Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/Zgc8pyJz8UkZpQGHMze7JNzR05c.roa
File: Zgc8pyJz8UkZpQGHMze7JNzR05c.roa (raw, json)
Hash identifier: BGDVRu/OMHMAJhWtTqVbY0QdcQbZIeT0ehBrErxsTuA=
Subject key identifier: 66:07:3C:A7:22:73:F1:49:19:A5:01:87:33:37:BB:24:DC:D1:D3:97
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018BECD7B5D2D7F0CA67C5ABEE906EC3E3BF
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/Zgc8pyJz8UkZpQGHMze7JNzR05c.roa
Signing time: Mon 20 Nov 2023 13:07:21 +0000
ROA not before: Mon 20 Nov 2023 13:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.168.0/24 maxlen: 24
62.182.169.0/24 maxlen: 24
62.182.170.0/24 maxlen: 24
62.182.171.0/24 maxlen: 24
62.182.174.0/24 maxlen: 24
194.15.153.0/24 maxlen: 24
194.15.154.0/24 maxlen: 24
194.15.155.0/24 maxlen: 24
83.97.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:d7:b5:d2:d7:f0:ca:67:c5:ab:ee:90:6e:c3:e3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 20 13:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66073ca72273f14919a501873337bb24dcd1d397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:53:47:01:7d:25:a8:44:fe:af:f7:f5:7e:7f:
ae:f5:42:03:93:db:44:77:d3:18:c5:8f:49:35:0e:
ce:40:3d:03:56:02:17:24:ca:ad:d0:46:35:7f:95:
b9:16:00:19:22:77:b1:7c:b3:9a:69:61:6d:00:d1:
cd:e1:0f:f5:7c:76:8b:3f:e0:17:fc:86:12:5e:39:
78:ea:72:a4:37:c1:ba:e2:2f:5d:75:bb:6c:e5:ba:
cb:eb:f4:47:dc:b0:f2:1a:c0:6f:4d:de:57:32:cb:
35:f7:82:60:9d:f3:44:6f:3b:6f:8f:9e:4a:b4:1b:
e8:05:02:ba:96:73:72:f4:ac:26:35:3d:d8:f5:a5:
cd:af:f1:ce:7f:e0:a2:38:7e:62:f1:c8:64:c8:b8:
52:91:b7:87:2e:4b:0e:d2:2d:4a:08:ff:dc:f8:64:
f4:93:c3:f0:02:5e:e4:c8:11:7a:ea:1d:55:1f:a8:
97:b0:f3:50:ba:13:cf:7d:5b:67:9a:05:3c:14:75:
b7:89:9a:8a:24:17:1b:ab:71:ba:0f:de:4f:15:3c:
15:5c:37:f0:92:07:6a:9d:30:11:a0:73:d6:e8:5a:
a5:fc:14:d1:43:b8:fc:5d:87:d4:4d:c1:2e:b7:a1:
0d:51:45:38:72:42:89:9d:7d:f3:7d:f4:e6:70:f1:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:07:3C:A7:22:73:F1:49:19:A5:01:87:33:37:BB:24:DC:D1:D3:97
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/Zgc8pyJz8UkZpQGHMze7JNzR05c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/22
62.182.174.0/24
83.97.96.0/22
194.15.153.0-194.15.155.255
Signature Algorithm: sha256WithRSAEncryption
98:c2:37:4b:bb:81:c4:77:fd:dd:13:00:38:3a:9c:46:99:95:
38:0c:f0:98:09:80:ba:a6:f5:13:49:fa:8b:0f:8d:04:d6:1b:
08:d1:01:dd:5a:68:13:1b:e4:93:f5:15:bd:40:90:93:89:f5:
31:ad:2d:88:38:6d:1b:00:33:28:17:d9:ec:63:24:32:4d:d3:
dc:67:86:54:30:f9:7f:d8:3b:51:c3:14:ff:49:48:ea:c2:04:
b9:f8:fc:d3:7f:51:94:f0:8b:f1:6b:42:ac:18:ed:f5:d8:bc:
42:a2:a3:e4:09:f4:d4:f4:a5:b0:bc:d5:3e:5c:7f:42:d3:ac:
a5:8e:9c:06:bc:81:2c:a0:34:8f:f7:6b:14:c9:9b:aa:c7:aa:
20:d2:86:50:9e:50:27:69:07:84:fb:6a:40:ee:c5:17:9b:11:
8c:12:73:26:a1:19:b6:de:3c:a5:7a:97:61:ba:13:1c:cb:39:
8a:8c:0f:4c:83:0c:3b:e0:da:da:d6:2c:14:02:96:54:a3:79:
2a:d7:d3:7c:c8:93:c4:87:90:a3:a9:27:1c:7c:bb:1e:51:01:
84:d8:3e:9b:a8:25:5c:55:ea:41:7c:06:6f:ab:6c:b8:a0:54:
ed:a1:b8:58:6d:7d:f7:0f:ec:f3:36:15:f4:aa:47:c1:81:30:
ca:70:55:50
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvs17XS1/DKZ8Wr7pBuw+O/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMxMTIwMTMwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA3M2NhNzIyNzNmMTQ5MTlhNTAxODczMzM3YmIyNGRjZDFkMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVNHAX0lqET+r/f1fn+u9UIDk9tE
d9MYxY9JNQ7OQD0DVgIXJMqt0EY1f5W5FgAZInexfLOaaWFtANHN4Q/1fHaLP+AX
/IYSXjl46nKkN8G64i9ddbts5brL6/RH3LDyGsBvTd5XMss194JgnfNEbztvj55K
tBvoBQK6lnNy9KwmNT3Y9aXNr/HOf+CiOH5i8chkyLhSkbeHLksO0i1KCP/c+GT0
k8PwAl7kyBF66h1VH6iXsPNQuhPPfVtnmgU8FHW3iZqKJBcbq3G6D95PFTwVXDfw
kgdqnTARoHPW6Fql/BTRQ7j8XYfUTcEut6ENUUU4ckKJnX3zffTmcPGarQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGYHPKcic/FJGaUBhzM3uyTc0dOXMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvWmdjOHB5Sno4VWtacFFHSE16ZTdKTnpSMDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCPraoAwQA
PrauAwQCU2FgMAwDBADCD5kDBALCD5gwDQYJKoZIhvcNAQELBQADggEBAJjCN0u7
gcR3/d0TADg6nEaZlTgM8JgJgLqm9RNJ+osPjQTWGwjRAd1aaBMb5JP1Fb1AkJOJ
9TGtLYg4bRsAMygX2exjJDJN09xnhlQw+X/YO1HDFP9JSOrCBLn4/NN/UZTwi/Fr
QqwY7fXYvEKio+QJ9NT0pbC81T5cf0LTrKWOnAa8gSygNI/3axTJm6rHqiDShlCe
UCdpB4T7akDuxRebEYwScyahGbbePKV6l2G6ExzLOYqMD0yDDDvg2trWLBQCllSj
eSrX03zIk8SHkKOpJxx8ux5RAYTYPpuoJVxV6kF8Bm+rbLigVO2huFhtffcP7PM2
FfSqR8GBMMpwVVA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net