Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/7OK1iWr1M55KsRAcAQRQ8CGCzvg.roa
File: 7OK1iWr1M55KsRAcAQRQ8CGCzvg.roa (raw, json)
Hash identifier: geTgEELXLrtSOKY9nkgT/nUhEnYDUv2PZvo0jVkfjpA=
Subject key identifier: EC:E2:B5:89:6A:F5:33:9E:4A:B1:10:1C:01:04:50:F0:21:82:CE:F8
Certificate issuer: /CN=7b03a9b20d2afd01d9a1c628d301b99c87cc5acd
Certificate serial: 018B9B74F9BF0B33C9347E75893FCDD44DC6
Authority key identifier: 7B:03:A9:B2:0D:2A:FD:01:D9:A1:C6:28:D3:01:B9:9C:87:CC:5A:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewOpsg0q_QHZocYo0wG5nIfMWs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/7OK1iWr1M55KsRAcAQRQ8CGCzvg.roa
Signing time: Sat 04 Nov 2023 17:50:16 +0000
ROA not before: Sat 04 Nov 2023 17:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57534
IP address blocks: 176.101.224.0/20 maxlen: 20
176.101.224.0/21 maxlen: 21
176.101.224.0/19 maxlen: 19
176.101.232.0/21 maxlen: 21
176.101.240.0/21 maxlen: 21
176.101.248.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:74:f9:bf:0b:33:c9:34:7e:75:89:3f:cd:d4:4d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b03a9b20d2afd01d9a1c628d301b99c87cc5acd
Validity
Not Before: Nov 4 17:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece2b5896af5339e4ab1101c010450f02182cef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:87:4c:d9:26:50:0a:81:01:9d:e7:a7:05:90:
8b:1d:2e:ac:5c:ad:32:cd:02:ee:df:7a:ea:5f:01:
11:01:87:7b:d9:c8:a8:61:66:bf:58:fd:28:9a:6e:
e5:0d:61:cd:73:8b:7b:5a:9f:f8:c1:63:00:d6:9e:
a8:4e:c7:6e:25:87:dd:9f:f2:25:e5:b6:29:41:f1:
1e:e3:cc:85:21:50:60:cf:4d:21:7b:b1:0d:a8:4f:
96:9d:63:18:9b:21:c2:e1:75:d0:ca:e3:28:fa:75:
10:1f:fa:ba:1c:89:fb:e1:96:55:4d:ea:b7:9b:8a:
6b:ff:df:69:89:1c:f0:44:34:5b:7d:26:25:9e:5a:
57:12:2f:b8:ce:96:5b:d4:de:eb:f3:dc:7f:e4:2a:
11:74:8e:1a:59:3f:e7:d6:70:5c:e8:d0:47:d1:28:
a7:9f:d4:cc:9f:11:2b:31:9b:f9:51:b5:fe:77:61:
1c:c1:9d:45:ce:9c:44:08:df:7c:60:7a:8a:1d:97:
9d:29:7d:2c:52:7b:8a:86:e7:7f:b9:95:e2:a5:69:
68:64:43:86:a3:2b:24:2d:d5:e2:71:ed:87:b7:ce:
f5:38:c7:82:65:4e:d8:28:6a:52:b3:f8:79:34:b1:
8d:fa:bb:bc:cc:05:60:cc:9a:23:a3:50:ba:72:59:
dd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E2:B5:89:6A:F5:33:9E:4A:B1:10:1C:01:04:50:F0:21:82:CE:F8
X509v3 Authority Key Identifier:
keyid:7B:03:A9:B2:0D:2A:FD:01:D9:A1:C6:28:D3:01:B9:9C:87:CC:5A:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewOpsg0q_QHZocYo0wG5nIfMWs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/7OK1iWr1M55KsRAcAQRQ8CGCzvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/ewOpsg0q_QHZocYo0wG5nIfMWs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.224.0/19
Signature Algorithm: sha256WithRSAEncryption
73:81:20:b3:d1:ad:fb:26:29:24:6d:dc:40:99:a6:9a:02:cc:
27:58:27:a9:9d:34:c6:e0:19:81:b7:f0:23:7e:0e:d6:3d:7a:
5f:82:1d:62:da:fb:b4:81:ed:ed:d0:5f:7f:32:26:d7:59:29:
0e:cc:31:ab:f5:c2:15:1a:a3:45:68:dd:72:e0:73:ca:6f:f8:
20:61:9d:e8:73:6b:0e:59:dd:34:db:98:1e:05:26:f1:9b:95:
3d:4d:62:66:f8:93:f2:b4:10:d3:e4:dd:c2:38:4c:5c:fa:78:
c0:9e:a2:9a:eb:11:a8:f5:e8:00:68:26:40:b9:83:59:28:5b:
77:67:bb:6e:72:29:53:5b:d1:c5:42:88:5a:7d:54:43:17:65:
17:c2:35:93:e3:56:67:99:d1:33:c1:01:ec:c7:e2:a7:69:9b:
82:53:2b:83:a0:f6:02:c9:e2:16:d0:78:fd:78:45:8a:f5:6f:
99:0a:bc:1e:64:58:28:63:c6:a9:81:bd:f3:76:c8:a4:28:14:
0c:c2:d3:af:4b:39:fb:5e:f2:8f:c3:83:db:b7:60:a5:01:e0:
7e:23:e3:2d:17:5b:a0:9c:79:e2:fa:ce:0e:a1:3e:23:6b:28:
38:ac:ac:68:8d:6d:72:ae:a1:75:bf:9b:12:ee:6b:2c:23:c4:
11:ac:70:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYubdPm/CzPJNH51iT/N1E3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMDNhOWIyMGQyYWZkMDFkOWExYzYyOGQzMDFiOTljODdj
YzVhY2QwHhcNMjMxMTA0MTc1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UyYjU4OTZhZjUzMzllNGFiMTEwMWMwMTA0NTBmMDIxODJjZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1odM2SZQCoEBneenBZCLHS6sXK0y
zQLu33rqXwERAYd72cioYWa/WP0omm7lDWHNc4t7Wp/4wWMA1p6oTsduJYfdn/Il
5bYpQfEe48yFIVBgz00he7ENqE+WnWMYmyHC4XXQyuMo+nUQH/q6HIn74ZZVTeq3
m4pr/99piRzwRDRbfSYlnlpXEi+4zpZb1N7r89x/5CoRdI4aWT/n1nBc6NBH0Sin
n9TMnxErMZv5UbX+d2EcwZ1FzpxECN98YHqKHZedKX0sUnuKhud/uZXipWloZEOG
oyskLdXice2Ht871OMeCZU7YKGpSs/h5NLGN+ru8zAVgzJojo1C6clnduQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzitYlq9TOeSrEQHAEEUPAhgs74MB8GA1UdIwQY
MBaAFHsDqbINKv0B2aHGKNMBuZyHzFrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdPcHNnMHFfUUhab2NZbzB3RzVuSWZNV3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy81NjQ3NzUtMzYxYS00NzI5LWI5NTMt
YTdkMTllYzA3ZjEzLzEvN09LMWlXcjFNNTVLc1JBY0FRUlE4Q0dDenZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy81NjQ3NzUtMzYxYS00NzI5LWI5NTMtYTdkMTllYzA3ZjEz
LzEvZXdPcHNnMHFfUUhab2NZbzB3RzVuSWZNV3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGXgMA0G
CSqGSIb3DQEBCwUAA4IBAQBzgSCz0a37JikkbdxAmaaaAswnWCepnTTG4BmBt/Aj
fg7WPXpfgh1i2vu0ge3t0F9/MibXWSkOzDGr9cIVGqNFaN1y4HPKb/ggYZ3oc2sO
Wd0025geBSbxm5U9TWJm+JPytBDT5N3COExc+njAnqKa6xGo9egAaCZAuYNZKFt3
Z7tucilTW9HFQohafVRDF2UXwjWT41ZnmdEzwQHsx+KnaZuCUyuDoPYCyeIW0Hj9
eEWK9W+ZCrweZFgoY8apgb3zdsikKBQMwtOvSzn7XvKPw4Pbt2ClAeB+I+MtF1ug
nHni+s4OoT4jayg4rKxojW1yrqF1v5sS7mssI8QRrHCs
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:19 2024 by rpki-client on console.sobornost.net