Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/NGe8WqKMXmjFuCGzpHchpTmtKPs.roa
File: NGe8WqKMXmjFuCGzpHchpTmtKPs.roa (raw, json)
Hash identifier: lxkhgr9uEKDYDN+NnKCNCIoYZG5bLDa7/YGkiqXSztE=
Subject key identifier: 34:67:BC:5A:A2:8C:5E:68:C5:B8:21:B3:A4:77:21:A5:39:AD:28:FB
Certificate issuer: /CN=eb337ead6b9b93dd0d758abf9d7b303072a99eb9
Certificate serial: 01856DDD56E2B3574C3E5E0D4064BE4A3F61
Authority key identifier: EB:33:7E:AD:6B:9B:93:DD:0D:75:8A:BF:9D:7B:30:30:72:A9:9E:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zN-rWubk90NdYq_nXswMHKpnrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/NGe8WqKMXmjFuCGzpHchpTmtKPs.roa
Signing time: Sun 01 Jan 2023 15:05:00 +0000
ROA not before: Sun 01 Jan 2023 15:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209322
IP address blocks: 45.67.77.0/24 maxlen: 24
45.67.78.0/24 maxlen: 24
45.67.76.0/24 maxlen: 24
45.67.79.0/24 maxlen: 24
2a07:3c80:600::/40 maxlen: 40
2a07:3c80:400::/40 maxlen: 40
2a07:3c80:200::/40 maxlen: 40
2a07:3c80::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:56:e2:b3:57:4c:3e:5e:0d:40:64:be:4a:3f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb337ead6b9b93dd0d758abf9d7b303072a99eb9
Validity
Not Before: Jan 1 15:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3467bc5aa28c5e68c5b821b3a47721a539ad28fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:44:18:61:0b:75:b2:fe:af:17:50:c9:6e:
07:0a:85:0c:15:e7:72:0f:f9:d3:b4:ce:ab:b3:87:
eb:69:c8:b2:36:a4:a3:0a:2c:b1:44:9b:7c:10:42:
5d:33:c5:83:d7:34:65:50:52:06:7a:f9:e7:c3:5c:
0e:0c:0a:6c:59:c5:09:75:6d:ae:62:d0:1b:41:e0:
a9:69:e9:50:63:fc:b3:b2:76:86:e7:92:12:82:c8:
0b:36:a8:55:d8:a4:e2:5a:3d:10:6b:5c:bd:2e:ab:
e0:84:65:bd:df:52:a6:64:b3:09:78:61:b9:be:c0:
e2:eb:2b:42:d5:21:96:41:12:27:6d:68:06:d3:d1:
1d:7d:ef:de:ca:d5:a8:ad:fa:77:de:0c:d2:8e:ac:
8b:c1:6c:0c:23:b8:d8:ec:9e:c6:3e:2f:a7:fa:bd:
58:64:7c:f1:48:53:00:e7:0d:03:ed:f9:fb:51:53:
01:1b:56:3c:e9:64:71:ba:0b:84:92:88:02:68:71:
4f:5d:33:d3:0a:78:3f:1e:b6:a0:d6:3c:ba:3e:59:
28:29:a4:8f:35:65:c0:a8:ca:f8:e3:11:fb:5e:2d:
c0:d6:54:22:83:10:ee:4c:41:33:24:e8:21:53:3f:
ad:30:df:b1:98:51:92:92:95:ed:78:5b:9c:55:4d:
62:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:67:BC:5A:A2:8C:5E:68:C5:B8:21:B3:A4:77:21:A5:39:AD:28:FB
X509v3 Authority Key Identifier:
keyid:EB:33:7E:AD:6B:9B:93:DD:0D:75:8A:BF:9D:7B:30:30:72:A9:9E:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zN-rWubk90NdYq_nXswMHKpnrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/NGe8WqKMXmjFuCGzpHchpTmtKPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/6zN-rWubk90NdYq_nXswMHKpnrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.76.0/22
IPv6:
2a07:3c80::/40
2a07:3c80:200::/40
2a07:3c80:400::/40
2a07:3c80:600::/40
Signature Algorithm: sha256WithRSAEncryption
50:84:e0:8f:28:e8:21:6e:51:33:43:22:cf:f3:1b:2b:65:ba:
c6:99:11:3a:d1:41:13:2c:e0:cc:85:6e:ae:89:a6:e4:b7:df:
a6:85:8e:4f:c2:7a:68:ea:f7:78:0a:45:86:3c:91:6d:25:c8:
90:a5:e4:22:f6:b2:8d:96:f1:79:79:38:7a:a0:dd:ec:1a:68:
cb:ab:43:d9:b6:2e:3b:7e:fb:05:bc:54:30:cf:f1:6c:cb:40:
cc:d4:e9:34:47:91:ca:76:af:10:13:70:94:26:f7:9e:8d:4a:
45:9b:fd:e1:4a:59:47:f6:c3:56:ce:d1:02:b8:57:77:7f:c6:
8a:3e:73:67:6c:82:ab:15:c9:21:dc:39:59:88:33:75:d2:8a:
08:27:98:f7:fa:ee:85:0a:65:c3:ba:ae:4c:81:80:0a:b1:ee:
2e:ee:d1:9f:ec:8c:24:15:3e:c8:44:c0:81:84:83:85:6b:ac:
e1:39:b4:19:70:c9:86:9e:ce:97:89:cb:0b:11:e9:81:ae:0d:
df:29:6b:35:36:d4:4b:b3:dc:2c:71:94:15:40:a0:8b:4a:c3:
24:80:94:1f:98:ed:e5:29:e2:08:86:2f:9d:c9:ef:fa:fd:67:
67:18:70:61:01:0b:d6:2b:42:76:3e:f7:75:05:42:ae:35:1e:
04:b4:29:e2
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVt3Vbis1dMPl4NQGS+Sj9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzM3ZWFkNmI5YjkzZGQwZDc1OGFiZjlkN2IzMDMwNzJh
OTllYjkwHhcNMjMwMTAxMTUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY3YmM1YWEyOGM1ZTY4YzViODIxYjNhNDc3MjFhNTM5YWQyOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqANEGGELdbL+rxdQyW4HCoUMFedy
D/nTtM6rs4fraciyNqSjCiyxRJt8EEJdM8WD1zRlUFIGevnnw1wODApsWcUJdW2u
YtAbQeCpaelQY/yzsnaG55ISgsgLNqhV2KTiWj0Qa1y9LqvghGW931KmZLMJeGG5
vsDi6ytC1SGWQRInbWgG09Edfe/eytWorfp33gzSjqyLwWwMI7jY7J7GPi+n+r1Y
ZHzxSFMA5w0D7fn7UVMBG1Y86WRxuguEkogCaHFPXTPTCng/Hrag1jy6PlkoKaSP
NWXAqMr44xH7Xi3A1lQigxDuTEEzJOghUz+tMN+xmFGSkpXteFucVU1i+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDRnvFqijF5oxbghs6R3IaU5rSj7MB8GA1UdIwQY
MBaAFOszfq1rm5PdDXWKv517MDByqZ65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpOLXJXdWJrOTBOZFlxX25Yc3dNSEtwbnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iOGMzMGMtODJkOS00NmJiLWJiMDct
OWNhMTAwNDI4ZjEwLzEvTkdlOFdxS01YbWpGdUNHenBIY2hwVG10S1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iOGMzMGMtODJkOS00NmJiLWJiMDctOWNhMTAwNDI4ZjEw
LzEvNnpOLXJXdWJrOTBOZFlxX25Yc3dNSEtwbnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQCLUNMMCYE
AgACMCADBgAqBzyAAAMGACoHPIACAwYAKgc8gAQDBgAqBzyABjANBgkqhkiG9w0B
AQsFAAOCAQEAUITgjyjoIW5RM0Miz/MbK2W6xpkROtFBEyzgzIVuromm5LffpoWO
T8J6aOr3eApFhjyRbSXIkKXkIvayjZbxeXk4eqDd7Bpoy6tD2bYuO377BbxUMM/x
bMtAzNTpNEeRynavEBNwlCb3no1KRZv94UpZR/bDVs7RArhXd3/Gij5zZ2yCqxXJ
Idw5WYgzddKKCCeY9/ruhQplw7quTIGACrHuLu7Rn+yMJBU+yETAgYSDhWus4Tm0
GXDJhp7Ol4nLCxHpga4N3ylrNTbUS7PcLHGUFUCgi0rDJICUH5jt5SniCIYvncnv
+v1nZxhwYQEL1itCdj73dQVCrjUeBLQp4g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:24 2024 by rpki-client on console.sobornost.net