Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1-guEqRLxbFGIEI70dVf0L4WgdV4.roa
File: 1-guEqRLxbFGIEI70dVf0L4WgdV4.roa (raw, json)
Hash identifier: 8u2aMfos9jweoMgPC47Xw/BqDofo0zZVYawTmydIVBs=
Subject key identifier: FA:0B:84:A9:12:F1:6C:51:88:10:8E:F4:75:57:F4:2F:85:A0:75:5E
Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Certificate serial: 01856E78E15CF4F00E5B7CF7C5CB90353E20
Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1-guEqRLxbFGIEI70dVf0L4WgdV4.roa
Signing time: Sun 01 Jan 2023 17:54:53 +0000
ROA not before: Sun 01 Jan 2023 17:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49540
IP address blocks: 78.152.128.0/19 maxlen: 19
185.147.228.0/22 maxlen: 22
37.114.64.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e1:5c:f4:f0:0e:5b:7c:f7:c5:cb:90:35:3e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Validity
Not Before: Jan 1 17:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa0b84a912f16c5188108ef47557f42f85a0755e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:87:e9:96:f9:37:24:30:87:f5:8f:d8:98:12:
fd:71:27:d9:e8:c4:e1:27:7a:53:43:2c:91:e2:91:
c1:99:cf:c9:02:3e:24:20:96:c0:ce:e1:c8:2b:3b:
6a:b8:6e:85:d4:b2:77:55:bb:75:01:9f:3f:72:31:
f2:a0:38:fd:14:8a:2a:c4:d5:2d:26:3c:71:f9:32:
62:8c:c2:4d:82:3f:c9:e4:f2:7a:9f:84:2a:ff:2e:
38:6b:a1:b0:fc:e5:2a:af:b9:97:b7:c6:c7:96:22:
17:05:f3:5c:3e:24:11:30:e4:aa:a2:40:4a:1a:ee:
4c:e9:ce:0e:83:e6:94:3f:c6:ab:fa:71:6a:67:ac:
ca:7c:ee:e4:44:8f:a4:b0:74:38:fc:c6:2d:10:85:
a9:41:eb:72:13:73:70:16:49:7b:c6:73:41:6b:69:
17:37:17:d8:01:91:7f:83:f3:0b:92:ef:18:e1:4b:
f0:9d:ea:69:3f:7b:95:ac:58:4b:9b:ef:ad:6d:40:
eb:7c:86:40:1a:9a:27:1c:70:95:1e:a9:0b:26:5e:
fe:2e:2c:91:55:c2:3d:b5:ea:1f:4e:04:42:7d:4a:
51:65:ab:3d:d7:35:d2:33:00:c7:8a:08:c9:4a:1f:
42:70:7d:6f:4e:ca:08:98:c1:fe:22:36:b9:49:6a:
3e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0B:84:A9:12:F1:6C:51:88:10:8E:F4:75:57:F4:2F:85:A0:75:5E
X509v3 Authority Key Identifier:
keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1-guEqRLxbFGIEI70dVf0L4WgdV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.64.0/21
78.152.128.0/19
185.147.228.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:3e:b8:74:59:bf:6c:d9:d6:1f:20:e7:d5:c5:6f:6d:a3:71:
e6:05:96:dd:a8:72:d2:22:8a:81:47:ff:9b:17:0d:2c:4e:1f:
8a:a0:3a:06:b8:c9:df:c0:74:c2:79:97:b7:41:2d:4e:a4:f3:
29:d1:78:13:81:8b:98:9a:8b:47:24:76:94:4e:bf:ea:7e:c0:
6c:0a:7a:af:9e:ec:3b:4e:5e:22:6e:97:72:94:f3:82:77:aa:
a1:85:1b:3a:7f:c8:e6:ef:72:a1:21:f1:6e:c5:56:64:08:0e:
12:fc:8d:b0:16:92:f6:9f:21:89:0c:aa:67:b3:0d:73:35:06:
64:65:18:7e:8b:8a:b3:6d:7c:e4:fe:9a:d8:66:7e:fd:9f:d2:
e6:34:19:20:2a:63:fd:61:bf:3f:97:96:96:79:2f:6e:2d:2f:
b2:9f:47:bc:19:e8:a9:61:55:e2:22:f4:9c:3e:4b:25:53:39:
57:f3:9c:ce:15:8a:37:46:c3:8e:4d:a8:0e:36:d0:b5:b9:1f:
7c:6e:7e:e9:d8:a2:fa:7b:ad:35:35:0c:1d:b8:15:19:6e:f0:
23:7f:f0:59:fb:39:03:9e:94:f7:13:fa:0b:12:0b:5c:29:9d:
1d:ec:f6:a2:24:49:8c:71:04:b8:fa:10:f8:f3:9f:49:eb:6f:
07:89:c2:39
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVueOFc9PAOW3z3xcuQNT4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2
NjQzNDQwHhcNMjMwMTAxMTc1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBiODRhOTEyZjE2YzUxODgxMDhlZjQ3NTU3ZjQyZjg1YTA3NTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqofplvk3JDCH9Y/YmBL9cSfZ6MTh
J3pTQyyR4pHBmc/JAj4kIJbAzuHIKztquG6F1LJ3Vbt1AZ8/cjHyoDj9FIoqxNUt
Jjxx+TJijMJNgj/J5PJ6n4Qq/y44a6Gw/OUqr7mXt8bHliIXBfNcPiQRMOSqokBK
Gu5M6c4Og+aUP8ar+nFqZ6zKfO7kRI+ksHQ4/MYtEIWpQetyE3NwFkl7xnNBa2kX
NxfYAZF/g/MLku8Y4UvwneppP3uVrFhLm++tbUDrfIZAGponHHCVHqkLJl7+LiyR
VcI9teofTgRCfUpRZas91zXSMwDHigjJSh9CcH1vTsoImMH+Ija5SWo+zQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPoLhKkS8WxRiBCO9HVX9C+FoHVeMB8GA1UdIwQY
MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt
NzZiMDMyNWMzYjA3LzEvMS1ndUVxUkx4YkZHSUVJNzBkVmYwTDRXZ2RWNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZDVhNDlhLTRmMWEtNDk2MS05YzFmLTc2YjAzMjVjM2Iw
Ny8xL2NXQWNDNHNUekJJUUZfYlNVUmVzSDlCbVEwUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAyVyQAME
BU6YgAMEArmT5DANBgkqhkiG9w0BAQsFAAOCAQEAsz64dFm/bNnWHyDn1cVvbaNx
5gWW3ahy0iKKgUf/mxcNLE4fiqA6BrjJ38B0wnmXt0EtTqTzKdF4E4GLmJqLRyR2
lE6/6n7AbAp6r57sO05eIm6XcpTzgneqoYUbOn/I5u9yoSHxbsVWZAgOEvyNsBaS
9p8hiQyqZ7MNczUGZGUYfouKs2185P6a2GZ+/Z/S5jQZICpj/WG/P5eWlnkvbi0v
sp9HvBnoqWFV4iL0nD5LJVM5V/OczhWKN0bDjk2oDjbQtbkffG5+6dii+nutNTUM
HbgVGW7wI3/wWfs5A56U9xP6CxILXCmdHez2oiRJjHEEuPoQ+POfSetvB4nCOQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:49 2024 by rpki-client on console.sobornost.net