Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8f6b15-6ec1-4e60-bfd6-e492d4e1b631/1/NYfxXrSxnXB4BuC6lT3dJauvXJ4.roa
File: NYfxXrSxnXB4BuC6lT3dJauvXJ4.roa (raw, json)
Hash identifier: Tfpv3dOWUiIDSHmWNbq/+g1c+Phl6uKsIJaRsDCiE5k=
Subject key identifier: 35:87:F1:5E:B4:B1:9D:70:78:06:E0:BA:95:3D:DD:25:AB:AF:5C:9E
Certificate issuer: /CN=5e3148b9ecd20e5ff2465a9cd101ada9ae508d57
Certificate serial: 01857070574DEFFA658B2D22B5C315187275
Authority key identifier: 5E:31:48:B9:EC:D2:0E:5F:F2:46:5A:9C:D1:01:AD:A9:AE:50:8D:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XjFIuezSDl_yRlqc0QGtqa5QjVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8f6b15-6ec1-4e60-bfd6-e492d4e1b631/1/NYfxXrSxnXB4BuC6lT3dJauvXJ4.roa
Signing time: Mon 02 Jan 2023 03:04:48 +0000
ROA not before: Mon 02 Jan 2023 03:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47736
IP address blocks: 185.78.44.0/22 maxlen: 22
2a03:5820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:57:4d:ef:fa:65:8b:2d:22:b5:c3:15:18:72:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e3148b9ecd20e5ff2465a9cd101ada9ae508d57
Validity
Not Before: Jan 2 03:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3587f15eb4b19d707806e0ba953ddd25abaf5c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2d:f5:19:3b:2b:48:3e:8d:d8:56:b3:c4:ee:
af:a2:2d:03:7a:d3:9b:0b:5e:7b:6d:b7:ae:e9:7d:
2b:19:62:99:49:75:5e:ec:9c:ed:5b:7f:47:3a:b8:
04:f5:a2:ce:24:b3:68:0b:88:86:72:45:1f:6b:1b:
a8:23:ad:30:e3:83:e6:48:dc:1a:6b:8d:bf:81:00:
d1:f6:1d:08:6f:b4:99:d0:a1:d1:91:51:00:f0:6c:
13:04:b5:91:14:79:c5:6c:a6:8a:6a:2b:fe:be:d6:
b9:97:ff:d2:58:08:08:0d:0f:30:2f:07:0f:64:c2:
75:ac:12:73:eb:68:06:20:a2:51:5b:38:f5:c7:a8:
1c:e9:21:29:b2:90:c4:5e:a2:31:6f:8b:d5:e4:a5:
4f:43:a2:c1:a2:ec:03:5c:d3:34:da:ee:c9:1e:2b:
4f:40:96:f9:8f:80:9b:88:d2:80:30:1d:8c:c8:de:
5f:c4:8d:b8:3a:e6:3d:82:01:45:ea:dc:bc:a5:2f:
8a:03:82:af:46:bb:48:3a:41:a2:89:ea:0f:f7:72:
61:80:45:b0:16:6d:26:58:ac:31:98:db:aa:b5:b0:
15:ec:b2:a6:44:39:50:97:a1:71:69:5f:d9:98:f7:
b8:59:ea:06:bb:0b:c4:a5:16:9e:67:15:e6:18:b3:
d2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:87:F1:5E:B4:B1:9D:70:78:06:E0:BA:95:3D:DD:25:AB:AF:5C:9E
X509v3 Authority Key Identifier:
keyid:5E:31:48:B9:EC:D2:0E:5F:F2:46:5A:9C:D1:01:AD:A9:AE:50:8D:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XjFIuezSDl_yRlqc0QGtqa5QjVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8f6b15-6ec1-4e60-bfd6-e492d4e1b631/1/NYfxXrSxnXB4BuC6lT3dJauvXJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8f6b15-6ec1-4e60-bfd6-e492d4e1b631/1/XjFIuezSDl_yRlqc0QGtqa5QjVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.44.0/22
IPv6:
2a03:5820::/32
Signature Algorithm: sha256WithRSAEncryption
8c:fa:46:5b:19:73:73:7e:4b:1a:eb:fc:99:c3:ba:30:e0:86:
56:18:55:69:2d:41:4f:03:35:54:58:9c:19:06:a1:77:4d:5d:
71:87:71:16:8c:94:f3:c3:d2:5b:de:c6:15:64:cb:07:9a:12:
af:5f:de:1e:57:9c:79:e7:d6:dd:02:9f:81:99:39:76:6c:a2:
97:63:1f:b2:9e:2f:e3:86:25:46:ec:03:fa:5c:3d:89:be:b3:
ad:49:f8:12:a4:c1:95:a4:d6:c1:55:4d:7c:be:8c:73:62:b0:
78:c9:0b:a9:e7:54:c4:eb:c7:43:c9:3a:ec:d3:d1:21:a4:0e:
91:17:a1:fa:0c:f7:a0:e8:8f:e7:6d:0d:59:e2:05:d6:b4:cc:
83:59:f1:b7:cc:13:f1:e9:80:ec:7c:95:69:45:f8:05:28:a1:
ad:61:42:1a:78:84:f7:e7:fe:ea:8d:2f:64:44:9f:81:98:16:
d6:6f:26:56:72:18:84:cd:7c:90:98:29:b3:8e:b4:ff:2d:65:
07:2c:46:9a:a1:e5:b8:c7:a1:1b:aa:42:8f:02:24:cf:9f:14:
13:03:fe:26:4d:b2:ba:80:97:50:02:f1:88:12:20:97:c0:c5:
6c:99:5f:f0:6e:8a:20:a4:40:5c:45:14:f2:a1:36:b7:48:3c:
6a:dd:7e:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcFdN7/pliy0itcMVGHJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMzE0OGI5ZWNkMjBlNWZmMjQ2NWE5Y2QxMDFhZGE5YWU1
MDhkNTcwHhcNMjMwMTAyMDMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg3ZjE1ZWI0YjE5ZDcwNzgwNmUwYmE5NTNkZGQyNWFiYWY1YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi31GTsrSD6N2FazxO6voi0DetOb
C157bbeu6X0rGWKZSXVe7JztW39HOrgE9aLOJLNoC4iGckUfaxuoI60w44PmSNwa
a42/gQDR9h0Ib7SZ0KHRkVEA8GwTBLWRFHnFbKaKaiv+vta5l//SWAgIDQ8wLwcP
ZMJ1rBJz62gGIKJRWzj1x6gc6SEpspDEXqIxb4vV5KVPQ6LBouwDXNM02u7JHitP
QJb5j4CbiNKAMB2MyN5fxI24OuY9ggFF6ty8pS+KA4KvRrtIOkGiieoP93JhgEWw
Fm0mWKwxmNuqtbAV7LKmRDlQl6FxaV/ZmPe4WeoGuwvEpRaeZxXmGLPS6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDWH8V60sZ1weAbgupU93SWrr1yeMB8GA1UdIwQY
MBaAFF4xSLns0g5f8kZanNEBramuUI1XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGpGSXVlelNEbF95UmxxYzBRR3RxYTVRalZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84ZjZiMTUtNmVjMS00ZTYwLWJmZDYt
ZTQ5MmQ0ZTFiNjMxLzEvTllmeFhyU3huWEI0QnVDNmxUM2RKYXV2WEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84ZjZiMTUtNmVjMS00ZTYwLWJmZDYtZTQ5MmQ0ZTFiNjMx
LzEvWGpGSXVlelNEbF95UmxxYzBRR3RxYTVRalZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU4sMA0E
AgACMAcDBQAqA1ggMA0GCSqGSIb3DQEBCwUAA4IBAQCM+kZbGXNzfksa6/yZw7ow
4IZWGFVpLUFPAzVUWJwZBqF3TV1xh3EWjJTzw9Jb3sYVZMsHmhKvX94eV5x559bd
Ap+BmTl2bKKXYx+yni/jhiVG7AP6XD2JvrOtSfgSpMGVpNbBVU18voxzYrB4yQup
51TE68dDyTrs09EhpA6RF6H6DPeg6I/nbQ1Z4gXWtMyDWfG3zBPx6YDsfJVpRfgF
KKGtYUIaeIT35/7qjS9kRJ+BmBbWbyZWchiEzXyQmCmzjrT/LWUHLEaaoeW4x6Eb
qkKPAiTPnxQTA/4mTbK6gJdQAvGIEiCXwMVsmV/wboogpEBcRRTyoTa3SDxq3X7C
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:45 2024 by rpki-client on console-ams.rpki-client.org