Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/T6Q-ORDxn8oSKHToyTSoOfoZfQs.roa
File: T6Q-ORDxn8oSKHToyTSoOfoZfQs.roa (raw, json)
Hash identifier: OJKahlcqa4Mrwh9jwq04pT1FJ4GvIlbmNa6+8AxrwOA=
Subject key identifier: 4F:A4:3E:39:10:F1:9F:CA:12:28:74:E8:C9:34:A8:39:FA:19:7D:0B
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 01856C65E200A4535044D602F0D192CCFCF3
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/T6Q-ORDxn8oSKHToyTSoOfoZfQs.roa
Signing time: Sun 01 Jan 2023 08:14:54 +0000
ROA not before: Sun 01 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39679
IP address blocks: 77.221.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e2:00:a4:53:50:44:d6:02:f0:d1:92:cc:fc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fa43e3910f19fca122874e8c934a839fa197d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:36:e7:b0:b6:69:11:4c:75:d3:22:f4:fe:a8:
15:ae:66:45:16:50:f8:14:d6:6b:9e:7c:6f:c5:71:
32:cf:8d:13:22:86:0a:eb:05:11:cf:1c:49:c7:ef:
e2:75:b5:47:19:7b:44:b6:6b:7f:2d:2f:02:bd:1a:
03:79:aa:a5:56:42:ea:8e:ab:f4:90:38:e7:12:f0:
92:07:e2:c6:a9:b9:fb:ee:dd:0f:5c:27:3a:84:79:
8a:a7:bd:e7:b1:79:c9:34:bc:47:9c:bf:11:1b:26:
81:ef:5d:c5:d4:aa:c1:18:19:8f:e6:5c:69:a5:b5:
40:64:e6:69:cc:96:36:5a:e4:64:13:28:a8:4d:d2:
fe:17:99:84:cb:4b:f4:5d:88:30:70:ab:f9:59:ba:
a6:0c:0e:77:1a:7e:98:17:e5:0e:78:40:7d:9b:6b:
5f:0f:24:38:0a:9b:e3:0b:fb:a0:db:b5:0e:3c:77:
45:01:a2:5b:92:53:a5:99:ad:83:fb:7a:1a:32:9c:
1c:9a:6b:ae:60:99:1e:f4:89:d9:47:4c:cd:61:40:
d7:e4:1d:cf:9c:50:1a:5c:13:db:52:ab:fc:d6:e8:
a9:d7:e2:ee:a9:7c:25:69:17:0c:01:96:b3:85:51:
63:5b:cf:58:8f:05:88:af:e0:39:c2:06:ab:7e:7d:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A4:3E:39:10:F1:9F:CA:12:28:74:E8:C9:34:A8:39:FA:19:7D:0B
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/T6Q-ORDxn8oSKHToyTSoOfoZfQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.49.0/24
Signature Algorithm: sha256WithRSAEncryption
13:9f:a2:19:e0:f7:40:d0:54:be:f3:50:9a:05:3e:12:5b:74:
03:18:65:38:af:98:0f:f1:db:4a:05:bf:bb:69:43:87:6e:31:
b9:41:50:bd:4f:01:19:94:d0:42:1a:e3:4c:9e:53:da:e3:45:
4d:ee:c2:6e:94:df:0c:19:f5:e2:58:26:c6:f4:d3:23:21:c5:
59:e0:d3:0a:3f:fc:c4:76:8d:39:ee:bb:89:c8:7f:61:c6:de:
f8:62:3c:28:e4:c5:a9:e7:5d:09:2a:b4:65:33:32:2d:2f:4b:
81:73:ed:47:8b:f1:bc:b2:2c:48:04:8d:cc:c7:6e:de:78:20:
fd:ca:80:e4:15:7b:4e:8f:c7:14:b2:4d:58:0a:98:7b:fb:0a:
47:f9:9b:6e:c8:f7:09:c9:f4:2d:cb:da:e6:b3:98:49:24:81:
0a:8a:8e:a3:68:e7:6d:36:b8:bf:dc:f0:2d:b9:49:b7:a2:e3:
38:59:13:b3:a6:e8:7f:fa:c3:c6:62:98:5e:89:0f:42:e6:de:
bd:d9:86:d0:e9:64:90:e8:81:e9:33:da:c9:58:ce:a6:74:e8:
7d:b1:3e:61:3e:2c:f2:59:f8:d9:4d:f7:4d:d8:63:4e:7c:99:
b0:72:ec:e5:5d:1c:0f:6e:84:20:35:b9:22:aa:83:44:d3:00:
d3:bf:a7:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZeIApFNQRNYC8NGSzPzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE0M2UzOTEwZjE5ZmNhMTIyODc0ZThjOTM0YTgzOWZhMTk3ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTbnsLZpEUx10yL0/qgVrmZFFlD4
FNZrnnxvxXEyz40TIoYK6wURzxxJx+/idbVHGXtEtmt/LS8CvRoDeaqlVkLqjqv0
kDjnEvCSB+LGqbn77t0PXCc6hHmKp73nsXnJNLxHnL8RGyaB713F1KrBGBmP5lxp
pbVAZOZpzJY2WuRkEyioTdL+F5mEy0v0XYgwcKv5WbqmDA53Gn6YF+UOeEB9m2tf
DyQ4CpvjC/ug27UOPHdFAaJbklOlma2D+3oaMpwcmmuuYJke9InZR0zNYUDX5B3P
nFAaXBPbUqv81uip1+LuqXwlaRcMAZazhVFjW89YjwWIr+A5wgarfn2bBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+kPjkQ8Z/KEih06Mk0qDn6GX0LMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvVDZRLU9SRHhuOG9TS0hUb3lUU29PZm9aZlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATd0xMA0G
CSqGSIb3DQEBCwUAA4IBAQATn6IZ4PdA0FS+81CaBT4SW3QDGGU4r5gP8dtKBb+7
aUOHbjG5QVC9TwEZlNBCGuNMnlPa40VN7sJulN8MGfXiWCbG9NMjIcVZ4NMKP/zE
do057ruJyH9hxt74Yjwo5MWp510JKrRlMzItL0uBc+1Hi/G8sixIBI3Mx27eeCD9
yoDkFXtOj8cUsk1YCph7+wpH+ZtuyPcJyfQty9rms5hJJIEKio6jaOdtNri/3PAt
uUm3ouM4WROzpuh/+sPGYpheiQ9C5t692YbQ6WSQ6IHpM9rJWM6mdOh9sT5hPizy
WfjZTfdN2GNOfJmwcuzlXRwPboQgNbkiqoNE0wDTv6fH
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:31 2024 by rpki-client on console.sobornost.net