Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/dlGpftvOuA-RHZx_JR6I0HL47yc.roa
File: dlGpftvOuA-RHZx_JR6I0HL47yc.roa (raw, json)
Hash identifier: TVR1qneJSxHgGz8l6jEOvxQjY4BPi7zKGvcEhlaY9xM=
Subject key identifier: 76:51:A9:7E:DB:CE:B8:0F:91:1D:9C:7F:25:1E:88:D0:72:F8:EF:27
Certificate issuer: /CN=4413bdf4dc7435faf51ba934d65570f71c21731a
Certificate serial: 01856BDC664C50DA55EC7A3BC30D1F68EDD7
Authority key identifier: 44:13:BD:F4:DC:74:35:FA:F5:1B:A9:34:D6:55:70:F7:1C:21:73:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBO99Nx0Nfr1G6k01lVw9xwhcxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/dlGpftvOuA-RHZx_JR6I0HL47yc.roa
Signing time: Sun 01 Jan 2023 05:44:44 +0000
ROA not before: Sun 01 Jan 2023 05:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43648
IP address blocks: 185.78.17.0/24 maxlen: 24
185.78.16.0/22 maxlen: 22
185.78.16.0/24 maxlen: 24
185.78.19.0/24 maxlen: 24
185.78.18.0/24 maxlen: 24
2a05:6680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:66:4c:50:da:55:ec:7a:3b:c3:0d:1f:68:ed:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4413bdf4dc7435faf51ba934d65570f71c21731a
Validity
Not Before: Jan 1 05:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7651a97edbceb80f911d9c7f251e88d072f8ef27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:a8:38:69:19:d9:49:35:54:f8:49:09:45:
66:d1:87:8f:1d:33:3d:82:f8:8c:29:2d:ee:77:96:
7b:07:87:84:aa:03:a9:0b:cc:1c:d2:d4:9a:1c:4d:
46:34:0f:0c:ed:b6:4a:cb:f6:11:fb:36:f1:01:e3:
2e:dd:72:ca:82:71:3b:dd:29:c3:45:81:47:98:d7:
33:d3:77:0c:19:9b:24:1c:67:69:60:a7:d4:0f:54:
4d:d3:38:ca:41:53:cf:3a:07:e3:7a:48:b7:20:e3:
ed:7f:50:f3:57:d7:8a:92:f1:d2:2d:c5:0b:0e:e7:
89:2d:bd:38:70:93:e2:de:45:4f:b2:70:e5:5b:4f:
a0:15:d0:06:57:13:4e:8b:53:f0:37:00:11:f2:92:
6c:dc:00:0d:25:fe:5a:c6:90:60:51:b7:6f:2c:34:
84:84:b8:82:b8:7e:5b:a0:0a:91:69:fa:f8:75:39:
05:2e:3f:0d:8a:4a:c6:89:f9:cd:1a:ff:09:c1:d2:
2e:82:9b:85:b1:d8:af:b1:61:8a:6a:40:2c:f9:74:
75:53:0e:8d:d2:bb:7b:3c:3a:a2:06:15:75:3a:bb:
3a:8d:4f:52:6c:94:93:ba:e6:ba:a6:0c:82:dc:3d:
d5:ab:a9:9e:44:42:78:34:91:89:1b:89:33:48:76:
91:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:A9:7E:DB:CE:B8:0F:91:1D:9C:7F:25:1E:88:D0:72:F8:EF:27
X509v3 Authority Key Identifier:
keyid:44:13:BD:F4:DC:74:35:FA:F5:1B:A9:34:D6:55:70:F7:1C:21:73:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBO99Nx0Nfr1G6k01lVw9xwhcxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/dlGpftvOuA-RHZx_JR6I0HL47yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/RBO99Nx0Nfr1G6k01lVw9xwhcxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.16.0/22
IPv6:
2a05:6680::/29
Signature Algorithm: sha256WithRSAEncryption
a2:84:0d:ea:0e:c8:c7:92:a0:00:d4:60:eb:a6:70:be:70:0a:
62:bc:5e:3c:c4:5f:21:1e:3f:45:42:06:c2:45:fe:a5:ed:40:
ce:ea:80:b5:d1:b0:d9:86:46:91:a8:6f:df:36:b9:ad:66:d9:
66:c4:27:73:08:31:15:b1:8b:ac:41:f0:ff:42:ee:f3:e7:68:
2f:e3:5b:64:cf:c1:01:bf:96:17:a7:06:cc:4d:5a:52:39:31:
a4:9f:a5:20:dd:52:0e:17:bd:fb:3c:50:03:25:37:5e:34:a2:
c7:99:15:62:bc:73:5b:8e:a4:50:5d:a7:c4:a2:5c:81:30:3e:
f1:6a:ac:29:96:56:97:89:89:10:b6:d3:aa:db:c2:79:95:52:
a9:02:01:9f:f8:2a:31:67:88:71:df:92:4b:9c:3d:e2:4d:ca:
23:b4:bb:44:9f:63:9a:79:6b:91:a7:39:cb:8f:85:58:33:34:
14:d9:02:b6:e3:ed:ad:0f:4a:01:9d:97:78:05:81:01:0c:15:
b7:51:d5:61:17:56:0e:5e:4c:9f:8e:c1:d5:64:34:aa:c2:10:
1b:df:ee:43:73:eb:1f:53:08:01:04:c6:76:3e:d1:03:fb:23:
29:0c:24:34:1b:ad:3b:19:4a:20:e9:8b:f6:94:ee:fa:0a:3d:
c0:f0:85:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr3GZMUNpV7Ho7ww0faO3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MTNiZGY0ZGM3NDM1ZmFmNTFiYTkzNGQ2NTU3MGY3MWMy
MTczMWEwHhcNMjMwMTAxMDU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUxYTk3ZWRiY2ViODBmOTExZDljN2YyNTFlODhkMDcyZjhlZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKqoOGkZ2Uk1VPhJCUVm0YePHTM9
gviMKS3ud5Z7B4eEqgOpC8wc0tSaHE1GNA8M7bZKy/YR+zbxAeMu3XLKgnE73SnD
RYFHmNcz03cMGZskHGdpYKfUD1RN0zjKQVPPOgfjeki3IOPtf1DzV9eKkvHSLcUL
DueJLb04cJPi3kVPsnDlW0+gFdAGVxNOi1PwNwAR8pJs3AANJf5axpBgUbdvLDSE
hLiCuH5boAqRafr4dTkFLj8NikrGifnNGv8JwdIugpuFsdivsWGKakAs+XR1Uw6N
0rt7PDqiBhV1Ors6jU9SbJSTuua6pgyC3D3Vq6meREJ4NJGJG4kzSHaRawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHZRqX7bzrgPkR2cfyUeiNBy+O8nMB8GA1UdIwQY
MBaAFEQTvfTcdDX69RupNNZVcPccIXMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkJPOTlOeDBOZnIxRzZrMDFsVnc5eHdoY3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80N2FhMmYtNmI2Zi00ZWY1LTliOTkt
YmM5ZWNjMmFkYjQzLzEvZGxHcGZ0dk91QS1SSFp4X0pSNkkwSEw0N3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80N2FhMmYtNmI2Zi00ZWY1LTliOTktYmM5ZWNjMmFkYjQz
LzEvUkJPOTlOeDBOZnIxRzZrMDFsVnc5eHdoY3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU4QMA0E
AgACMAcDBQMqBWaAMA0GCSqGSIb3DQEBCwUAA4IBAQCihA3qDsjHkqAA1GDrpnC+
cApivF48xF8hHj9FQgbCRf6l7UDO6oC10bDZhkaRqG/fNrmtZtlmxCdzCDEVsYus
QfD/Qu7z52gv41tkz8EBv5YXpwbMTVpSOTGkn6Ug3VIOF737PFADJTdeNKLHmRVi
vHNbjqRQXafEolyBMD7xaqwpllaXiYkQttOq28J5lVKpAgGf+CoxZ4hx35JLnD3i
TcojtLtEn2OaeWuRpznLj4VYMzQU2QK24+2tD0oBnZd4BYEBDBW3UdVhF1YOXkyf
jsHVZDSqwhAb3+5Dc+sfUwgBBMZ2PtED+yMpDCQ0G607GUog6Yv2lO76Cj3A8IWn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:50 2023 by rpki-client on console-fra.rpki-client.org