Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4zI7dDK3rm3W-R55D-PK1iR7bXE.roa
File: 4zI7dDK3rm3W-R55D-PK1iR7bXE.roa (raw, json)
Hash identifier: 2zuM78wwPM132vlOwIbTdPoiR13t6HfrLViS6IOZa2M=
Subject key identifier: E3:32:3B:74:32:B7:AE:6D:D6:F9:1E:79:0F:E3:CA:D6:24:7B:6D:71
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018CC794ED07C6E8708E7BD3350687C8A97C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4zI7dDK3rm3W-R55D-PK1iR7bXE.roa
Signing time: Tue 02 Jan 2024 00:31:15 +0000
ROA not before: Tue 02 Jan 2024 00:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 185.177.78.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 23:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ed:07:c6:e8:70:8e:7b:d3:35:06:87:c8:a9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 00:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3323b7432b7ae6dd6f91e790fe3cad6247b6d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8c:a4:50:17:3e:d1:60:71:c7:ff:4f:32:5d:
18:7a:7f:2b:6e:90:8f:35:78:06:fd:dd:e6:cf:ca:
f7:f2:ab:07:76:ae:59:25:2f:e6:8c:36:4e:39:7f:
63:85:46:dd:77:2a:de:0f:2f:33:7d:8f:64:52:54:
9f:c9:09:b4:81:22:ec:20:5f:cc:c3:1e:23:dc:19:
9a:3b:3c:ef:9c:4b:83:b3:67:d5:f8:0b:b1:9c:21:
cf:7b:f4:ef:2a:cc:f0:97:af:8a:58:18:e4:81:27:
30:fc:d6:1e:6c:c4:8a:84:be:df:e9:27:ca:87:09:
c7:63:9d:32:cc:69:20:27:ef:54:3f:7b:24:11:05:
2b:87:17:83:30:33:4f:fe:ea:a2:4a:31:5d:71:c8:
87:34:c9:c7:b2:3a:0b:59:3f:bb:c9:14:fd:e3:3e:
36:44:e1:04:fe:11:1e:28:4d:30:66:a4:b6:0f:0d:
f3:73:dc:24:bb:78:36:4f:56:14:73:e2:5d:12:af:
b9:1d:d1:b1:66:76:59:38:41:1a:b4:82:1c:19:09:
81:3a:fd:cc:85:b3:ae:26:70:62:cc:e3:14:58:8d:
0c:d4:13:c6:53:db:07:a6:b2:5f:a3:3e:6c:70:31:
5c:1d:b0:27:1f:46:9c:97:11:24:50:cf:84:66:2e:
d5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:32:3B:74:32:B7:AE:6D:D6:F9:1E:79:0F:E3:CA:D6:24:7B:6D:71
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4zI7dDK3rm3W-R55D-PK1iR7bXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.78.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:b6:90:c4:74:69:6a:ee:ec:4c:4c:e0:7a:35:1a:64:66:4b:
44:b4:0c:5b:e8:5b:26:35:f0:39:a7:b9:a8:48:13:0a:19:6d:
57:b2:4c:ba:a2:25:aa:bd:41:c1:b5:ab:d5:8a:f5:2c:5f:e2:
4e:00:8a:da:90:d2:cf:b6:12:d6:3c:21:65:89:df:62:f4:2d:
67:6a:e4:b7:f6:54:a2:ef:fb:ac:24:58:7f:5f:72:dd:85:b0:
36:59:c3:95:c9:29:88:53:f3:00:39:49:59:12:cf:d0:b2:56:
22:8e:7e:ab:a9:9c:53:e8:92:ce:20:21:73:ae:b7:51:7e:e4:
70:a2:6d:52:cd:eb:bf:e6:5f:f0:f4:7d:80:d4:f6:d5:78:48:
f1:76:dc:46:6e:41:84:69:ee:00:93:cd:f3:49:f4:9d:e2:ce:
68:a0:73:88:63:8e:b3:db:3d:be:71:3e:ec:4b:46:b3:b5:11:
cf:e6:fb:c2:f8:9c:b0:a2:89:63:f2:49:27:b5:a7:a9:e3:47:
61:0b:2b:f5:75:06:22:47:89:6a:8f:57:39:51:39:9d:4c:41:
1e:e9:80:be:23:14:c3:ae:12:a3:a7:54:5b:8d:a6:cb:f8:23:
46:1b:70:96:6e:9e:e8:02:64:4f:79:68:0c:08:80:5c:50:0b:
33:7b:e5:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlO0HxuhwjnvTNQaHyKl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMTAyMDAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMyM2I3NDMyYjdhZTZkZDZmOTFlNzkwZmUzY2FkNjI0N2I2ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYykUBc+0WBxx/9PMl0Yen8rbpCP
NXgG/d3mz8r38qsHdq5ZJS/mjDZOOX9jhUbddyreDy8zfY9kUlSfyQm0gSLsIF/M
wx4j3BmaOzzvnEuDs2fV+AuxnCHPe/TvKszwl6+KWBjkgScw/NYebMSKhL7f6SfK
hwnHY50yzGkgJ+9UP3skEQUrhxeDMDNP/uqiSjFdcciHNMnHsjoLWT+7yRT94z42
ROEE/hEeKE0wZqS2Dw3zc9wku3g2T1YUc+JdEq+5HdGxZnZZOEEatIIcGQmBOv3M
hbOuJnBizOMUWI0M1BPGU9sHprJfoz5scDFcHbAnH0aclxEkUM+EZi7VOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMyO3Qyt65t1vkeeQ/jytYke21xMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvNHpJN2RESzNybTNXLVI1NUQtUEsxaVI3YlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubFOMA0G
CSqGSIb3DQEBCwUAA4IBAQCjtpDEdGlq7uxMTOB6NRpkZktEtAxb6FsmNfA5p7mo
SBMKGW1Xsky6oiWqvUHBtavVivUsX+JOAIrakNLPthLWPCFlid9i9C1nauS39lSi
7/usJFh/X3LdhbA2WcOVySmIU/MAOUlZEs/QslYijn6rqZxT6JLOICFzrrdRfuRw
om1Szeu/5l/w9H2A1PbVeEjxdtxGbkGEae4Ak83zSfSd4s5ooHOIY46z2z2+cT7s
S0aztRHP5vvC+Jywoolj8kkntaep40dhCyv1dQYiR4lqj1c5UTmdTEEe6YC+IxTD
rhKjp1RbjabL+CNGG3CWbp7oAmRPeWgMCIBcUAsze+VN
-----END CERTIFICATE-----
Generated at Mon Nov 11 04:10:17 2024 by rpki-client on console-fra.rpki-client.org