Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/c7z9mVnXmu6MyX96DeFDE_65x1c.roa
File: c7z9mVnXmu6MyX96DeFDE_65x1c.roa (raw, json)
Hash identifier: giN4qUtTCzOhCmOkMR66U2GQ2BBgjt/cexAzU0tDyJM=
Subject key identifier: 73:BC:FD:99:59:D7:9A:EE:8C:C9:7F:7A:0D:E1:43:13:FE:B9:C7:57
Certificate issuer: /CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Certificate serial: 01857067300FBFD4DF8C1B7B30DBD6274EED
Authority key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/c7z9mVnXmu6MyX96DeFDE_65x1c.roa
Signing time: Mon 02 Jan 2023 02:54:48 +0000
ROA not before: Mon 02 Jan 2023 02:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212138
IP address blocks: 192.145.104.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:30:0f:bf:d4:df:8c:1b:7b:30:db:d6:27:4e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Validity
Not Before: Jan 2 02:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73bcfd9959d79aee8cc97f7a0de14313feb9c757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:dc:c1:aa:a5:28:03:81:26:57:8b:b1:31:0e:
f9:14:bf:c9:75:1f:17:57:f8:1a:ff:83:fd:72:df:
e7:fe:73:5d:83:8c:76:13:bf:39:65:d8:2a:40:82:
db:1b:cb:13:71:a1:bc:44:68:f7:88:a7:57:71:8b:
7b:52:31:a7:22:3d:00:83:99:49:be:66:ef:78:61:
68:d7:76:e7:50:24:a3:77:8d:38:8e:6a:d0:9c:b1:
7d:8e:df:29:da:a3:5e:bb:aa:83:99:83:2b:52:b7:
64:33:95:23:c9:26:89:b9:18:e0:05:7b:79:8b:85:
8b:ab:0a:16:b0:73:db:34:cb:51:06:28:9f:90:34:
8b:03:0e:0d:d7:42:48:7f:96:c7:cf:ed:da:11:02:
eb:d6:8f:09:ed:dc:77:36:4e:ca:d0:9a:af:82:b0:
33:c5:ee:f1:84:58:8e:83:27:0b:2f:a0:06:6f:7b:
6f:81:2e:17:96:f6:ba:d3:e9:41:0e:87:9b:62:b0:
47:75:94:55:3c:f1:43:47:9b:5e:f5:38:57:c1:43:
a3:06:a0:f5:d1:31:d6:33:c1:03:23:39:63:a1:22:
af:5a:64:d3:a5:06:0e:e0:72:45:da:bb:b1:14:aa:
8c:f8:c6:41:7b:a3:c5:56:12:46:cd:6b:98:60:f7:
5c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BC:FD:99:59:D7:9A:EE:8C:C9:7F:7A:0D:E1:43:13:FE:B9:C7:57
X509v3 Authority Key Identifier:
keyid:4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/c7z9mVnXmu6MyX96DeFDE_65x1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.104.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0b:66:92:9f:88:01:3c:04:4a:a4:9a:74:eb:7b:9b:f0:55:
d9:87:e8:2e:37:e8:9f:f7:c7:2f:24:19:54:fe:8d:2c:68:1e:
82:8f:80:0f:3a:b3:04:4c:36:a8:0d:61:57:00:53:1e:ab:02:
e5:0a:90:13:fd:5d:86:f3:f7:1d:ed:0d:c7:d7:03:8a:10:56:
e2:43:fc:05:3e:8e:15:de:a4:7a:64:df:7f:23:be:db:f7:e2:
c0:9a:21:21:f8:dd:bb:73:30:15:f6:cb:33:67:7c:8f:20:cc:
0b:d1:2f:8a:93:09:a1:74:75:e7:bb:00:fb:d3:eb:d2:a4:d1:
3e:46:a3:1a:42:e1:67:f3:16:b1:7e:bb:15:f8:cb:2e:e6:33:
45:7f:70:51:f2:a5:42:26:63:66:52:6f:57:43:ca:6e:73:8a:
4e:f3:b0:3d:6e:79:47:90:a8:33:cc:ce:ca:4e:a6:b0:47:dd:
2b:ac:80:8a:21:92:89:88:c8:85:02:2a:e8:87:ff:9f:20:40:
01:22:59:75:f4:36:e3:fa:0e:19:9f:d8:d5:1a:e2:ce:f6:47:
25:e4:b1:f0:a1:68:4e:b7:e6:e8:9b:3a:fa:ab:38:fb:be:7a:
61:e9:d5:d0:70:96:cf:c2:06:ca:df:96:0f:45:51:fb:58:a1:
eb:27:5d:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZzAPv9TfjBt7MNvWJ07tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzIwNjZkN2U2Y2E4YWQyZmZhNjJhNjliMDY3OTIzYTQy
ZGY5NmYwHhcNMjMwMTAyMDI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JjZmQ5OTU5ZDc5YWVlOGNjOTdmN2EwZGUxNDMxM2ZlYjljNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtzBqqUoA4EmV4uxMQ75FL/JdR8X
V/ga/4P9ct/n/nNdg4x2E785ZdgqQILbG8sTcaG8RGj3iKdXcYt7UjGnIj0Ag5lJ
vmbveGFo13bnUCSjd404jmrQnLF9jt8p2qNeu6qDmYMrUrdkM5UjySaJuRjgBXt5
i4WLqwoWsHPbNMtRBiifkDSLAw4N10JIf5bHz+3aEQLr1o8J7dx3Nk7K0JqvgrAz
xe7xhFiOgycLL6AGb3tvgS4Xlva60+lBDoebYrBHdZRVPPFDR5te9ThXwUOjBqD1
0THWM8EDIzljoSKvWmTTpQYO4HJF2ruxFKqM+MZBe6PFVhJGzWuYYPdctwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHO8/ZlZ15rujMl/eg3hQxP+ucdXMB8GA1UdIwQY
MBaAFEtyBm1+bKitL/pippsGeSOkLflvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQt
MWY2OTkxODc3YjI2LzEvYzd6OW1WblhtdTZNeVg5NkRlRkRFXzY1eDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQtMWY2OTkxODc3YjI2
LzEvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMA0G
CSqGSIb3DQEBCwUAA4IBAQBiC2aSn4gBPARKpJp063ub8FXZh+guN+if98cvJBlU
/o0saB6Cj4APOrMETDaoDWFXAFMeqwLlCpAT/V2G8/cd7Q3H1wOKEFbiQ/wFPo4V
3qR6ZN9/I77b9+LAmiEh+N27czAV9sszZ3yPIMwL0S+KkwmhdHXnuwD70+vSpNE+
RqMaQuFn8xaxfrsV+Msu5jNFf3BR8qVCJmNmUm9XQ8puc4pO87A9bnlHkKgzzM7K
TqawR90rrICKIZKJiMiFAiroh/+fIEABIll19Dbj+g4Zn9jVGuLO9kcl5LHwoWhO
t+bomzr6qzj7vnph6dXQcJbPwgbK35YPRVH7WKHrJ12I
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:19 2024 by rpki-client on console.sobornost.net