Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/dSDBLwv7MG2w5iO3C37Nmq3w5q8.roa
File: dSDBLwv7MG2w5iO3C37Nmq3w5q8.roa (raw, json)
Hash identifier: 2M1q7W32NHYHpf3E7Sv56ZfADZzWLeNQRRUDae1Xv8g=
Subject key identifier: 75:20:C1:2F:0B:FB:30:6D:B0:E6:23:B7:0B:7E:CD:9A:AD:F0:E6:AF
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 01856C65E0E1BD45B16FC9E41E3762D98CF0
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/dSDBLwv7MG2w5iO3C37Nmq3w5q8.roa
Signing time: Sun 01 Jan 2023 08:14:54 +0000
ROA not before: Sun 01 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 77.221.46.0/23 maxlen: 23
77.221.46.0/24 maxlen: 24
77.221.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e0:e1:bd:45:b1:6f:c9:e4:1e:37:62:d9:8c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7520c12f0bfb306db0e623b70b7ecd9aadf0e6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8d:1f:59:ab:0b:ee:a3:f1:c7:ce:6b:c4:68:
41:47:48:3f:e0:8c:b5:c0:84:91:5d:85:9f:9d:a8:
6e:68:d5:56:a9:4a:0a:01:0b:3f:b0:1c:ab:b4:11:
9c:9f:0c:39:4f:5f:5f:17:fa:c6:91:6c:e7:10:0c:
68:09:2e:c8:f8:b1:60:6f:0e:c5:64:c2:da:f4:85:
17:5d:d7:5b:5a:e2:6e:27:d1:7a:95:9a:d0:d3:08:
6e:1b:f0:14:46:74:1d:b2:65:57:4a:c8:61:9d:7a:
b9:1f:04:42:19:f7:af:cd:b4:60:86:23:43:12:b4:
2d:59:8a:24:16:75:21:ac:40:ce:ba:b5:6e:9b:ce:
81:cf:57:b5:b8:92:af:7c:f9:65:57:aa:0d:9f:b5:
0a:7a:64:4b:9c:6c:7b:d7:10:c2:85:3f:a9:37:1e:
a3:27:ab:73:cb:a0:78:49:4d:8d:29:51:e7:e8:ca:
3a:d7:d1:bd:b6:a0:6b:49:5a:cb:0f:01:0b:62:50:
71:60:02:ba:69:24:ff:83:a8:c9:2a:cf:dc:c9:19:
a8:b3:11:e6:19:99:ae:1b:dd:ad:4d:db:bd:6d:91:
c2:52:2e:a9:1d:4c:12:e1:8f:2f:1d:05:42:5a:21:
64:c8:25:1e:13:c5:55:9a:34:37:be:c4:76:b5:3b:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:20:C1:2F:0B:FB:30:6D:B0:E6:23:B7:0B:7E:CD:9A:AD:F0:E6:AF
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/dSDBLwv7MG2w5iO3C37Nmq3w5q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.46.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:c3:dd:4f:82:0b:fa:bf:09:41:e7:13:4a:0c:b2:93:eb:41:
73:d7:a6:39:8a:c1:52:b0:70:94:82:b3:e2:c7:f8:f5:93:f0:
4c:2b:0b:b7:70:25:40:1d:1b:8e:39:d5:60:7b:a8:28:90:0e:
51:72:96:ce:f1:38:34:3c:6a:34:03:f4:f5:7a:9d:40:2b:02:
fb:6a:11:d5:90:d9:3a:92:55:f9:56:36:95:a0:1b:ba:84:66:
c1:b4:a3:17:b6:fe:17:a0:9c:c8:e3:b9:96:fd:ee:e5:17:9e:
4d:0e:38:23:56:c9:6e:65:28:40:f9:a9:8b:9a:f0:84:53:2c:
43:db:70:c7:1f:ce:ac:c3:67:37:64:97:10:ad:2a:71:fe:f5:
ce:de:3d:50:05:c1:e4:36:7a:3d:5c:db:cf:5d:5e:d5:4a:ac:
d5:1d:6d:0c:6d:68:3f:59:a3:08:a0:60:0f:01:db:73:81:ca:
5d:25:a6:e7:e8:75:2c:f8:ab:4e:80:5e:2d:24:e4:9b:14:47:
84:07:53:a6:02:40:80:87:28:19:60:b0:ea:18:8c:61:19:f7:
56:7f:ff:05:ab:06:d8:a9:da:23:e3:14:34:d0:a3:38:56:47:
62:0d:42:e0:3d:90:f1:43:68:9b:09:6c:7e:be:bb:7f:9b:e3:
ae:a4:81:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZeDhvUWxb8nkHjdi2YzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIwYzEyZjBiZmIzMDZkYjBlNjIzYjcwYjdlY2Q5YWFkZjBlNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY0fWasL7qPxx85rxGhBR0g/4Iy1
wISRXYWfnahuaNVWqUoKAQs/sByrtBGcnww5T19fF/rGkWznEAxoCS7I+LFgbw7F
ZMLa9IUXXddbWuJuJ9F6lZrQ0whuG/AURnQdsmVXSshhnXq5HwRCGfevzbRghiND
ErQtWYokFnUhrEDOurVum86Bz1e1uJKvfPllV6oNn7UKemRLnGx71xDChT+pNx6j
J6tzy6B4SU2NKVHn6Mo619G9tqBrSVrLDwELYlBxYAK6aST/g6jJKs/cyRmosxHm
GZmuG92tTdu9bZHCUi6pHUwS4Y8vHQVCWiFkyCUeE8VVmjQ3vsR2tTtNdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUgwS8L+zBtsOYjtwt+zZqt8OavMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvZFNEQkx3djdNRzJ3NWlPM0MzN05tcTN3NXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTd0uMA0G
CSqGSIb3DQEBCwUAA4IBAQBqw91Pggv6vwlB5xNKDLKT60Fz16Y5isFSsHCUgrPi
x/j1k/BMKwu3cCVAHRuOOdVge6gokA5RcpbO8Tg0PGo0A/T1ep1AKwL7ahHVkNk6
klX5VjaVoBu6hGbBtKMXtv4XoJzI47mW/e7lF55NDjgjVsluZShA+amLmvCEUyxD
23DHH86sw2c3ZJcQrSpx/vXO3j1QBcHkNno9XNvPXV7VSqzVHW0MbWg/WaMIoGAP
AdtzgcpdJabn6HUs+KtOgF4tJOSbFEeEB1OmAkCAhygZYLDqGIxhGfdWf/8FqwbY
qdoj4xQ00KM4VkdiDULgPZDxQ2ibCWx+vrt/m+OupIGf
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:31 2024 by rpki-client on console.sobornost.net