Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/7pzwTpt-NVTvDkF4c8n2E1KO6Bo.roa
File: 7pzwTpt-NVTvDkF4c8n2E1KO6Bo.roa (raw, json)
Hash identifier: DW0epKsimUMc+ds6F1+B7QUOAgtFGzuIO2dBrdpV810=
Subject key identifier: EE:9C:F0:4E:9B:7E:35:54:EF:0E:41:78:73:C9:F6:13:52:8E:E8:1A
Certificate issuer: /CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Certificate serial: 018571D7B8D476482CAE83A4A1690EB802DA
Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/7pzwTpt-NVTvDkF4c8n2E1KO6Bo.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2852
IP address blocks: 185.8.160.0/22 maxlen: 24
78.128.128.0/17 maxlen: 24
193.84.80.0/22 maxlen: 24
195.178.64.0/19 maxlen: 24
195.113.0.0/16 maxlen: 24
2001:718::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 15 Aug 2023 12:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b8:d4:76:48:2c:ae:83:a4:a1:69:0e:b8:02:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee9cf04e9b7e3554ef0e417873c9f613528ee81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a4:e7:d9:45:6a:e3:2f:6a:42:0c:84:10:13:
3f:df:57:16:46:f6:a2:fd:d6:5e:e9:1e:20:94:38:
20:74:23:14:da:e6:cc:73:ce:bd:60:7f:bf:cf:b0:
9d:20:f0:55:43:5d:e5:87:fd:d1:32:93:d3:b0:91:
9f:66:96:a9:c7:39:62:2f:08:31:eb:2d:cc:e8:1b:
d3:4b:d2:b3:20:79:ec:fd:b1:43:fd:90:e1:e2:4d:
9e:ff:d7:af:b9:0d:b8:46:88:b7:8c:ff:88:38:9e:
33:77:15:2b:a1:d2:a4:fd:a7:3e:83:95:a8:e1:bc:
7a:6d:df:a1:b1:02:00:48:bc:2a:d2:1a:33:36:63:
0a:b7:0f:1a:37:2e:43:82:77:5d:05:92:f2:6b:71:
47:56:20:00:42:27:f3:25:c6:10:41:61:2f:37:58:
00:50:3a:9a:af:77:c2:91:e8:06:a9:41:26:c1:8c:
46:d9:ac:76:2e:d8:65:28:06:4e:d9:73:2e:40:49:
16:6b:7b:32:bb:07:54:0c:55:fb:53:36:24:47:5c:
1c:ca:48:dd:9e:54:48:b8:9d:31:16:e4:fd:c2:5e:
36:7b:44:e0:50:5d:f7:93:4e:16:4f:fd:90:55:59:
f4:21:d1:83:14:f5:83:4d:9a:da:aa:e6:fd:d9:1d:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9C:F0:4E:9B:7E:35:54:EF:0E:41:78:73:C9:F6:13:52:8E:E8:1A
X509v3 Authority Key Identifier:
keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/7pzwTpt-NVTvDkF4c8n2E1KO6Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.128.0/17
185.8.160.0/22
193.84.80.0/22
195.113.0.0/16
195.178.64.0/19
IPv6:
2001:718::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b6:d7:5d:34:8a:9b:b1:27:1e:9f:37:db:81:70:11:d2:7b:
53:37:8a:45:01:85:36:dc:e5:8a:32:77:2b:52:a9:22:72:87:
49:de:96:ea:06:e6:3e:96:44:34:fb:67:94:5c:9a:1e:dc:33:
10:83:a5:4c:f1:80:1c:1c:8b:4f:57:f9:d6:7e:6a:a3:47:39:
90:82:e8:cb:59:43:61:0d:0f:eb:56:55:3e:7b:e4:e2:12:d0:
ef:c3:87:07:7f:cc:bf:bf:dc:2d:43:4c:9d:58:15:4b:7f:db:
a9:98:b0:39:36:ce:ea:92:1a:6a:30:bd:a3:8a:c3:9e:30:35:
d7:29:8b:b5:28:82:ae:88:5c:5c:3e:83:8b:44:7d:dc:44:9e:
a3:1b:25:72:90:10:4f:44:ed:64:7d:a9:6c:cf:50:d1:5e:c2:
b4:98:40:56:4b:fe:4a:03:33:06:37:22:d6:ec:e1:b9:33:77:
1c:38:62:e6:fa:59:74:ff:7f:c1:5c:13:10:0b:67:f7:18:10:
6b:16:3b:ed:81:ae:03:e8:65:b3:e7:58:e6:72:4c:69:59:e3:
05:38:9e:df:1f:b4:db:98:4b:1f:c0:df:63:b0:ca:1a:39:bf:
a5:a5:b2:ac:bf:da:07:40:5b:c6:89:a4:f9:79:e2:e4:79:37:
4e:79:22:ba
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVx17jUdkgsroOkoWkOuALaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGYwNDI4MjQyNzNmY2ZmM2YwOTNkMGY5YjFkZWM2OTYw
YmFlNmEwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTljZjA0ZTliN2UzNTU0ZWYwZTQxNzg3M2M5ZjYxMzUyOGVlODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56Tn2UVq4y9qQgyEEBM/31cWRvai
/dZe6R4glDggdCMU2ubMc869YH+/z7CdIPBVQ13lh/3RMpPTsJGfZpapxzliLwgx
6y3M6BvTS9KzIHns/bFD/ZDh4k2e/9evuQ24Roi3jP+IOJ4zdxUrodKk/ac+g5Wo
4bx6bd+hsQIASLwq0hozNmMKtw8aNy5DgnddBZLya3FHViAAQifzJcYQQWEvN1gA
UDqar3fCkegGqUEmwYxG2ax2LthlKAZO2XMuQEkWa3syuwdUDFX7UzYkR1wcykjd
nlRIuJ0xFuT9wl42e0TgUF33k04WT/2QVVn0IdGDFPWDTZraqub92R2XGwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFO6c8E6bfjVU7w5BeHPJ9hNSjugaMB8GA1UdIwQY
MBaAFCffBCgkJz/P8/CT0Pmx3saWC65qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUt
Y2UyMmQ1ZWFiODJmLzEvN3B6d1RwdC1OVlR2RGtGNGM4bjJFMUtPNkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUtY2UyMmQ1ZWFiODJm
LzEvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHToCAAwQC
uQigAwQCwVRQAwMAw3EDBAXDskAwDQQCAAIwBwMFAyABBxgwDQYJKoZIhvcNAQEL
BQADggEBADu21100ipuxJx6fN9uBcBHSe1M3ikUBhTbc5YoydytSqSJyh0neluoG
5j6WRDT7Z5Rcmh7cMxCDpUzxgBwci09X+dZ+aqNHOZCC6MtZQ2END+tWVT575OIS
0O/Dhwd/zL+/3C1DTJ1YFUt/26mYsDk2zuqSGmowvaOKw54wNdcpi7Uogq6IXFw+
g4tEfdxEnqMbJXKQEE9E7WR9qWzPUNFewrSYQFZL/koDMwY3Itbs4bkzdxw4Yub6
WXT/f8FcExALZ/cYEGsWO+2BrgPoZbPnWOZyTGlZ4wU4nt8ftNuYSx/A32Owyho5
v6Wlsqy/2gdAW8aJpPl54uR5N055Iro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:05 2024 by rpki-client on console-ams.rpki-client.org