Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/koTxCa53UrZuYVoEyqlgFSnFyQ0.roa
File: koTxCa53UrZuYVoEyqlgFSnFyQ0.roa (raw, json)
Hash identifier: JHsfmqlEZWn7bAXTz2pY1FicEEw4T3oAmTgkTRodGZA=
Subject key identifier: 92:84:F1:09:AE:77:52:B6:6E:61:5A:04:CA:A9:60:15:29:C5:C9:0D
Certificate issuer: /CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Certificate serial: 018CC492F47F770F6127BBEA339352AC6BC8
Authority key identifier: DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/koTxCa53UrZuYVoEyqlgFSnFyQ0.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50823
IP address blocks: 185.83.64.0/22 maxlen: 22
178.170.128.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f4:7f:77:0f:61:27:bb:ea:33:93:52:ac:6b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9284f109ae7752b66e615a04caa9601529c5c90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:74:72:93:1e:fe:02:bb:69:fd:ef:ce:00:da:
49:75:94:fc:8e:eb:25:1d:8f:25:44:cf:ce:19:a4:
3b:95:72:9f:1d:27:58:d5:89:20:82:af:30:d4:88:
55:0c:67:d4:81:ec:ea:aa:8a:87:1d:f1:1c:c2:ed:
85:be:f2:6b:2b:02:e7:d7:4c:47:04:ac:7d:f1:86:
1d:7c:c9:a0:c3:60:1f:98:da:8d:93:69:f0:8e:2b:
88:57:d2:e8:be:b0:07:b4:2b:98:70:c3:20:6d:b3:
c0:58:74:32:d5:de:ff:bd:74:21:ad:46:1d:14:9d:
7e:88:1b:37:aa:3e:b6:ef:aa:a1:50:f0:3b:44:52:
45:8b:e0:06:80:6a:c4:a7:51:84:7d:f8:cf:09:67:
8f:01:84:9b:60:94:4b:94:22:f5:59:fe:18:a9:d7:
2d:e6:5f:38:57:6d:70:1e:c9:d0:d7:89:0f:85:d7:
52:ba:05:4f:b6:dc:83:2a:fc:9b:66:0b:20:a0:5a:
2d:c6:bc:57:d8:f4:22:73:ca:64:86:17:68:07:6b:
d1:d7:d4:42:ed:1a:4d:44:94:1f:38:72:61:fb:ab:
43:f4:78:44:4e:29:ed:22:98:31:e8:a2:10:b7:93:
7b:0b:64:4f:0a:ec:8a:42:42:fa:11:75:77:8e:ab:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:84:F1:09:AE:77:52:B6:6E:61:5A:04:CA:A9:60:15:29:C5:C9:0D
X509v3 Authority Key Identifier:
keyid:DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/koTxCa53UrZuYVoEyqlgFSnFyQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/333WWWZzfOj2XkDvL-oc_6-xYrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.128.0/22
185.83.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:77:d4:b4:b4:61:43:89:c5:82:3b:34:43:36:65:ba:28:0b:
f5:43:80:7a:e1:f0:ad:31:30:35:0e:37:65:d9:14:c3:9b:37:
4a:65:84:26:62:16:bd:c3:c1:f9:22:8d:6b:a9:38:2d:83:2f:
99:c9:4e:fe:14:68:ab:fe:e8:32:cc:09:d1:82:d4:4d:d0:3b:
0b:50:a5:51:a7:fe:e2:eb:e3:68:74:7e:7c:0b:6e:e9:c8:3f:
96:55:4d:24:7f:32:a7:38:5a:9a:ea:bc:8e:65:bd:2c:9f:c3:
75:dd:fc:2a:98:27:95:f6:72:bd:0e:67:d8:6e:de:6f:38:c6:
85:7c:97:9a:c8:6a:78:70:3b:b1:af:02:f9:e9:91:50:29:7d:
e3:74:db:c9:a0:b2:ec:98:3a:89:bf:c3:53:0e:f4:40:07:35:
2e:87:cc:87:f9:c0:17:0f:8f:07:3a:e1:ed:d7:80:2b:78:c1:
d3:a8:10:38:6f:57:21:88:ab:6b:db:34:62:ff:22:81:9b:e0:
47:62:fe:73:d6:3a:2d:1b:2d:4c:74:27:4c:51:57:2b:be:75:
c0:ec:bc:e4:23:62:83:7a:bd:eb:b4:b2:e6:18:cf:f4:82:f3:
cf:18:5e:4d:7c:1d:2a:36:58:4c:91:93:2a:2a:e0:df:dd:c3:
08:69:66:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkvR/dw9hJ7vqM5NSrGvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2RkNjU5NjY3MzdjZThmNjVlNDBlZjJmZWExY2ZmYWZi
MTYyYjAwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg0ZjEwOWFlNzc1MmI2NmU2MTVhMDRjYWE5NjAxNTI5YzVjOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXRykx7+Artp/e/OANpJdZT8jusl
HY8lRM/OGaQ7lXKfHSdY1Ykggq8w1IhVDGfUgezqqoqHHfEcwu2FvvJrKwLn10xH
BKx98YYdfMmgw2AfmNqNk2nwjiuIV9LovrAHtCuYcMMgbbPAWHQy1d7/vXQhrUYd
FJ1+iBs3qj6276qhUPA7RFJFi+AGgGrEp1GEffjPCWePAYSbYJRLlCL1Wf4Yqdct
5l84V21wHsnQ14kPhddSugVPttyDKvybZgsgoFotxrxX2PQic8pkhhdoB2vR19RC
7RpNRJQfOHJh+6tD9HhETintIpgx6KIQt5N7C2RPCuyKQkL6EXV3jquPSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJKE8Qmud1K2bmFaBMqpYBUpxckNMB8GA1UdIwQY
MBaAFN991llmc3zo9l5A7y/qHP+vsWKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMt
OGFjODk2NTcwOGJjLzEva29UeENhNTNVclp1WVZvRXlxbGdGU25GeVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lMjgzYmItZDRkMy00YjNhLWIyYjMtOGFjODk2NTcwOGJj
LzEvMzMzV1dXWnpmT2oyWGtEdkwtb2NfNi14WXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsqqAAwQC
uVNAMA0GCSqGSIb3DQEBCwUAA4IBAQAqd9S0tGFDicWCOzRDNmW6KAv1Q4B64fCt
MTA1Djdl2RTDmzdKZYQmYha9w8H5Io1rqTgtgy+ZyU7+FGir/ugyzAnRgtRN0DsL
UKVRp/7i6+NodH58C27pyD+WVU0kfzKnOFqa6ryOZb0sn8N13fwqmCeV9nK9DmfY
bt5vOMaFfJeayGp4cDuxrwL56ZFQKX3jdNvJoLLsmDqJv8NTDvRABzUuh8yH+cAX
D48HOuHt14AreMHTqBA4b1chiKtr2zRi/yKBm+BHYv5z1jotGy1MdCdMUVcrvnXA
7LzkI2KDer3rtLLmGM/0gvPPGF5NfB0qNlhMkZMqKuDf3cMIaWZi
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:57 2024 by rpki-client on console-fra.rpki-client.org