Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/gaRDoZMNn3lXrnWUK2ISGhyWkdQ.roa
File: gaRDoZMNn3lXrnWUK2ISGhyWkdQ.roa (raw, json)
Hash identifier: SOqM8TCjn5uqZIt2am8iHPXIi7WrnoaIDnSA8kyw0Cw=
Subject key identifier: 81:A4:43:A1:93:0D:9F:79:57:AE:75:94:2B:62:12:1A:1C:96:91:D4
Certificate issuer: /CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Certificate serial: 0188A578B853056BD9704863565D89718D39
Authority key identifier: 7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/gaRDoZMNn3lXrnWUK2ISGhyWkdQ.roa
Signing time: Sat 10 Jun 2023 13:22:12 +0000
ROA not before: Sat 10 Jun 2023 13:22:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208236
IP address blocks: 45.150.152.0/22 maxlen: 24
2a0f:d600::/29 maxlen: 48
2a0f:d606::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a5:78:b8:53:05:6b:d9:70:48:63:56:5d:89:71:8d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Validity
Not Before: Jun 10 13:22:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81a443a1930d9f7957ae75942b62121a1c9691d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c5:22:74:26:ca:d2:48:0a:76:50:f7:a5:11:
a7:8c:3b:ce:b2:7f:10:e7:68:93:81:b4:5a:b2:e5:
11:fb:67:a3:c2:09:c8:9d:02:f9:fa:49:6a:db:e7:
f0:e9:3a:8b:29:20:a3:4a:30:12:09:4a:dc:82:5a:
95:cd:1f:00:77:96:17:e7:96:cf:0d:d2:a3:6f:30:
41:8e:bc:91:34:79:ba:88:e1:da:42:0f:72:90:f1:
60:be:be:e3:e7:95:5f:e4:3e:29:7e:bf:3d:41:ac:
db:f0:57:91:80:41:00:48:c6:54:0a:0b:ed:17:d2:
27:dc:12:15:ae:7a:97:f3:03:f6:67:15:12:6a:25:
38:ba:c7:33:be:d5:c4:3d:de:86:80:f8:b8:4d:73:
7a:ce:46:e4:8d:36:6f:b1:48:a1:a7:a4:a8:22:39:
6f:21:4d:b5:f5:46:c7:63:29:b5:08:b5:19:1d:aa:
fa:82:7d:6a:fa:9e:6d:92:68:ca:a3:ce:00:b7:90:
49:49:06:fa:f6:79:43:1c:cb:6d:2c:2e:06:0f:b7:
f4:4e:ba:5a:87:c1:22:36:5d:28:28:7d:63:15:c9:
77:e9:4a:e9:09:a2:39:87:39:23:7a:27:90:c5:89:
f4:5b:21:69:4e:8a:cf:2b:98:72:a2:ee:45:32:08:
df:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:43:A1:93:0D:9F:79:57:AE:75:94:2B:62:12:1A:1C:96:91:D4
X509v3 Authority Key Identifier:
keyid:7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/gaRDoZMNn3lXrnWUK2ISGhyWkdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.152.0/22
IPv6:
2a0f:d600::/29
Signature Algorithm: sha256WithRSAEncryption
89:e0:ed:4a:2c:82:1e:fa:9b:c5:bc:db:54:5a:e2:30:42:5a:
b4:40:14:d8:9f:6e:80:fe:38:aa:ca:c8:27:46:ac:56:57:81:
2b:46:d8:d3:12:e9:67:5a:81:31:9d:c4:81:34:2e:d9:fe:88:
40:1e:a7:87:c2:72:59:fd:f0:4a:d0:11:79:03:29:9c:76:14:
5b:5c:60:63:a3:3f:21:a4:12:bf:6a:fc:48:d0:4d:1a:7b:35:
2f:c2:c3:ca:89:51:d5:6c:a1:b0:1d:57:f6:5c:e7:ae:4b:b9:
c9:79:1e:2b:92:08:5a:53:17:b9:e8:07:62:8f:f9:c4:93:31:
5e:69:dd:85:c3:04:a9:81:6e:38:10:75:3e:41:02:f1:3d:ea:
aa:e1:c1:04:28:6c:40:c9:7a:db:2e:14:14:05:37:58:ec:c0:
1a:44:be:b7:d9:ab:4b:c7:69:ba:a7:7f:b4:45:c0:10:82:00:
75:d9:06:87:a4:ac:fc:5f:64:e4:82:55:2b:a9:9b:52:d4:5a:
05:99:cb:24:f9:7a:b8:00:6b:8c:2d:6b:e4:d9:7a:33:f6:00:
01:b5:07:70:f2:c3:2d:6c:4d:62:44:7d:ad:14:d9:94:fd:ca:
87:28:9e:3c:4d:5c:c2:17:f4:dc:73:fd:70:79:9c:cf:e1:5e:
a9:f4:da:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYileLhTBWvZcEhjVl2JcY05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjY3NzllNjJiNDYxMjg4N2ZlNmY4ZDRlOWMwZTM3MzFm
NmUxMDgwHhcNMjMwNjEwMTMyMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE0NDNhMTkzMGQ5Zjc5NTdhZTc1OTQyYjYyMTIxYTFjOTY5MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucUidCbK0kgKdlD3pRGnjDvOsn8Q
52iTgbRasuUR+2ejwgnInQL5+klq2+fw6TqLKSCjSjASCUrcglqVzR8Ad5YX55bP
DdKjbzBBjryRNHm6iOHaQg9ykPFgvr7j55Vf5D4pfr89Qazb8FeRgEEASMZUCgvt
F9In3BIVrnqX8wP2ZxUSaiU4usczvtXEPd6GgPi4TXN6zkbkjTZvsUihp6SoIjlv
IU219UbHYym1CLUZHar6gn1q+p5tkmjKo84At5BJSQb69nlDHMttLC4GD7f0Trpa
h8EiNl0oKH1jFcl36UrpCaI5hzkjeieQxYn0WyFpTorPK5hyou5FMgjfWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIGkQ6GTDZ95V651lCtiEhoclpHUMB8GA1UdIwQY
MBaAFHr2d55itGEoh/5vjU6cDjcx9uEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUt
NzkwNzc1Yzc3OWM1LzEvZ2FSRG9aTU5uM2xYcm5XVUsySVNHaHlXa2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUtNzkwNzc1Yzc3OWM1
LzEvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZaYMA0E
AgACMAcDBQMqD9YAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ4O1KLIIe+pvFvNtUWuIw
Qlq0QBTYn26A/jiqysgnRqxWV4ErRtjTEulnWoExncSBNC7Z/ohAHqeHwnJZ/fBK
0BF5AymcdhRbXGBjoz8hpBK/avxI0E0aezUvwsPKiVHVbKGwHVf2XOeuS7nJeR4r
kghaUxe56Adij/nEkzFead2FwwSpgW44EHU+QQLxPeqq4cEEKGxAyXrbLhQUBTdY
7MAaRL632atLx2m6p3+0RcAQggB12QaHpKz8X2TkglUrqZtS1FoFmcsk+Xq4AGuM
LWvk2Xoz9gABtQdw8sMtbE1iRH2tFNmU/cqHKJ48TVzCF/Tcc/1weZzP4V6p9Nq4
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:59 2024 by rpki-client on console.sobornost.net