Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/pwzCl8w_Nebn55ukztjcvgNJUHc.roa
File: pwzCl8w_Nebn55ukztjcvgNJUHc.roa (raw, json)
Hash identifier: czQTSk8jZRnuvll6gUe+9+wacJAvSviiomNxj7ztcdw=
Subject key identifier: A7:0C:C2:97:CC:3F:35:E6:E7:E7:9B:A4:CE:D8:DC:BE:03:49:50:77
Certificate issuer: /CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Certificate serial: 01904D11DBD5DF9B9E6004CAFB9283916AEF
Authority key identifier: 67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/pwzCl8w_Nebn55ukztjcvgNJUHc.roa
Signing time: Tue 25 Jun 2024 01:45:34 +0000
ROA not before: Tue 25 Jun 2024 01:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5384
IP address blocks: 185.78.244.0/24 maxlen: 24
185.78.245.0/24 maxlen: 24
185.78.246.0/24 maxlen: 24
185.78.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 03:44:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4d:11:db:d5:df:9b:9e:60:04:ca:fb:92:83:91:6a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Validity
Not Before: Jun 25 01:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a70cc297cc3f35e6e7e79ba4ced8dcbe03495077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:87:a4:78:04:08:7b:ba:67:9e:fa:f4:7a:a0:
95:61:ff:48:48:49:81:96:f7:8a:f6:f1:6b:38:2d:
fd:d5:be:1b:70:03:06:b7:16:05:01:3d:9c:70:d2:
b0:01:3e:77:33:f2:25:23:b5:d4:0f:ca:14:cb:dc:
cd:50:95:e2:23:cb:60:83:08:7a:3a:5d:e5:24:5b:
c2:cb:81:7f:b8:b2:96:df:6d:cc:3f:04:b3:fc:38:
8b:94:cb:84:3b:fe:50:dc:85:67:73:84:d7:65:b3:
4e:52:24:b3:31:72:a3:7d:14:6f:16:b7:86:fa:52:
ce:f7:29:43:d1:fb:a8:0a:84:dd:b8:43:3f:58:37:
92:fc:9a:b9:5a:c8:67:c8:19:46:7c:c4:ad:28:48:
d7:4b:14:30:1b:81:ec:a4:01:83:06:7c:f6:ae:21:
40:b2:39:9b:13:8f:f0:00:48:52:30:5d:2d:38:81:
8b:70:bb:bb:9e:14:b6:f5:4d:e7:17:97:0c:d5:52:
bf:5e:94:e0:dd:2f:43:b7:17:a4:90:ab:1c:bf:13:
ef:c1:34:82:05:33:a0:e6:5a:8e:d7:6a:ab:20:11:
c5:7f:1e:28:66:f3:95:61:0e:7c:c4:8e:2e:4a:32:
f0:86:fd:a2:52:f9:8d:1f:9b:c3:95:09:2a:20:b1:
7f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0C:C2:97:CC:3F:35:E6:E7:E7:9B:A4:CE:D8:DC:BE:03:49:50:77
X509v3 Authority Key Identifier:
keyid:67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/pwzCl8w_Nebn55ukztjcvgNJUHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.244.0/22
Signature Algorithm: sha256WithRSAEncryption
64:c0:f8:41:3a:7b:d7:f5:9e:7d:7b:3e:f7:d4:b1:d0:83:6b:
5e:d9:85:d8:4a:31:62:2e:46:64:cd:c7:1b:ab:9a:58:c8:99:
dd:06:84:c4:09:1a:1f:34:da:ba:f5:e1:fc:11:7a:9b:9d:36:
fb:55:49:a0:cb:27:76:c3:5f:e6:a4:69:1f:a6:ea:56:a5:41:
e1:2c:c1:6a:61:57:9d:c7:a1:3b:9f:b7:79:5e:40:d8:bb:6b:
16:32:56:22:13:bc:be:8f:2a:63:9c:fc:f2:5f:ee:dc:33:b8:
b6:18:76:d1:0b:f0:b3:7e:8f:d0:de:f5:ba:62:66:00:28:95:
27:ff:ac:fa:75:3e:9c:f0:30:cd:d3:ff:9e:d2:5c:a3:69:44:
f3:6e:08:d9:92:ec:5e:b0:57:c4:66:a5:7b:f1:de:d9:bd:39:
3b:ab:62:9f:f4:4b:43:9a:dc:60:6c:f2:76:a5:9d:52:bb:a4:
ad:ad:2f:98:3c:01:fb:b9:75:09:22:2c:35:c9:a6:86:45:9f:
71:6f:a9:5b:7e:14:83:f1:51:7b:ac:31:82:63:51:29:28:96:
00:39:be:32:b9:21:d5:a9:8d:bc:11:0b:fc:fa:94:7f:f0:f6:
16:cb:c6:9e:f7:7b:52:cf:f3:c5:56:7f:da:41:27:dc:82:46:
bb:b2:80:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBNEdvV35ueYATK+5KDkWrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGU2MDc3OWYzY2Q0ZDAzZDVlNTA3ODQwZjVmYTJhMzFh
NmFiOGQwHhcNMjQwNjI1MDE0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzBjYzI5N2NjM2YzNWU2ZTdlNzliYTRjZWQ4ZGNiZTAzNDk1MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IekeAQIe7pnnvr0eqCVYf9ISEmB
lveK9vFrOC391b4bcAMGtxYFAT2ccNKwAT53M/IlI7XUD8oUy9zNUJXiI8tggwh6
Ol3lJFvCy4F/uLKW323MPwSz/DiLlMuEO/5Q3IVnc4TXZbNOUiSzMXKjfRRvFreG
+lLO9ylD0fuoCoTduEM/WDeS/Jq5WshnyBlGfMStKEjXSxQwG4HspAGDBnz2riFA
sjmbE4/wAEhSMF0tOIGLcLu7nhS29U3nF5cM1VK/XpTg3S9DtxekkKscvxPvwTSC
BTOg5lqO12qrIBHFfx4oZvOVYQ58xI4uSjLwhv2iUvmNH5vDlQkqILF/xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcMwpfMPzXm5+ebpM7Y3L4DSVB3MB8GA1UdIwQY
MBaAFGcOYHefPNTQPV5QeED1+ioxpquNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUt
MzUwMDRhNjcxZWIzLzEvcHd6Q2w4d19OZWJuNTV1a3p0amN2Z05KVUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUtMzUwMDRhNjcxZWIz
LzEvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU70MA0G
CSqGSIb3DQEBCwUAA4IBAQBkwPhBOnvX9Z59ez731LHQg2te2YXYSjFiLkZkzccb
q5pYyJndBoTECRofNNq69eH8EXqbnTb7VUmgyyd2w1/mpGkfpupWpUHhLMFqYVed
x6E7n7d5XkDYu2sWMlYiE7y+jypjnPzyX+7cM7i2GHbRC/Czfo/Q3vW6YmYAKJUn
/6z6dT6c8DDN0/+e0lyjaUTzbgjZkuxesFfEZqV78d7ZvTk7q2Kf9EtDmtxgbPJ2
pZ1Su6StrS+YPAH7uXUJIiw1yaaGRZ9xb6lbfhSD8VF7rDGCY1EpKJYAOb4yuSHV
qY28EQv8+pR/8PYWy8ae93tSz/PFVn/aQSfcgka7soAy
-----END CERTIFICATE-----
Generated at Wed Jul 3 04:44:33 2024 by rpki-client on console-fra.rpki-client.org