Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/e2fDmXVxOTdmM6kN78UZiSPIki0.roa
File: e2fDmXVxOTdmM6kN78UZiSPIki0.roa (raw, json)
Hash identifier: 1w2fIdOgVuoQobExn+H9+192kpiyjqkEuDOqanldYCU=
Subject key identifier: 7B:67:C3:99:75:71:39:37:66:33:A9:0D:EF:C5:19:89:23:C8:92:2D
Certificate issuer: /CN=cfe0df82121438271c913c24ff50fd3b62d40dc6
Certificate serial: 018C82440A7F0CD0E468B7F8A532D3C73355
Authority key identifier: CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/e2fDmXVxOTdmM6kN78UZiSPIki0.roa
Signing time: Tue 19 Dec 2023 13:29:06 +0000
ROA not before: Tue 19 Dec 2023 13:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206844
IP address blocks: 171.22.245.0/24 maxlen: 24
171.22.246.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:44:0a:7f:0c:d0:e4:68:b7:f8:a5:32:d3:c7:33:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfe0df82121438271c913c24ff50fd3b62d40dc6
Validity
Not Before: Dec 19 13:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b67c399757139376633a90defc5198923c8922d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:e7:7d:2f:12:ee:d3:bd:fd:d9:22:a2:41:
45:ab:eb:cc:11:8c:74:ce:9e:d5:83:14:2b:73:b3:
73:f7:ba:04:72:26:87:ac:db:bc:15:42:cc:34:d3:
c4:ca:50:35:5f:3d:f6:86:aa:d3:c5:eb:9e:13:73:
10:38:3d:bf:23:32:63:cd:d3:81:b6:40:28:e9:13:
10:6d:d6:b0:6d:11:0a:44:f0:de:f9:14:d5:31:61:
9b:70:63:48:26:26:3f:54:ec:5e:ad:5b:e5:65:0f:
3a:c0:60:8f:b6:48:71:59:b5:cf:ed:f7:e7:70:f9:
75:75:00:52:28:97:75:3b:7f:54:58:b4:ee:4e:de:
3c:45:5d:81:94:71:fb:49:f4:c5:a5:b9:61:b2:d2:
c5:d6:2a:75:8b:47:ac:a4:e6:79:5c:10:63:5a:a9:
57:63:60:d4:23:a4:54:c1:c1:cf:2d:49:95:fa:c8:
36:6a:d0:60:5d:0e:6b:f9:c3:89:13:79:60:b1:b4:
23:03:95:39:56:0f:81:3f:c0:ee:c3:c2:a0:6a:b2:
ca:c3:b4:ea:6e:7e:db:69:6a:78:b0:ce:ef:ea:1a:
94:99:9b:19:fb:3e:05:64:1f:86:b2:0f:e5:ad:b3:
88:ea:e0:90:c2:bb:a8:2c:ea:f9:b7:9a:1a:76:3f:
d0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:67:C3:99:75:71:39:37:66:33:A9:0D:EF:C5:19:89:23:C8:92:2D
X509v3 Authority Key Identifier:
keyid:CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/e2fDmXVxOTdmM6kN78UZiSPIki0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/z-DfghIUOCcckTwk_1D9O2LUDcY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.245.0-171.22.247.255
Signature Algorithm: sha256WithRSAEncryption
1e:ac:ce:57:37:b9:9c:fa:dc:c1:af:6f:6e:97:a2:ed:0f:d0:
46:4a:e4:bd:f0:bb:0d:5c:82:43:11:e3:14:1c:24:4d:6d:21:
31:dd:04:f9:93:0c:a9:67:c3:a5:fa:60:cf:80:c6:43:85:f7:
52:24:6f:77:ca:ca:74:7d:cf:ef:66:e2:d0:e4:57:bd:a0:4d:
bf:df:3a:1b:a1:1c:3e:1c:57:0f:1c:37:0f:ff:60:82:a3:c0:
11:a6:bd:96:ce:48:2f:90:2f:c6:a4:a8:62:66:7d:b8:26:3f:
9c:89:ef:43:3c:35:69:d3:76:05:11:7c:70:52:51:92:b1:24:
fc:b2:5f:9a:0b:5d:d3:4d:a2:3a:94:54:1f:74:bb:12:f8:47:
9f:a2:02:b4:a2:0a:e5:63:dc:5a:ad:d9:74:72:20:cd:11:c4:
ca:f9:30:22:1a:63:d3:7b:15:df:13:80:fa:72:22:0b:cf:be:
5d:5d:f0:e1:71:f8:20:79:91:bd:0f:03:73:7f:a9:00:e4:1a:
4a:62:84:c6:91:78:b6:85:af:e5:86:8d:d8:8a:66:4d:51:ee:
0d:81:ef:9f:bb:c0:1e:d6:b5:39:dc:58:f8:95:66:a8:c3:bc:
c6:1c:7b:f6:e5:59:e0:61:55:97:61:3d:4a:50:6a:76:0c:2c:
3b:8a:6e:cb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyCRAp/DNDkaLf4pTLTxzNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZTBkZjgyMTIxNDM4MjcxYzkxM2MyNGZmNTBmZDNiNjJk
NDBkYzYwHhcNMjMxMjE5MTMyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjY3YzM5OTc1NzEzOTM3NjYzM2E5MGRlZmM1MTk4OTIzYzg5MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh3nfS8S7tO9/dkiokFFq+vMEYx0
zp7VgxQrc7Nz97oEciaHrNu8FULMNNPEylA1Xz32hqrTxeueE3MQOD2/IzJjzdOB
tkAo6RMQbdawbREKRPDe+RTVMWGbcGNIJiY/VOxerVvlZQ86wGCPtkhxWbXP7ffn
cPl1dQBSKJd1O39UWLTuTt48RV2BlHH7SfTFpblhstLF1ip1i0espOZ5XBBjWqlX
Y2DUI6RUwcHPLUmV+sg2atBgXQ5r+cOJE3lgsbQjA5U5Vg+BP8Duw8KgarLKw7Tq
bn7baWp4sM7v6hqUmZsZ+z4FZB+Gsg/lrbOI6uCQwruoLOr5t5oadj/QxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHtnw5l1cTk3ZjOpDe/FGYkjyJItMB8GA1UdIwQY
MBaAFM/g34ISFDgnHJE8JP9Q/Tti1A3GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMt
ZjJjNzkyMmZhZjMyLzEvZTJmRG1YVnhPVGRtTTZrTjc4VVppU1BJa2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMtZjJjNzkyMmZhZjMy
LzEvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACrFvUD
BAOrFvAwDQYJKoZIhvcNAQELBQADggEBAB6szlc3uZz63MGvb26Xou0P0EZK5L3w
uw1cgkMR4xQcJE1tITHdBPmTDKlnw6X6YM+AxkOF91Ikb3fKynR9z+9m4tDkV72g
Tb/fOhuhHD4cVw8cNw//YIKjwBGmvZbOSC+QL8akqGJmfbgmP5yJ70M8NWnTdgUR
fHBSUZKxJPyyX5oLXdNNojqUVB90uxL4R5+iArSiCuVj3Fqt2XRyIM0RxMr5MCIa
Y9N7Fd8TgPpyIgvPvl1d8OFx+CB5kb0PA3N/qQDkGkpihMaReLaFr+WGjdiKZk1R
7g2B75+7wB7WtTncWPiVZqjDvMYce/blWeBhVZdhPUpQanYMLDuKbss=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:41 2024 by rpki-client on console.sobornost.net