Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/7dka_Dp71E2U0FYD663ESNf6ihM.roa
File: 7dka_Dp71E2U0FYD663ESNf6ihM.roa (raw, json)
Hash identifier: nh8xE88rboAJ8C4ujvUvtvq9bkgdS5X4SO3yc90Rpoo=
Subject key identifier: ED:D9:1A:FC:3A:7B:D4:4D:94:D0:56:03:EB:AD:C4:48:D7:FA:8A:13
Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87
Certificate serial: 0185739F29CBE3EDB40D0243D19C23A26EC8
Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/7dka_Dp71E2U0FYD663ESNf6ihM.roa
Signing time: Mon 02 Jan 2023 17:54:48 +0000
ROA not before: Mon 02 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213054
IP address blocks: 185.221.244.0/24 maxlen: 24
2a04:3f83:44::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:9f:29:cb:e3:ed:b4:0d:02:43:d1:9c:23:a2:6e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87
Validity
Not Before: Jan 2 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edd91afc3a7bd44d94d05603ebadc448d7fa8a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:59:28:cd:c9:f4:91:6e:c4:ae:42:2c:e6:fd:
66:eb:9e:93:ce:76:ca:77:31:b6:79:28:ad:dd:f6:
59:fe:d4:37:93:da:e8:28:5c:8f:1a:ae:ae:45:36:
53:67:30:ed:59:33:5d:d0:65:98:b3:6e:08:47:5c:
27:8b:6e:8d:d6:5f:3d:44:6b:b4:7c:c3:f9:94:1c:
4c:d3:77:9f:ca:6b:b3:28:bc:da:85:da:69:7c:dc:
51:6c:44:1f:24:4f:5a:cb:00:55:38:96:1c:40:5c:
a9:46:8b:ba:ea:0f:16:a8:1e:87:9e:a1:16:48:7b:
37:e7:5d:13:8f:ea:c3:80:f4:67:f6:87:63:e1:88:
ef:d5:c3:f2:65:a3:96:aa:47:4b:4d:21:90:e3:5f:
2c:ff:aa:cc:b0:6f:4d:ee:4d:93:5f:c9:1d:61:27:
a9:2b:7c:fa:71:98:de:5a:4c:79:08:e7:d6:52:1d:
97:49:bf:66:e0:e7:43:7e:c4:5f:7f:5a:ce:c2:17:
83:47:e5:30:01:01:ea:ec:96:9f:af:ad:8d:41:06:
50:75:02:57:f5:db:9e:b6:81:5b:6c:f7:6a:37:f4:
ac:f0:7e:bb:cd:0d:94:02:65:d0:2c:ff:21:1e:3b:
2d:36:d3:e4:11:96:33:cc:e3:5e:90:e9:c6:cd:bf:
18:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D9:1A:FC:3A:7B:D4:4D:94:D0:56:03:EB:AD:C4:48:D7:FA:8A:13
X509v3 Authority Key Identifier:
keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/7dka_Dp71E2U0FYD663ESNf6ihM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.244.0/24
IPv6:
2a04:3f83:44::/48
Signature Algorithm: sha256WithRSAEncryption
33:0c:f3:94:0d:e7:53:24:c7:0e:64:86:54:96:d1:b9:6f:ab:
a1:65:6e:f4:e1:12:63:ce:22:88:ac:cf:1a:25:43:55:b7:c7:
ea:16:3b:68:ac:b8:ca:fa:15:da:b6:a0:f2:f9:99:2f:6f:20:
f4:ee:36:e9:e1:bc:ee:d6:34:0e:ca:33:e7:ed:27:17:d1:27:
bf:8a:c6:f9:9d:df:19:31:e8:1e:44:13:7f:1b:15:43:d6:a4:
59:7a:8c:38:a0:02:6e:51:b4:fc:83:64:67:58:1a:95:2a:0b:
c0:a3:b6:0b:64:b6:cf:95:cb:28:6a:65:80:73:16:8d:8e:d4:
8e:7a:87:ea:54:e4:7b:99:69:ac:9b:a9:08:9e:91:b2:89:16:
c5:17:dc:01:b8:24:43:44:ad:16:91:9d:4c:c1:31:e5:e0:56:
88:b1:30:03:7a:77:da:ea:3c:c4:f1:fd:d8:4d:32:57:00:0f:
d0:ef:7d:ad:02:38:1e:56:06:af:7c:b7:ee:86:1b:6a:8e:fb:
12:c3:d5:49:26:34:e0:37:bc:a2:eb:b0:58:ff:c2:5d:94:bc:
2d:7a:25:35:b4:a4:ca:f1:33:19:d9:f1:b9:39:a6:2c:7e:83:
8a:94:64:46:42:16:0b:53:31:4b:e4:5d:45:1f:90:7e:3f:45:
51:0f:50:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVznynL4+20DQJD0Zwjom7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjFkMGRiZTA5M2M3MjIzNTA2MThmNDA0NWMyNWJhOTQz
MTdmODcwHhcNMjMwMTAyMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQ5MWFmYzNhN2JkNDRkOTRkMDU2MDNlYmFkYzQ0OGQ3ZmE4YTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFkozcn0kW7ErkIs5v1m656TznbK
dzG2eSit3fZZ/tQ3k9roKFyPGq6uRTZTZzDtWTNd0GWYs24IR1wni26N1l89RGu0
fMP5lBxM03efymuzKLzahdppfNxRbEQfJE9aywBVOJYcQFypRou66g8WqB6HnqEW
SHs3510Tj+rDgPRn9odj4Yjv1cPyZaOWqkdLTSGQ418s/6rMsG9N7k2TX8kdYSep
K3z6cZjeWkx5COfWUh2XSb9m4OdDfsRff1rOwheDR+UwAQHq7Jafr62NQQZQdQJX
9duetoFbbPdqN/Ss8H67zQ2UAmXQLP8hHjstNtPkEZYzzONekOnGzb8YfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO3ZGvw6e9RNlNBWA+utxEjX+ooTMB8GA1UdIwQY
MBaAFBDx0Nvgk8ciNQYY9ARcJbqUMX+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYt
MmYwYTZiZGJiZTUxLzEvN2RrYV9EcDcxRTJVMEZZRDY2M0VTTmY2aWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYtMmYwYTZiZGJiZTUx
LzEvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAud30MA8E
AgACMAkDBwAqBD+DAEQwDQYJKoZIhvcNAQELBQADggEBADMM85QN51Mkxw5khlSW
0blvq6FlbvThEmPOIoiszxolQ1W3x+oWO2isuMr6Fdq2oPL5mS9vIPTuNunhvO7W
NA7KM+ftJxfRJ7+Kxvmd3xkx6B5EE38bFUPWpFl6jDigAm5RtPyDZGdYGpUqC8Cj
tgtkts+VyyhqZYBzFo2O1I56h+pU5HuZaaybqQiekbKJFsUX3AG4JENErRaRnUzB
MeXgVoixMAN6d9rqPMTx/dhNMlcAD9Dvfa0COB5WBq98t+6GG2qO+xLD1UkmNOA3
vKLrsFj/wl2UvC16JTW0pMrxMxnZ8bk5pix+g4qUZEZCFgtTMUvkXUUfkH4/RVEP
UJo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:36 2024 by rpki-client on console.sobornost.net