Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/KtM1vTLzndpXIvas_ldrkYpMa2g.roa
File: KtM1vTLzndpXIvas_ldrkYpMa2g.roa (raw, json)
Hash identifier: aKId2U08lFZpfjlJHM3o3JM70ai3+SJDZHHiNaQuk1s=
Subject key identifier: 2A:D3:35:BD:32:F3:9D:DA:57:22:F6:AC:FE:57:6B:91:8A:4C:6B:68
Certificate issuer: /CN=0b1936281b86707a05d55a01f88b2e653d7b3ee9
Certificate serial: 018D31D186CF81FD07B9AF5CEC09115F9368
Authority key identifier: 0B:19:36:28:1B:86:70:7A:05:D5:5A:01:F8:8B:2E:65:3D:7B:3E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cxk2KBuGcHoF1VoB-IsuZT17Puk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/KtM1vTLzndpXIvas_ldrkYpMa2g.roa
Signing time: Mon 22 Jan 2024 15:37:11 +0000
ROA not before: Mon 22 Jan 2024 15:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16057
IP address blocks: 212.78.32.0/24 maxlen: 24
212.78.33.0/24 maxlen: 24
212.78.34.0/24 maxlen: 24
212.78.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:d1:86:cf:81:fd:07:b9:af:5c:ec:09:11:5f:93:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1936281b86707a05d55a01f88b2e653d7b3ee9
Validity
Not Before: Jan 22 15:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad335bd32f39dda5722f6acfe576b918a4c6b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1f:fc:e3:34:1b:bc:ff:c1:b4:2c:b5:bd:3e:
4e:1f:7d:5e:af:20:dc:e7:71:b6:92:00:0f:7f:1f:
36:36:39:c6:5e:7f:f6:c3:76:30:96:92:fa:05:8b:
a5:39:cd:6d:49:12:ae:06:0e:23:11:b7:f9:7d:e1:
a6:fe:48:04:12:12:8b:49:b8:e2:d9:86:3c:4f:e2:
df:fd:00:7b:aa:09:f3:45:d9:1e:41:c6:0b:77:19:
83:54:d3:ff:4a:72:3f:eb:29:53:bf:f4:b0:d9:12:
81:6b:bf:d8:24:43:51:9c:30:39:4a:cd:d0:bf:09:
05:8c:a7:a9:0e:0d:c7:2b:87:b7:e6:f6:04:7d:d6:
92:4d:f5:b6:f3:e2:bf:90:cc:5e:b0:94:af:06:e8:
e6:f3:68:9f:45:65:db:2c:a7:a1:1c:df:d8:c6:26:
b3:ae:7f:4e:96:41:d3:03:a7:82:68:87:a9:27:99:
92:54:9c:04:fb:d0:cf:11:37:af:12:cc:02:f5:40:
c3:3f:f5:b7:90:48:b6:8c:51:29:66:0b:c1:89:4f:
98:8c:12:a2:84:19:43:04:a2:13:97:b4:97:38:e7:
b2:89:69:92:bd:c2:87:7f:23:c9:32:d1:53:1c:f8:
75:e2:50:9f:7d:4d:ae:b5:65:f1:59:1b:99:7f:a4:
6c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:35:BD:32:F3:9D:DA:57:22:F6:AC:FE:57:6B:91:8A:4C:6B:68
X509v3 Authority Key Identifier:
keyid:0B:19:36:28:1B:86:70:7A:05:D5:5A:01:F8:8B:2E:65:3D:7B:3E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cxk2KBuGcHoF1VoB-IsuZT17Puk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/KtM1vTLzndpXIvas_ldrkYpMa2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/Cxk2KBuGcHoF1VoB-IsuZT17Puk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.78.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:ed:bd:6c:38:a8:72:30:c1:09:f8:c5:9c:36:11:4a:ba:04:
c5:38:db:de:9a:cb:fa:75:49:27:ea:5c:4f:33:dc:a6:4c:10:
29:c5:46:8a:b2:5f:7b:f7:04:ee:30:4c:3a:2e:9a:cc:49:84:
e2:69:80:9b:b3:1a:5d:25:3b:77:da:c2:10:70:ae:33:12:94:
7e:24:65:5a:17:9c:31:7b:e0:a8:55:cd:00:10:89:a3:eb:62:
97:60:9d:18:e7:12:28:63:f2:87:7d:fd:28:03:b3:f8:11:2b:
da:c6:ff:f9:80:66:de:2e:03:7e:5e:70:c7:1d:ab:dd:80:09:
8b:66:e4:b7:d0:3e:c9:ba:87:d9:97:e9:94:47:78:d1:a6:19:
4a:f2:48:8d:59:08:c2:5d:ef:8c:a4:32:b8:c5:d9:a3:2b:68:
78:3a:f0:52:56:d6:d8:da:76:0d:c3:0e:fc:45:02:a4:89:5e:
c5:42:30:16:7a:a8:0b:82:c5:aa:37:07:88:31:f0:28:94:63:
fd:5c:1c:60:d1:24:76:f6:2c:86:24:e6:f9:ef:f3:31:d5:c1:
db:36:5b:f9:d6:e0:cd:16:30:55:f3:15:21:06:eb:f1:f2:d9:
ef:08:6d:e8:5c:98:be:7b:02:68:8d:f2:17:07:36:e4:0f:0e:
0e:18:10:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0x0YbPgf0Hua9c7AkRX5NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTkzNjI4MWI4NjcwN2EwNWQ1NWEwMWY4OGIyZTY1M2Q3
YjNlZTkwHhcNMjQwMTIyMTUzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzMzViZDMyZjM5ZGRhNTcyMmY2YWNmZTU3NmI5MThhNGM2YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx/84zQbvP/BtCy1vT5OH31eryDc
53G2kgAPfx82NjnGXn/2w3YwlpL6BYulOc1tSRKuBg4jEbf5feGm/kgEEhKLSbji
2YY8T+Lf/QB7qgnzRdkeQcYLdxmDVNP/SnI/6ylTv/Sw2RKBa7/YJENRnDA5Ss3Q
vwkFjKepDg3HK4e35vYEfdaSTfW28+K/kMxesJSvBujm82ifRWXbLKehHN/Yxiaz
rn9OlkHTA6eCaIepJ5mSVJwE+9DPETevEswC9UDDP/W3kEi2jFEpZgvBiU+YjBKi
hBlDBKITl7SXOOeyiWmSvcKHfyPJMtFTHPh14lCffU2utWXxWRuZf6RsswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrTNb0y853aVyL2rP5Xa5GKTGtoMB8GA1UdIwQY
MBaAFAsZNigbhnB6BdVaAfiLLmU9ez7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hrMktCdUdjSG9GMVZvQi1Jc3VaVDE3UHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84NWVlMDItNmY0My00OTI3LWFiNWQt
ZWQ1N2IyNGI0NDY1LzEvS3RNMXZUTHpuZHBYSXZhc19sZHJrWXBNYTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84NWVlMDItNmY0My00OTI3LWFiNWQtZWQ1N2IyNGI0NDY1
LzEvQ3hrMktCdUdjSG9GMVZvQi1Jc3VaVDE3UHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1E4gMA0G
CSqGSIb3DQEBCwUAA4IBAQCW7b1sOKhyMMEJ+MWcNhFKugTFONvemsv6dUkn6lxP
M9ymTBApxUaKsl979wTuMEw6LprMSYTiaYCbsxpdJTt32sIQcK4zEpR+JGVaF5wx
e+CoVc0AEImj62KXYJ0Y5xIoY/KHff0oA7P4ESvaxv/5gGbeLgN+XnDHHavdgAmL
ZuS30D7JuofZl+mUR3jRphlK8kiNWQjCXe+MpDK4xdmjK2h4OvBSVtbY2nYNww78
RQKkiV7FQjAWeqgLgsWqNweIMfAolGP9XBxg0SR29iyGJOb57/Mx1cHbNlv51uDN
FjBV8xUhBuvx8tnvCG3oXJi+ewJojfIXBzbkDw4OGBC4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:37 2025 by rpki-client