Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/OcRnEapsMjuNfCEvJW2_JTJITa4.roa
File: OcRnEapsMjuNfCEvJW2_JTJITa4.roa (raw, json)
Hash identifier: Rv3MA0kJKpzrwwqZtuBHhxUM0BkwrzGbAacKvZsdG7A=
Subject key identifier: 39:C4:67:11:AA:6C:32:3B:8D:7C:21:2F:25:6D:BF:25:32:48:4D:AE
Certificate issuer: /CN=36451a2ea40af1715e6313169468996aca71bb8a
Certificate serial: 018571279213093FA7FB42C00A72019EEF22
Authority key identifier: 36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/OcRnEapsMjuNfCEvJW2_JTJITa4.roa
Signing time: Mon 02 Jan 2023 06:24:56 +0000
ROA not before: Mon 02 Jan 2023 06:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31383
IP address blocks: 83.137.16.0/21 maxlen: 21
78.41.72.0/21 maxlen: 21
2001:4038::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:92:13:09:3f:a7:fb:42:c0:0a:72:01:9e:ef:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36451a2ea40af1715e6313169468996aca71bb8a
Validity
Not Before: Jan 2 06:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39c46711aa6c323b8d7c212f256dbf2532484dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d0:8c:f3:f3:d6:a6:d1:26:d4:be:ad:49:cb:
24:2c:94:07:d1:e2:6f:b2:b0:b6:76:ba:6b:18:d9:
b8:ed:59:45:94:0d:03:c0:ee:9b:b7:80:71:a2:0a:
65:cb:2d:2f:6d:75:05:84:b1:e2:81:0e:d6:23:2a:
88:02:cf:8d:fc:c9:39:e2:85:8f:a2:0a:44:5b:a2:
1f:e7:58:e0:03:f9:b6:e3:2c:bd:99:ab:21:5c:ad:
6c:ea:90:32:6e:44:58:91:ba:09:6a:5e:40:73:13:
ef:c8:c4:37:99:be:56:ff:40:ef:89:82:40:1a:06:
c1:61:33:9e:b8:d8:f5:72:58:e7:aa:32:1b:f2:da:
3b:1f:ee:e4:9b:d7:dd:c9:db:73:d2:33:f8:4b:6c:
f0:4b:9e:94:eb:08:c0:e4:ee:3e:35:d1:b6:c8:3f:
ad:cb:f6:bd:83:8a:79:ca:0c:d1:62:16:8f:7b:41:
91:e2:3d:52:64:86:fc:3f:2c:a6:29:04:15:62:a7:
0f:56:3f:a7:21:fa:56:29:1b:8c:36:17:61:ae:0d:
56:b9:cb:36:d9:18:47:36:a5:22:8f:85:c2:3a:f5:
dc:e0:50:e9:68:c5:bf:59:f8:41:07:37:8d:cd:d3:
40:a7:76:77:33:a3:08:44:e5:6b:6d:06:75:a5:19:
94:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C4:67:11:AA:6C:32:3B:8D:7C:21:2F:25:6D:BF:25:32:48:4D:AE
X509v3 Authority Key Identifier:
keyid:36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/OcRnEapsMjuNfCEvJW2_JTJITa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/NkUaLqQK8XFeYxMWlGiZaspxu4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.72.0/21
83.137.16.0/21
IPv6:
2001:4038::/32
Signature Algorithm: sha256WithRSAEncryption
6e:6b:62:99:bf:ba:82:85:97:b3:d7:82:f2:82:f3:71:fa:1e:
67:a5:22:9b:7b:0b:42:3a:33:05:55:b6:55:d0:e3:6f:11:55:
95:da:b7:b8:39:b9:46:6e:59:15:68:98:04:f6:40:96:c9:87:
c4:09:af:ca:3f:6b:f0:d5:3b:2f:e0:73:79:ff:64:4e:ae:4f:
23:da:22:a2:6b:90:83:0f:39:82:6b:18:7b:3a:1b:db:35:d9:
64:e7:92:b4:a8:52:d0:43:f8:90:db:35:b5:ae:ca:b6:35:5a:
96:d0:0b:4f:85:02:96:69:ba:9e:12:67:6b:ee:c3:33:ce:ca:
83:04:6c:e2:90:56:7b:39:a7:3a:e3:2d:1b:01:63:7c:ca:b8:
f5:62:d4:92:56:3a:bb:8d:2b:cd:df:6c:b5:a6:28:61:63:40:
6d:a2:47:80:9f:0f:94:76:46:b3:dc:fa:8f:0c:35:6a:95:29:
95:cb:0b:2b:74:52:ef:51:56:ba:b4:3d:e1:b9:bc:fd:2a:6c:
7b:22:a5:16:0f:39:d1:ae:4b:f9:9a:62:25:07:3c:31:75:7c:
6b:2b:ca:22:62:d5:4a:de:ce:86:af:c7:df:93:e9:80:81:95:
38:d1:5d:5f:8f:46:a6:b5:4b:53:49:42:d4:6f:fa:ee:e7:57:
8d:d4:ba:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxJ5ITCT+n+0LACnIBnu8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDUxYTJlYTQwYWYxNzE1ZTYzMTMxNjk0Njg5OTZhY2E3
MWJiOGEwHhcNMjMwMTAyMDYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM0NjcxMWFhNmMzMjNiOGQ3YzIxMmYyNTZkYmYyNTMyNDg0ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidCM8/PWptEm1L6tScskLJQH0eJv
srC2drprGNm47VlFlA0DwO6bt4Bxogplyy0vbXUFhLHigQ7WIyqIAs+N/Mk54oWP
ogpEW6If51jgA/m24yy9mashXK1s6pAybkRYkboJal5AcxPvyMQ3mb5W/0DviYJA
GgbBYTOeuNj1cljnqjIb8to7H+7km9fdydtz0jP4S2zwS56U6wjA5O4+NdG2yD+t
y/a9g4p5ygzRYhaPe0GR4j1SZIb8PyymKQQVYqcPVj+nIfpWKRuMNhdhrg1Wucs2
2RhHNqUij4XCOvXc4FDpaMW/WfhBBzeNzdNAp3Z3M6MIROVrbQZ1pRmUawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDnEZxGqbDI7jXwhLyVtvyUySE2uMB8GA1UdIwQY
MBaAFDZFGi6kCvFxXmMTFpRomWrKcbuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzIt
YmUzMDhjMTJmN2JjLzEvT2NSbkVhcHNNanVOZkNFdkpXMl9KVEpJVGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzItYmUzMDhjMTJmN2Jj
LzEvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTilIAwQD
U4kQMA0EAgACMAcDBQAgAUA4MA0GCSqGSIb3DQEBCwUAA4IBAQBua2KZv7qChZez
14LygvNx+h5npSKbewtCOjMFVbZV0ONvEVWV2re4OblGblkVaJgE9kCWyYfECa/K
P2vw1Tsv4HN5/2ROrk8j2iKia5CDDzmCaxh7OhvbNdlk55K0qFLQQ/iQ2zW1rsq2
NVqW0AtPhQKWabqeEmdr7sMzzsqDBGzikFZ7Oac64y0bAWN8yrj1YtSSVjq7jSvN
32y1pihhY0BtokeAnw+Udkaz3PqPDDVqlSmVywsrdFLvUVa6tD3hubz9Kmx7IqUW
DznRrkv5mmIlBzwxdXxrK8oiYtVK3s6Gr8ffk+mAgZU40V1fj0amtUtTSULUb/ru
51eN1Lo7
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:33 2024 by rpki-client on console.sobornost.net