Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/tVZOVZSpF7BBYMsY-WLuNHB-nEk.roa
File: tVZOVZSpF7BBYMsY-WLuNHB-nEk.roa (raw, json)
Hash identifier: /Wbrt9N8hrXltWg4qm0QqnQxR0Qo68eKeqDggTw5yZQ=
Subject key identifier: B5:56:4E:55:94:A9:17:B0:41:60:CB:18:F9:62:EE:34:70:7E:9C:49
Certificate issuer: /CN=7a8a1e836fa921d29af89c4a6ed6a0450003933c
Certificate serial: 0185719574D6471CEC712E8196659B02D0C1
Authority key identifier: 7A:8A:1E:83:6F:A9:21:D2:9A:F8:9C:4A:6E:D6:A0:45:00:03:93:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eooeg2-pIdKa-JxKbtagRQADkzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/tVZOVZSpF7BBYMsY-WLuNHB-nEk.roa
Signing time: Mon 02 Jan 2023 08:24:58 +0000
ROA not before: Mon 02 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199284
IP address blocks: 5.102.160.0/21 maxlen: 24
185.97.180.0/22 maxlen: 24
178.19.224.0/20 maxlen: 24
2a01:75c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:74:d6:47:1c:ec:71:2e:81:96:65:9b:02:d0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8a1e836fa921d29af89c4a6ed6a0450003933c
Validity
Not Before: Jan 2 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5564e5594a917b04160cb18f962ee34707e9c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:88:d2:ea:26:2f:bb:34:cd:8e:39:50:05:aa:
d8:f8:f4:5c:25:d3:d4:0a:54:e5:6f:8e:48:51:da:
f3:64:cf:e8:0a:bb:67:01:e9:c5:c3:2d:8d:f5:e8:
72:36:c0:48:60:67:4d:9c:3b:3a:7a:23:79:b2:51:
d6:9d:bc:2a:db:54:8e:37:3b:15:89:58:8d:09:0a:
a7:71:ef:80:5f:a6:54:19:2b:3e:c7:a8:5b:a6:6c:
bf:eb:40:f4:18:b2:5b:f5:be:40:50:44:46:c6:06:
ea:50:80:7a:78:40:34:ea:e0:f8:58:1c:40:8d:f0:
07:4a:93:6e:43:72:fe:16:8c:72:d4:53:0d:e3:c8:
40:08:ae:0a:cf:86:17:e4:65:eb:8c:17:88:65:94:
f4:e0:31:6c:29:b8:2b:a2:e3:86:c1:28:59:9e:89:
44:6d:50:e1:e8:dc:e8:23:84:5f:c8:ab:60:41:0a:
57:15:e2:5d:39:6a:f8:84:34:23:dc:89:a0:a7:ba:
e7:26:05:a6:fe:21:4a:41:fb:33:84:27:04:b8:e7:
43:aa:b1:63:df:1f:87:78:6a:13:47:ef:dd:88:bb:
e2:4d:45:e6:2f:6f:21:46:62:85:ca:ee:70:e9:9e:
cb:c5:9b:d7:14:d0:96:3e:c7:07:8e:db:8a:04:58:
f9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:56:4E:55:94:A9:17:B0:41:60:CB:18:F9:62:EE:34:70:7E:9C:49
X509v3 Authority Key Identifier:
keyid:7A:8A:1E:83:6F:A9:21:D2:9A:F8:9C:4A:6E:D6:A0:45:00:03:93:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eooeg2-pIdKa-JxKbtagRQADkzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/tVZOVZSpF7BBYMsY-WLuNHB-nEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/eooeg2-pIdKa-JxKbtagRQADkzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.160.0/21
178.19.224.0/20
185.97.180.0/22
IPv6:
2a01:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:e1:3a:df:cc:d2:81:cf:f3:e8:1c:fe:2d:5a:f3:11:91:b4:
8d:e1:e4:ef:5b:3e:8e:e8:c6:e1:c8:96:3e:bf:b6:c1:0e:1f:
9c:ca:48:4c:e5:4e:da:bc:c0:da:4d:26:62:2e:2d:04:4d:7a:
34:4a:56:3e:8e:9c:32:15:af:ee:a2:62:29:e6:e3:d6:16:95:
95:a4:cc:f0:6f:b5:4c:11:b1:8e:0f:a7:38:d0:8a:ca:41:57:
ad:f1:54:6a:d6:c7:4e:ff:c6:2e:93:55:b3:1a:11:de:de:87:
c7:b9:6a:c4:cf:52:95:80:b5:5a:5c:48:e1:9c:ec:bb:d2:63:
b3:05:9d:73:40:dd:8d:06:66:4a:37:46:9d:35:fe:49:b3:b5:
8b:ac:51:2d:45:a4:93:49:f1:6e:95:10:45:d9:5e:46:61:32:
bc:8c:97:4d:96:74:f5:ca:ed:75:c2:db:ab:11:a8:4d:a8:11:
4b:a9:12:1b:c5:ee:97:09:98:64:dc:0e:57:c4:43:cd:4e:1e:
68:c4:66:4f:00:36:b5:17:73:d7:64:e1:6d:29:3e:a5:79:5f:
10:16:de:9e:4f:35:b4:09:48:b6:9d:e0:6a:e4:06:47:66:46:
53:fa:c8:7f:ae:e9:01:8f:80:79:86:e8:0e:c3:5c:16:87:00:
d9:2d:93:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxlXTWRxzscS6BlmWbAtDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOGExZTgzNmZhOTIxZDI5YWY4OWM0YTZlZDZhMDQ1MDAw
MzkzM2MwHhcNMjMwMTAyMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU2NGU1NTk0YTkxN2IwNDE2MGNiMThmOTYyZWUzNDcwN2U5YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIjS6iYvuzTNjjlQBarY+PRcJdPU
ClTlb45IUdrzZM/oCrtnAenFwy2N9ehyNsBIYGdNnDs6eiN5slHWnbwq21SONzsV
iViNCQqnce+AX6ZUGSs+x6hbpmy/60D0GLJb9b5AUERGxgbqUIB6eEA06uD4WBxA
jfAHSpNuQ3L+Foxy1FMN48hACK4Kz4YX5GXrjBeIZZT04DFsKbgrouOGwShZnolE
bVDh6NzoI4RfyKtgQQpXFeJdOWr4hDQj3Imgp7rnJgWm/iFKQfszhCcEuOdDqrFj
3x+HeGoTR+/diLviTUXmL28hRmKFyu5w6Z7LxZvXFNCWPscHjtuKBFj5/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLVWTlWUqRewQWDLGPli7jRwfpxJMB8GA1UdIwQY
MBaAFHqKHoNvqSHSmvicSm7WoEUAA5M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9vZWcyLXBJZEthLUp4S2J0YWdSUUFEa3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjZiOWQtMGU2MS00ZmFkLTk4ZjMt
YTBjNTk3MGE2Zjc2LzEvdFZaT1ZaU3BGN0JCWU1zWS1XTHVOSEItbkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjZiOWQtMGU2MS00ZmFkLTk4ZjMtYTBjNTk3MGE2Zjc2
LzEvZW9vZWcyLXBJZEthLUp4S2J0YWdSUUFEa3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBWagAwQE
shPgAwQCuWG0MA0EAgACMAcDBQMqAXXAMA0GCSqGSIb3DQEBCwUAA4IBAQCW4Trf
zNKBz/PoHP4tWvMRkbSN4eTvWz6O6MbhyJY+v7bBDh+cykhM5U7avMDaTSZiLi0E
TXo0SlY+jpwyFa/uomIp5uPWFpWVpMzwb7VMEbGOD6c40IrKQVet8VRq1sdO/8Yu
k1WzGhHe3ofHuWrEz1KVgLVaXEjhnOy70mOzBZ1zQN2NBmZKN0adNf5Js7WLrFEt
RaSTSfFulRBF2V5GYTK8jJdNlnT1yu11wturEahNqBFLqRIbxe6XCZhk3A5XxEPN
Th5oxGZPADa1F3PXZOFtKT6leV8QFt6eTzW0CUi2neBq5AZHZkZT+sh/rukBj4B5
hugOw1wWhwDZLZNy
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:25 2024 by rpki-client on console.sobornost.net