Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/Cf4VBNi_R7OpzAtb3vf93nEepGw.roa
File: Cf4VBNi_R7OpzAtb3vf93nEepGw.roa (raw, json)
Hash identifier: gmiNf22M+C3cyLp4bPWE6qyDI45/LYeb4J/ASL6kq0E=
Subject key identifier: 09:FE:15:04:D8:BF:47:B3:A9:CC:0B:5B:DE:F7:FD:DE:71:1E:A4:6C
Certificate issuer: /CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Certificate serial: 01870D9B2FD77B94800AE3F5B32F2371429D
Authority key identifier: 87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/Cf4VBNi_R7OpzAtb3vf93nEepGw.roa
Signing time: Thu 23 Mar 2023 08:34:46 +0000
ROA not before: Thu 23 Mar 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201395
IP address blocks: 176.105.240.0/22 maxlen: 22
2a0d:cec0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:9b:2f:d7:7b:94:80:0a:e3:f5:b3:2f:23:71:42:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Validity
Not Before: Mar 23 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09fe1504d8bf47b3a9cc0b5bdef7fdde711ea46c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:ee:ba:5b:a9:15:63:c8:c9:3a:c6:fd:42:
3c:8b:7b:68:55:fc:cc:c7:cb:b4:53:cd:fc:15:1b:
77:80:0b:92:c4:07:fd:66:77:4f:13:7d:fa:ae:de:
3a:33:5b:26:54:65:bb:a1:3c:03:5f:e5:f4:99:18:
5b:d0:b8:34:ff:f7:7e:68:db:d0:0c:08:b0:34:ec:
a0:8f:ae:00:b2:d2:6f:9c:87:0a:02:7d:e2:2a:90:
49:92:ee:71:de:69:58:9e:68:bc:6c:e3:ec:ba:3f:
14:48:c1:3c:0a:73:c1:03:48:4a:d4:b9:c9:3f:43:
5d:ff:b9:8c:07:91:a2:81:03:f9:38:26:19:04:31:
fc:45:7e:f1:3d:c7:c0:cd:ea:a1:8f:9a:47:2f:fe:
9c:d0:af:e6:0f:29:ee:d0:ad:90:93:1d:2f:a4:eb:
49:bb:39:b9:a1:47:72:c5:82:ea:6e:7f:b2:ca:73:
47:74:57:1b:ce:17:03:c4:c2:71:17:31:69:f4:b1:
52:8d:38:a1:13:4e:61:60:f1:36:be:f1:7d:cc:86:
41:b5:f9:28:a4:4d:a5:32:16:7c:b3:29:dd:ad:7d:
99:c4:aa:74:eb:a3:61:6a:29:7b:7a:ab:db:3b:f8:
c5:9a:71:b3:8f:d3:4f:6d:09:db:39:2c:6c:1e:75:
62:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FE:15:04:D8:BF:47:B3:A9:CC:0B:5B:DE:F7:FD:DE:71:1E:A4:6C
X509v3 Authority Key Identifier:
keyid:87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/Cf4VBNi_R7OpzAtb3vf93nEepGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.240.0/22
IPv6:
2a0d:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:d0:8f:fc:df:34:d7:99:26:d6:0f:2b:45:50:1c:41:4a:4d:
6e:ed:fb:e7:69:38:ef:62:b1:b4:8b:25:be:38:cd:93:9c:54:
42:79:09:f4:53:c1:34:8e:e4:e1:c6:3f:2b:14:4e:fc:0d:3e:
62:61:8c:66:0e:cf:30:95:46:89:3c:e5:28:f7:31:65:06:f5:
f9:8f:20:6f:f0:dc:27:69:14:42:84:da:18:91:86:65:07:96:
b7:d4:bf:bc:aa:7f:78:e9:31:7d:89:ee:f5:1c:a4:71:d8:86:
d0:84:30:8f:f2:1c:ca:8c:0c:ff:e3:5b:74:cd:f0:37:f2:62:
61:3c:2d:39:49:74:00:bd:f8:09:ae:8e:33:94:98:e5:54:c3:
47:66:46:92:97:a8:00:51:a9:95:e0:b7:b9:7b:6e:49:14:6d:
68:72:47:f0:6d:1f:6c:cf:bb:79:46:51:a8:7d:8a:85:3f:17:
19:bb:72:99:82:33:00:c5:f1:82:5f:f2:75:ad:e0:5b:05:d0:
25:0a:6c:58:f7:97:79:39:3d:7c:ff:18:aa:17:a8:c7:bd:5e:
d9:ec:59:0a:16:f7:56:f9:b4:7b:f3:a2:06:8c:9d:ce:29:3b:
95:82:55:06:a3:32:bd:27:5e:62:54:f0:f5:c4:1e:e4:4c:7c:
e0:d2:90:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcNmy/Xe5SACuP1sy8jcUKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YjkzMTM3NTNiYzA5MzFhZjQzOTNkYmRhMDA5YjBmZjQ1
ZWM3YzIwHhcNMjMwMzIzMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZlMTUwNGQ4YmY0N2IzYTljYzBiNWJkZWY3ZmRkZTcxMWVhNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGHuulupFWPIyTrG/UI8i3toVfzM
x8u0U838FRt3gAuSxAf9ZndPE336rt46M1smVGW7oTwDX+X0mRhb0Lg0//d+aNvQ
DAiwNOygj64AstJvnIcKAn3iKpBJku5x3mlYnmi8bOPsuj8USME8CnPBA0hK1LnJ
P0Nd/7mMB5GigQP5OCYZBDH8RX7xPcfAzeqhj5pHL/6c0K/mDynu0K2Qkx0vpOtJ
uzm5oUdyxYLqbn+yynNHdFcbzhcDxMJxFzFp9LFSjTihE05hYPE2vvF9zIZBtfko
pE2lMhZ8syndrX2ZxKp066Nhail7eqvbO/jFmnGzj9NPbQnbOSxsHnViTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAn+FQTYv0ezqcwLW973/d5xHqRsMB8GA1UdIwQY
MBaAFIe5MTdTvAkxr0OT29oAmw/0XsfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODIt
N2Q2ODM2NmI1OWI3LzEvQ2Y0VkJOaV9SN09wekF0YjN2ZjkzbkVlcEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODItN2Q2ODM2NmI1OWI3
LzEvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsGnwMA0E
AgACMAcDBQMqDc7AMA0GCSqGSIb3DQEBCwUAA4IBAQCy0I/83zTXmSbWDytFUBxB
Sk1u7fvnaTjvYrG0iyW+OM2TnFRCeQn0U8E0juThxj8rFE78DT5iYYxmDs8wlUaJ
POUo9zFlBvX5jyBv8NwnaRRChNoYkYZlB5a31L+8qn946TF9ie71HKRx2IbQhDCP
8hzKjAz/41t0zfA38mJhPC05SXQAvfgJro4zlJjlVMNHZkaSl6gAUamV4Le5e25J
FG1ockfwbR9sz7t5RlGofYqFPxcZu3KZgjMAxfGCX/J1reBbBdAlCmxY95d5OT18
/xiqF6jHvV7Z7FkKFvdW+bR786IGjJ3OKTuVglUGozK9J15iVPD1xB7kTHzg0pAT
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:42 2024 by rpki-client on console.sobornost.net