Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/etLGR7njGEC8mk2Ts3C268LkPzI.roa
File: etLGR7njGEC8mk2Ts3C268LkPzI.roa (raw, json)
Hash identifier: YfLP7Wxk5tlmsbXROT6W/rRiwxtnImCKL3JcqrhFUkM=
Subject key identifier: 7A:D2:C6:47:B9:E3:18:40:BC:9A:4D:93:B3:70:B6:EB:C2:E4:3F:32
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 018570FBC2BD5C5213585516A7DB5D365FF3
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/etLGR7njGEC8mk2Ts3C268LkPzI.roa
Signing time: Mon 02 Jan 2023 05:37:05 +0000
ROA not before: Mon 02 Jan 2023 05:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c2:bd:5c:52:13:58:55:16:a7:db:5d:36:5f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 2 05:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ad2c647b9e31840bc9a4d93b370b6ebc2e43f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0c:11:a3:e1:59:d8:8b:6f:9c:b3:20:68:70:
98:25:04:49:d6:60:db:a6:c6:42:a2:3c:bf:8c:4c:
01:bb:a2:08:b6:16:c7:13:28:cb:6d:de:2a:f1:30:
bc:3f:f2:e8:12:d9:2f:10:7a:b9:02:06:56:b0:5c:
33:6d:d6:04:b0:c7:17:bd:c0:cb:27:56:a5:6b:80:
3a:8a:ad:5a:9f:e3:e9:5a:a7:8d:f4:27:e1:a4:a2:
6f:e2:dc:6a:a3:46:55:aa:a0:16:69:c1:c3:7b:d8:
6b:ae:bf:da:44:50:1a:88:48:90:79:91:67:df:71:
f5:10:3e:5b:c4:6d:76:67:a2:1b:9c:08:32:f7:4f:
32:df:67:eb:f8:ea:2f:5f:3a:d6:0c:fe:13:63:5e:
e1:c5:6c:f4:59:51:36:07:48:f0:f6:a9:85:e8:25:
89:4d:28:95:0f:55:83:dd:37:98:da:96:10:0e:95:
37:1f:77:8d:45:74:08:38:f7:37:57:50:0f:bf:5a:
6d:ee:90:17:18:79:ce:f5:1b:eb:a1:d4:ca:3a:f9:
e7:6e:66:4d:57:f0:56:14:19:fe:75:6f:c0:98:55:
d3:9f:08:c2:fd:05:c2:3c:9d:05:23:19:40:2d:f7:
f5:2f:7d:b4:2f:35:e8:96:5d:38:0f:76:89:44:76:
5b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D2:C6:47:B9:E3:18:40:BC:9A:4D:93:B3:70:B6:EB:C2:E4:3F:32
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/etLGR7njGEC8mk2Ts3C268LkPzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
71:cc:f3:a7:86:98:5d:9b:53:fd:df:fb:5f:8d:d7:4f:6a:3e:
69:64:d7:19:10:3b:5b:61:b6:9e:fe:a1:a9:e1:12:f9:75:d6:
28:9e:be:12:f1:7e:60:2e:dd:78:77:77:6e:d0:a2:e1:3a:52:
72:a9:35:5c:fa:9a:e0:75:9e:d0:82:3f:83:7b:8e:f7:16:04:
ac:49:f9:d5:8b:b5:e2:db:fa:41:57:1f:93:43:f8:06:60:29:
19:b7:0b:9c:c0:01:73:bd:84:9b:f6:fc:25:4e:ac:38:2e:cd:
c5:db:5a:f0:c1:d6:bc:26:11:66:75:93:b5:c4:5d:c8:76:a1:
7a:9b:9c:02:d8:7e:31:11:b5:17:d9:60:22:50:ca:34:7a:c4:
4f:ae:a1:fd:0d:97:1e:16:25:d1:20:78:55:de:77:3d:23:82:
3d:ea:02:60:cb:06:9f:af:4a:09:29:52:f5:a3:aa:0f:66:c9:
ce:13:b7:e9:78:83:bf:24:a6:4e:2d:be:a5:30:ab:61:21:d1:
06:93:d6:6e:a4:b0:48:bc:89:36:da:2c:ba:b1:ab:ba:f0:a1:
8e:e6:3a:92:a0:f1:cb:ad:2c:e9:28:dc:ca:3f:4e:05:93:e0:
80:1f:db:e3:44:bc:92:84:45:77:4f:b2:d2:5a:08:ef:f0:be:
c3:d7:9f:c2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw+8K9XFITWFUWp9tdNl/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0
NDhmYjYwHhcNMjMwMTAyMDUzNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQyYzY0N2I5ZTMxODQwYmM5YTRkOTNiMzcwYjZlYmMyZTQzZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgwRo+FZ2ItvnLMgaHCYJQRJ1mDb
psZCojy/jEwBu6IIthbHEyjLbd4q8TC8P/LoEtkvEHq5AgZWsFwzbdYEsMcXvcDL
J1ala4A6iq1an+PpWqeN9CfhpKJv4txqo0ZVqqAWacHDe9hrrr/aRFAaiEiQeZFn
33H1ED5bxG12Z6IbnAgy908y32fr+OovXzrWDP4TY17hxWz0WVE2B0jw9qmF6CWJ
TSiVD1WD3TeY2pYQDpU3H3eNRXQIOPc3V1APv1pt7pAXGHnO9RvrodTKOvnnbmZN
V/BWFBn+dW/AmFXTnwjC/QXCPJ0FIxlALff1L320LzXoll04D3aJRHZbuQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHrSxke54xhAvJpNk7NwtuvC5D8yMB8GA1UdIwQY
MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt
M2I5ZTNjOGEyZmNhLzEvZXRMR1I3bmpHRUM4bWsyVHMzQzI2OExrUHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh
LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQD
UnCgAwQCuXzUAwQFweOgAwQF1a+gMA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEB
CwUAA4IBAQBxzPOnhphdm1P93/tfjddPaj5pZNcZEDtbYbae/qGp4RL5ddYonr4S
8X5gLt14d3du0KLhOlJyqTVc+prgdZ7Qgj+De473FgSsSfnVi7Xi2/pBVx+TQ/gG
YCkZtwucwAFzvYSb9vwlTqw4Ls3F21rwwda8JhFmdZO1xF3IdqF6m5wC2H4xEbUX
2WAiUMo0esRPrqH9DZceFiXRIHhV3nc9I4I96gJgywafr0oJKVL1o6oPZsnOE7fp
eIO/JKZOLb6lMKthIdEGk9ZupLBIvIk22iy6sau68KGO5jqSoPHLrSzpKNzKP04F
k+CAH9vjRLyShEV3T7LSWgjv8L7D15/C
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net