Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/e3UlQz-pD8Ql3fhuCnvG8bI9dbM.roa
File: e3UlQz-pD8Ql3fhuCnvG8bI9dbM.roa (raw, json)
Hash identifier: nvsrsEeb1KY/s+AaPJI+5m1t9Y5tKrUWjzbv4CmVghA=
Subject key identifier: 7B:75:25:43:3F:A9:0F:C4:25:DD:F8:6E:0A:7B:C6:F1:B2:3D:75:B3
Certificate issuer: /CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Certificate serial: 0194266BDA8DDF12C5C5EBD1905B616D15BA
Authority key identifier: DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/e3UlQz-pD8Ql3fhuCnvG8bI9dbM.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50823
IP address blocks: 178.170.128.0/23 maxlen: 23
178.170.130.0/24 maxlen: 24
185.83.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 03 Jan 2025 19:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:da:8d:df:12:c5:c5:eb:d1:90:5b:61:6d:15:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b7525433fa90fc425ddf86e0a7bc6f1b23d75b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e0:dc:65:eb:b9:85:91:38:ce:06:90:7c:56:
39:38:39:59:32:8c:6b:2e:e7:c6:a6:8d:25:c3:15:
a6:24:35:f0:c9:01:57:f2:14:a3:45:03:96:14:c8:
37:5e:6d:81:07:d7:57:10:5f:48:d8:ab:e3:8b:b1:
4d:52:d1:37:6b:9d:71:83:95:5e:0c:4d:6e:d3:41:
e9:c1:4e:3f:0c:2b:b2:80:c6:cf:dd:54:b6:fe:36:
4e:3d:ce:29:21:9c:38:e6:aa:78:90:22:74:c2:6c:
b1:ad:d1:76:a6:fd:23:fa:f2:35:e3:ca:d3:49:1b:
9a:c5:22:8b:6b:2c:84:1c:71:6a:dc:af:f8:a5:3d:
9b:e5:0f:8b:e6:85:93:d2:36:5a:50:68:f0:6c:df:
78:db:60:df:67:ee:4d:45:f5:f3:a4:75:2c:15:b7:
da:a0:da:c9:77:76:3a:9c:18:d5:5b:bf:b8:c2:d7:
22:f7:58:8c:00:59:b7:ef:8b:b2:f9:f4:e7:e0:dd:
8a:fb:c5:99:17:4a:28:d9:92:75:d1:1d:18:3d:51:
0b:c6:a3:46:b4:81:d2:09:65:79:22:d7:6d:aa:92:
6d:e7:eb:d6:4b:5a:a0:06:9b:de:e7:d2:3c:31:6f:
b5:0e:57:b3:7c:f7:1b:b8:06:ee:6d:d5:8b:54:1f:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:75:25:43:3F:A9:0F:C4:25:DD:F8:6E:0A:7B:C6:F1:B2:3D:75:B3
X509v3 Authority Key Identifier:
keyid:DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/e3UlQz-pD8Ql3fhuCnvG8bI9dbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/333WWWZzfOj2XkDvL-oc_6-xYrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.128.0-178.170.130.255
185.83.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:57:33:8d:87:a1:77:7f:6e:f0:96:ae:2a:e3:72:f6:ae:fb:
db:1d:5d:40:9f:66:8b:05:4d:a3:83:3b:ec:96:bc:98:e3:1a:
7e:64:62:40:b3:d7:f9:00:55:23:f0:49:47:fc:dc:5e:e7:c8:
02:f3:4c:9a:23:63:28:f2:cb:fb:0c:b3:5f:79:d5:25:73:bd:
55:dc:07:8e:27:02:d1:c3:88:c2:d9:eb:84:ca:92:cf:32:bb:
05:94:c9:c0:bc:f4:66:3f:22:c9:6f:45:7b:fc:79:26:84:e6:
66:81:4d:9f:4b:3f:d9:43:6d:7d:75:50:24:1c:45:6d:2c:f9:
9f:67:5a:3a:bd:b8:e7:33:f8:83:d8:8e:ca:e8:70:37:23:db:
6f:6c:bb:c5:48:64:dc:a2:13:46:40:4d:42:f9:73:85:48:0d:
10:6c:c4:64:b2:5f:84:d2:27:f6:d2:a8:15:99:76:93:ae:cc:
ef:29:15:aa:45:6e:84:00:c3:0d:23:17:01:49:7c:9d:67:ec:
65:09:f0:cb:59:22:2d:e1:a2:ef:34:50:e0:ff:f7:5b:cc:35:
dd:e7:c7:0e:e7:75:cc:86:a5:c2:63:32:78:0c:9c:e0:10:07:
75:10:14:0e:50:3b:4e:aa:84:fa:39:81:41:5c:2a:48:9f:b6:
62:07:7c:4c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQma9qN3xLFxevRkFthbRW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2RkNjU5NjY3MzdjZThmNjVlNDBlZjJmZWExY2ZmYWZi
MTYyYjAwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjc1MjU0MzNmYTkwZmM0MjVkZGY4NmUwYTdiYzZmMWIyM2Q3NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArODcZeu5hZE4zgaQfFY5ODlZMoxr
LufGpo0lwxWmJDXwyQFX8hSjRQOWFMg3Xm2BB9dXEF9I2Kvji7FNUtE3a51xg5Ve
DE1u00HpwU4/DCuygMbP3VS2/jZOPc4pIZw45qp4kCJ0wmyxrdF2pv0j+vI148rT
SRuaxSKLayyEHHFq3K/4pT2b5Q+L5oWT0jZaUGjwbN9422DfZ+5NRfXzpHUsFbfa
oNrJd3Y6nBjVW7+4wtci91iMAFm374uy+fTn4N2K+8WZF0oo2ZJ10R0YPVELxqNG
tIHSCWV5ItdtqpJt5+vWS1qgBpve59I8MW+1DlezfPcbuAbubdWLVB+6swIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHt1JUM/qQ/EJd34bgp7xvGyPXWzMB8GA1UdIwQY
MBaAFN991llmc3zo9l5A7y/qHP+vsWKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMt
OGFjODk2NTcwOGJjLzEvZTNVbFF6LXBEOFFsM2ZodUNudkc4Ykk5ZGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMtOGFjODk2NTcwOGJj
LzEvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeyqoAD
BACyqoIDBAK5U0AwDQYJKoZIhvcNAQELBQADggEBAExXM42HoXd/bvCWrirjcvau
+9sdXUCfZosFTaODO+yWvJjjGn5kYkCz1/kAVSPwSUf83F7nyALzTJojYyjyy/sM
s1951SVzvVXcB44nAtHDiMLZ64TKks8yuwWUycC89GY/IslvRXv8eSaE5maBTZ9L
P9lDbX11UCQcRW0s+Z9nWjq9uOcz+IPYjsrocDcj229su8VIZNyiE0ZATUL5c4VI
DRBsxGSyX4TSJ/bSqBWZdpOuzO8pFapFboQAww0jFwFJfJ1n7GUJ8MtZIi3hou80
UOD/91vMNd3nxw7ndcyGpcJjMngMnOAQB3UQFA5QO06qhPo5gUFcKkiftmIHfEw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:53:22 2025 by rpki-client