Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/PRMZfblwghrYZcqBscE5qF-0d1Q.roa
File: PRMZfblwghrYZcqBscE5qF-0d1Q.roa (raw, json)
Hash identifier: 1vga/33kU/3xXb7vy0aybZeypKiAxDBNaKov1zlZXyg=
Subject key identifier: 3D:13:19:7D:B9:70:82:1A:D8:65:CA:81:B1:C1:39:A8:5F:B4:77:54
Certificate issuer: /CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Certificate serial: 01856D3878AE12A961010416FF83FC7B21D0
Authority key identifier: DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/PRMZfblwghrYZcqBscE5qF-0d1Q.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50823
IP address blocks: 185.83.64.0/22 maxlen: 22
178.170.128.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:78:ae:12:a9:61:01:04:16:ff:83:fc:7b:21:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d13197db970821ad865ca81b1c139a85fb47754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c8:3c:bb:46:cc:f3:e5:89:af:ef:53:8c:6e:
2c:d4:c4:9a:93:25:70:a9:6d:01:b8:4f:c5:dd:ea:
ac:ee:ef:f2:6d:65:94:ca:bc:f1:95:27:24:98:f0:
c2:ae:45:26:c8:b9:d0:6d:56:6d:cd:fd:29:9c:e6:
0b:5c:54:83:c6:5c:a7:94:ed:76:41:e3:e1:ab:a3:
e9:09:39:3b:8a:5c:dc:ee:76:b0:7e:e6:e6:df:22:
94:43:17:f2:8a:c6:0b:73:2e:5d:c6:1d:19:a1:5d:
95:79:bd:ce:54:b8:f4:9a:40:f4:8f:ac:91:a2:e0:
a4:d4:2f:dc:52:4d:8b:88:36:b6:ec:d3:fd:95:be:
17:95:32:91:99:70:c5:6c:ab:e6:7a:eb:4f:0f:c8:
55:af:ee:1d:d8:5a:6d:9b:97:92:79:b7:80:18:89:
a6:e2:11:46:b5:f3:09:ae:ab:3a:b8:f4:32:48:fe:
ff:61:3b:b9:c0:60:18:47:e1:c9:1e:dd:6d:20:0a:
a1:42:4e:5e:1a:06:d9:5a:96:87:bd:47:dc:f6:28:
6a:6e:e0:41:cb:3d:ed:2b:e9:75:82:4f:1c:9a:59:
2d:3e:65:0c:c8:be:e0:4b:41:e0:4f:92:44:1c:9f:
8e:8b:c6:76:a2:85:87:f9:34:30:f8:70:7c:8b:83:
61:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:13:19:7D:B9:70:82:1A:D8:65:CA:81:B1:C1:39:A8:5F:B4:77:54
X509v3 Authority Key Identifier:
keyid:DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/PRMZfblwghrYZcqBscE5qF-0d1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/333WWWZzfOj2XkDvL-oc_6-xYrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.128.0/22
185.83.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:81:60:bf:95:22:94:cd:45:0b:45:2a:be:ee:7f:71:3d:2d:
cb:69:41:d4:44:06:f2:59:02:9e:ba:c5:71:3d:84:4c:36:aa:
ec:7b:8f:25:7a:3d:a8:70:a8:b8:48:77:44:31:83:2d:37:e4:
45:f1:ea:96:35:7f:1f:89:e4:62:50:ac:a5:b8:a8:18:c9:64:
9f:6e:e2:af:f3:69:76:04:94:55:a0:3f:e3:43:60:eb:fd:2c:
e8:bd:e2:30:f6:5d:f7:6d:c0:7d:e6:d9:23:33:7e:ef:e3:35:
15:b0:a8:49:ac:d3:dc:f6:c8:1d:7f:a9:51:9e:aa:19:dc:0f:
34:45:d0:a6:89:67:3f:eb:d7:93:f7:b1:02:b9:7d:d9:14:5a:
0f:0a:d8:9f:d3:2a:d8:77:e8:7a:ad:bf:2f:50:a8:ce:3c:b4:
25:cf:98:29:33:35:db:af:fe:bb:8f:0a:5e:0e:2e:e9:91:83:
cf:eb:16:d9:25:10:22:fc:40:13:35:5a:b1:b2:70:64:22:6b:
f8:6a:d1:49:31:dc:75:f3:93:73:5a:5a:b8:6d:29:50:f1:38:
dd:03:58:6d:43:dc:93:19:0b:8e:03:14:e0:ad:cd:fd:c4:4a:
f5:1a:48:22:d7:09:b0:15:5a:8c:8d:ba:41:24:fd:a2:b9:72:
38:6e:dd:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtOHiuEqlhAQQW/4P8eyHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2RkNjU5NjY3MzdjZThmNjVlNDBlZjJmZWExY2ZmYWZi
MTYyYjAwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDEzMTk3ZGI5NzA4MjFhZDg2NWNhODFiMWMxMzlhODVmYjQ3NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcg8u0bM8+WJr+9TjG4s1MSakyVw
qW0BuE/F3eqs7u/ybWWUyrzxlSckmPDCrkUmyLnQbVZtzf0pnOYLXFSDxlynlO12
QePhq6PpCTk7ilzc7nawfubm3yKUQxfyisYLcy5dxh0ZoV2Veb3OVLj0mkD0j6yR
ouCk1C/cUk2LiDa27NP9lb4XlTKRmXDFbKvmeutPD8hVr+4d2Fptm5eSebeAGImm
4hFGtfMJrqs6uPQySP7/YTu5wGAYR+HJHt1tIAqhQk5eGgbZWpaHvUfc9ihqbuBB
yz3tK+l1gk8cmlktPmUMyL7gS0HgT5JEHJ+Oi8Z2ooWH+TQw+HB8i4NhUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD0TGX25cIIa2GXKgbHBOahftHdUMB8GA1UdIwQY
MBaAFN991llmc3zo9l5A7y/qHP+vsWKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMt
OGFjODk2NTcwOGJjLzEvUFJNWmZibHdnaHJZWmNxQnNjRTVxRi0wZDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMtOGFjODk2NTcwOGJj
LzEvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsqqAAwQC
uVNAMA0GCSqGSIb3DQEBCwUAA4IBAQCPgWC/lSKUzUULRSq+7n9xPS3LaUHURAby
WQKeusVxPYRMNqrse48lej2ocKi4SHdEMYMtN+RF8eqWNX8fieRiUKyluKgYyWSf
buKv82l2BJRVoD/jQ2Dr/SzoveIw9l33bcB95tkjM37v4zUVsKhJrNPc9sgdf6lR
nqoZ3A80RdCmiWc/69eT97ECuX3ZFFoPCtif0yrYd+h6rb8vUKjOPLQlz5gpMzXb
r/67jwpeDi7pkYPP6xbZJRAi/EATNVqxsnBkImv4atFJMdx185NzWlq4bSlQ8Tjd
A1htQ9yTGQuOAxTgrc39xEr1Gkgi1wmwFVqMjbpBJP2iuXI4bt1o
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:19 2024 by rpki-client on console-fra.rpki-client.org