Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/CszwcRTXrlSDTuKh9_lUz58WGAQ.roa
File: CszwcRTXrlSDTuKh9_lUz58WGAQ.roa (raw, json)
Hash identifier: m2/HRmiFa0O9HvV+i6ZkZ2zCDe6+4KhGIT1uLi/c3XQ=
Subject key identifier: 0A:CC:F0:71:14:D7:AE:54:83:4E:E2:A1:F7:F9:54:CF:9F:16:18:04
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 01856C65DF324C7C2ED1071F7FF03734C5C2
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/CszwcRTXrlSDTuKh9_lUz58WGAQ.roa
Signing time: Sun 01 Jan 2023 08:14:53 +0000
ROA not before: Sun 01 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12301
IP address blocks: 77.221.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:df:32:4c:7c:2e:d1:07:1f:7f:f0:37:34:c5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0accf07114d7ae54834ee2a1f7f954cf9f161804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:97:e7:a7:7b:d2:bc:d9:dd:c5:3f:c7:53:
e4:4f:63:c3:95:73:7c:b3:cf:6a:ec:c9:21:f7:a1:
ff:66:54:fc:ee:29:f8:81:bd:f8:e1:d2:df:b4:88:
04:27:f7:7d:62:c7:2f:b0:a4:d5:33:10:b2:ec:07:
95:b4:20:4c:9b:4a:17:24:af:8d:54:2e:9d:a2:74:
d7:f5:90:30:95:a9:5d:d2:a2:39:ae:58:24:fa:36:
db:1a:2b:85:70:0f:cb:55:b1:e7:ab:db:a6:33:24:
cb:78:bf:95:03:81:2a:5b:c1:df:57:ef:ea:ae:22:
4d:7b:4a:50:30:35:dd:69:b9:96:b4:f4:c5:1e:27:
d4:ea:e6:b6:38:66:45:bd:28:5c:ec:66:47:79:bd:
ba:c3:ec:35:6d:ca:02:6f:e0:93:0f:f8:47:4b:a3:
32:36:e9:b4:ff:67:c5:09:20:c3:f4:97:0c:1d:b4:
f2:ec:1d:9d:dc:f0:3a:57:af:b0:bf:a8:82:2c:1e:
b8:ec:70:28:17:97:23:bd:7a:10:2f:a4:63:a8:c2:
16:4a:d4:e2:05:b6:3f:7d:fb:0a:78:8b:e3:68:63:
c8:8a:3c:7a:36:8d:a4:19:fd:44:5c:b6:70:6a:a1:
4e:8e:08:fd:7c:18:5f:77:59:1e:79:7a:73:4a:6a:
d5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CC:F0:71:14:D7:AE:54:83:4E:E2:A1:F7:F9:54:CF:9F:16:18:04
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/CszwcRTXrlSDTuKh9_lUz58WGAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.32.0/20
Signature Algorithm: sha256WithRSAEncryption
87:c4:40:e4:65:26:9a:68:a3:13:75:07:d0:2d:1a:0e:5d:22:
19:18:f6:72:9b:1d:86:a1:36:06:7e:8d:67:57:7e:61:e4:ce:
73:51:e1:cb:ff:9f:10:e0:b8:c6:1d:05:63:ce:74:b0:72:eb:
77:87:6d:8c:ae:ff:74:b2:80:a2:dc:fd:1d:ef:be:eb:e8:4f:
4d:a3:9c:3c:04:a6:9f:34:50:d6:22:8e:2b:63:94:80:53:f0:
93:68:64:2b:10:22:b3:b8:e3:fb:ff:46:b7:94:75:95:c0:7f:
c3:fa:87:6c:e8:a2:fa:a6:14:12:28:9e:2e:3f:6e:1b:7f:a4:
0d:7c:0f:1f:11:b7:a2:68:db:de:e9:b5:65:a0:55:1a:2e:cc:
3b:91:fa:bc:4a:53:6f:06:4a:df:87:9d:86:53:8a:ec:26:de:
c3:13:02:4b:a8:83:d0:38:fc:c7:8e:ba:23:0a:4b:6c:f4:54:
ab:07:9a:4c:69:8d:83:61:b6:b2:e6:0b:5e:68:5d:34:d3:93:
e3:70:5a:98:f7:c2:b0:44:64:79:0d:3c:99:0a:be:7e:c8:54:
11:e8:ce:c5:34:d0:f2:67:41:2e:08:ff:c5:22:7b:46:69:4a:
65:b9:dd:2e:73:e6:cb:23:7b:a3:66:6f:e7:83:d1:79:94:58:
76:ff:3a:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZd8yTHwu0Qcff/A3NMXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjMwMTAxMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNjZjA3MTE0ZDdhZTU0ODM0ZWUyYTFmN2Y5NTRjZjlmMTYxODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn6X56d70rzZ3cU/x1PkT2PDlXN8
s89q7Mkh96H/ZlT87in4gb344dLftIgEJ/d9YscvsKTVMxCy7AeVtCBMm0oXJK+N
VC6donTX9ZAwlald0qI5rlgk+jbbGiuFcA/LVbHnq9umMyTLeL+VA4EqW8HfV+/q
riJNe0pQMDXdabmWtPTFHifU6ua2OGZFvShc7GZHeb26w+w1bcoCb+CTD/hHS6My
Num0/2fFCSDD9JcMHbTy7B2d3PA6V6+wv6iCLB647HAoF5cjvXoQL6RjqMIWStTi
BbY/ffsKeIvjaGPIijx6No2kGf1EXLZwaqFOjgj9fBhfd1keeXpzSmrVFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArM8HEU165Ug07ioff5VM+fFhgEMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvQ3N6d2NSVFhybFNEVHVLaDlfbFV6NThXR0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETd0gMA0G
CSqGSIb3DQEBCwUAA4IBAQCHxEDkZSaaaKMTdQfQLRoOXSIZGPZymx2GoTYGfo1n
V35h5M5zUeHL/58Q4LjGHQVjznSwcut3h22Mrv90soCi3P0d777r6E9No5w8BKaf
NFDWIo4rY5SAU/CTaGQrECKzuOP7/0a3lHWVwH/D+ods6KL6phQSKJ4uP24bf6QN
fA8fEbeiaNve6bVloFUaLsw7kfq8SlNvBkrfh52GU4rsJt7DEwJLqIPQOPzHjroj
Ckts9FSrB5pMaY2DYbay5gteaF0005PjcFqY98KwRGR5DTyZCr5+yFQR6M7FNNDy
Z0EuCP/FIntGaUplud0uc+bLI3ujZm/ng9F5lFh2/zpr
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:31 2024 by rpki-client on console.sobornost.net