e:96:16:c2:4b:b4:0c:b2:98:44:29:5f:57:6f:98:
1a:34:8e:00:34:c9:e7:6f:88:12:f0:b1:e8:6a:56:02:df:2d:
e6:72:41:70:3e:47:81:fe:3d:51:b8:b9:1b:d9:fb:48:62:6b:
5f:43:38:09:f5:93:19:b7:40:e6:bc:e4:74:4a:82:3e:6c:a8:
a8:67:8e:cf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFbvNitdYB01LqpSr8rkEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTkyNjExM2YwZGJmMjlmN2E1ZDk1NTBmNWVlMWYwNTY2MTQxMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl0lz8Vo/myGVA9kJwUuXYJJMRcJ
mwaHy5I1uA4li9LnNLhOFsNhLAK2jXksANnnthp+LWzIHKolEksSu2h4afPfJRd2
M2Az5Whx9/0FPSheRf/bayYfcTJ+Ts2KVOnmWTKwd4iOq4FAjMr3zteWXYzQemN6
8Hq2foJ/OBoBqWJfODiKjW/ZqZC959t2izxRVNMXZX0YRz0Qzjz1DeRL0PSpz5Xy
+KC4PGpKo7ZvtPE63jKkqBBviBlaJVqk4soxQE9rJBTMFINSATqpnx5Qm1CQUGI/
9oIJGDT0oN+94YZL7Gbr8X96PNXyHpXqhQPCLgRd/A3FAv4aRQfqMwO/PwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAGSYRPw2/Kfel2VUPXuHwVmFBKXMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvQVpKaEVfRGI4cDk2WFpWUTllNGZCV1lVRXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAJObPQD
BABObPYDBABT3qADBABT3qcDBABT3qoDBABT3qwDBABtoDgDBABtoDswDQYJKoZI
hvcNAQELBQADggEBAHWQROEAi1ax19d64knNnj8xwUPlzb90kdfC6lcpDeu2QjR/
EktUdXrBKiBlOCLNZORxhxihNPqsodiHQmwXK1laLdIoQYKIXywBRxEx8wkcb3UG
QBj6VvSbuuTdGhWmczOxsV85UnPIF+4mlECGLtKcNK72u0DcMeaIf0c+g7g6J4kC
c1adtXMWoLUcQ6zhiKV91Ka/mkZ4NqGXdkj//CyYYTZKD9Tuhkb4/DgvoAKCXSVl
JvUUCR6WFsJLtAyymEQpX1dvmBo0jgA0yedviBLwsehqVgLfLeZyQXA+R4H+PVG4
uRvZ+0hia19DOAn1kxm3QOa85HRKgj5sqKhnjs8=
-----END CERTIFICATE-----
Generated at Mon Feb 12 21:09:43 2024 by rpki-client on console-ams.rpki-client.org