Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/lJjtyR4B-wVoWd98t0qXEzFZj4o.roa
File: lJjtyR4B-wVoWd98t0qXEzFZj4o.roa (raw, json)
Hash identifier: jQgmCrb2coGVJ+9Av5PqiJA//51HJp7pY5+82YRHfMI=
Subject key identifier: 94:98:ED:C9:1E:01:FB:05:68:59:DF:7C:B7:4A:97:13:31:59:8F:8A
Certificate issuer: /CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Certificate serial: 018CC794A76949EB33505A50A3CE655FC18C
Authority key identifier: C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/lJjtyR4B-wVoWd98t0qXEzFZj4o.roa
Signing time: Tue 02 Jan 2024 00:30:57 +0000
ROA not before: Tue 02 Jan 2024 00:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206610
IP address blocks: 185.104.168.0/22 maxlen: 24
185.173.180.0/22 maxlen: 24
78.111.128.0/20 maxlen: 24
2a0b:b880::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Feb 2024 15:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a7:69:49:eb:33:50:5a:50:a3:ce:65:5f:c1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Validity
Not Before: Jan 2 00:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9498edc91e01fb056859df7cb74a971331598f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:12:62:88:a5:05:b1:88:7b:18:89:59:c4:
62:15:9e:54:13:26:e2:f1:31:70:9d:5b:5e:72:d1:
33:a4:50:02:0b:88:4f:05:c7:01:3f:6c:64:f0:86:
e5:f6:69:2c:38:a3:75:e8:cb:f4:02:e7:c2:2e:55:
30:e0:06:a1:96:37:03:8e:68:b2:8a:e1:ba:05:3d:
e6:80:85:8f:bb:20:e5:bc:2d:b8:56:25:6e:54:cb:
cc:b6:e4:ae:20:89:f3:23:d6:cb:02:42:59:2e:f3:
0b:7b:7f:1c:5d:96:54:2a:56:3b:69:cd:a2:43:f4:
27:a6:29:2c:63:a1:b6:28:d5:af:fd:e5:30:d8:4f:
e7:d8:f8:05:bb:e7:e7:1f:eb:48:a5:4c:a3:0e:7b:
8b:c9:8d:12:21:d6:e1:89:5f:af:e1:36:b0:ba:5e:
e5:9c:bc:e1:d7:ef:70:5c:e0:60:2a:1d:7a:77:f6:
7f:7d:15:b7:9a:ce:b2:f3:f5:f1:81:ab:22:cf:35:
b9:01:5b:fe:af:c3:90:99:fb:25:34:4a:b2:23:c1:
95:bc:b8:71:bd:db:df:7a:49:64:76:9d:f2:f9:97:
02:2d:27:28:88:d7:44:14:7c:49:6e:3d:93:ee:b2:
23:46:26:06:66:34:72:72:4f:98:07:20:08:eb:55:
74:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:98:ED:C9:1E:01:FB:05:68:59:DF:7C:B7:4A:97:13:31:59:8F:8A
X509v3 Authority Key Identifier:
keyid:C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/lJjtyR4B-wVoWd98t0qXEzFZj4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.128.0/20
185.104.168.0/22
185.173.180.0/22
IPv6:
2a0b:b880::/29
Signature Algorithm: sha256WithRSAEncryption
85:ca:34:4f:88:b6:89:12:f9:f7:bf:81:49:ef:6e:6b:c6:8c:
60:c1:fd:d1:92:f6:20:c1:91:80:66:87:c3:93:74:b5:4a:a3:
0e:c4:3e:7e:11:da:9b:8b:17:09:b7:a2:89:2a:a5:da:f7:ea:
b3:5c:d7:76:28:94:a8:4d:d8:6d:4c:75:76:11:52:b9:72:68:
cd:47:c7:80:77:dc:fd:39:5f:d9:0b:b5:04:e0:b4:3a:aa:80:
34:c2:16:51:5e:bc:02:4b:f6:55:0b:07:d8:98:62:f0:5a:40:
69:1f:9c:31:2c:19:75:d6:31:b6:de:83:43:26:f4:f3:19:e1:
ee:58:1c:c5:15:2c:48:65:f6:04:24:98:1f:e4:cb:25:6a:aa:
47:3f:5e:8d:5d:15:df:82:3b:8f:5e:a1:26:0c:33:39:98:d7:
42:94:df:a6:17:6b:36:7a:a6:1f:a3:b3:37:4b:d7:cd:01:7e:
9e:1d:fb:31:f6:9a:50:87:b7:05:f7:a7:2b:a4:6e:7e:c5:1f:
7d:43:08:3f:f0:2c:0a:26:71:cb:b4:4c:5b:1e:e4:e4:63:d1:
1d:37:de:5a:0b:39:e4:d9:11:79:4d:72:b2:c7:72:80:a6:05:
ba:65:14:ee:2f:6b:5b:c9:a9:8c:fd:f5:dd:bb:ff:fc:e6:c9:
8c:81:17:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlKdpSeszUFpQo85lX8GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NTNmNWUyMzA0MjBiYzRhNzBkMGE2MWRlM2I0N2RjZGEx
YThkMGUwHhcNMjQwMTAyMDAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk4ZWRjOTFlMDFmYjA1Njg1OWRmN2NiNzRhOTcxMzMxNTk4ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2ESYoilBbGIexiJWcRiFZ5UEybi
8TFwnVtectEzpFACC4hPBccBP2xk8Ibl9mksOKN16Mv0AufCLlUw4AahljcDjmiy
iuG6BT3mgIWPuyDlvC24ViVuVMvMtuSuIInzI9bLAkJZLvMLe38cXZZUKlY7ac2i
Q/QnpiksY6G2KNWv/eUw2E/n2PgFu+fnH+tIpUyjDnuLyY0SIdbhiV+v4Tawul7l
nLzh1+9wXOBgKh16d/Z/fRW3ms6y8/XxgasizzW5AVv+r8OQmfslNEqyI8GVvLhx
vdvfeklkdp3y+ZcCLScoiNdEFHxJbj2T7rIjRiYGZjRyck+YByAI61V0CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJSY7ckeAfsFaFnffLdKlxMxWY+KMB8GA1UdIwQY
MBaAFMRT9eIwQgvEpw0KYd47R9zaGo0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1Njkt
ZTZjZjE3Y2RkYTRmLzEvbEpqdHlSNEItd1ZvV2Q5OHQwcVhFekZaajRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1NjktZTZjZjE3Y2RkYTRm
LzEveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETm+AAwQC
uWioAwQCua20MA0EAgACMAcDBQMqC7iAMA0GCSqGSIb3DQEBCwUAA4IBAQCFyjRP
iLaJEvn3v4FJ725rxoxgwf3RkvYgwZGAZofDk3S1SqMOxD5+EdqbixcJt6KJKqXa
9+qzXNd2KJSoTdhtTHV2EVK5cmjNR8eAd9z9OV/ZC7UE4LQ6qoA0whZRXrwCS/ZV
CwfYmGLwWkBpH5wxLBl11jG23oNDJvTzGeHuWBzFFSxIZfYEJJgf5MslaqpHP16N
XRXfgjuPXqEmDDM5mNdClN+mF2s2eqYfo7M3S9fNAX6eHfsx9ppQh7cF96crpG5+
xR99Qwg/8CwKJnHLtExbHuTkY9EdN95aCznk2RF5TXKyx3KApgW6ZRTuL2tbyamM
/fXdu//85smMgReg
-----END CERTIFICATE-----
Generated at Wed Feb 28 19:48:56 2024 by rpki-client on console.sobornost.net