Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7lwS4JHMsuj9gycB2iih5_bHx4.roa
File: e7lwS4JHMsuj9gycB2iih5_bHx4.roa (raw, json)
Hash identifier: OBCtcbDptjRVMxmJsqGJL3hcX19G2TPxZf9uKTH8xRo=
Subject key identifier: 7B:B9:70:4B:82:47:32:CB:A3:F6:0C:9C:07:68:A2:87:9F:DB:1F:1E
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018B804B894AE23BF6D2CDC2C9F5825F9288
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7lwS4JHMsuj9gycB2iih5_bHx4.roa
Signing time: Mon 30 Oct 2023 11:15:15 +0000
ROA not before: Mon 30 Oct 2023 11:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.164.0/24 maxlen: 24
212.68.172.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:4b:89:4a:e2:3b:f6:d2:cd:c2:c9:f5:82:5f:92:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Oct 30 11:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bb9704b824732cba3f60c9c0768a2879fdb1f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:96:47:67:e3:c0:23:d0:cf:50:dc:ba:79:6d:
35:8b:80:23:40:3c:2a:c5:69:a1:4f:6a:ad:ed:d3:
67:d8:dd:df:0f:e6:fa:6a:0d:93:ce:f2:9f:63:27:
40:b9:ea:4a:57:26:3e:08:b1:5b:2d:e4:bc:88:57:
e3:dd:e2:c9:3b:b5:22:14:a3:d9:df:45:57:93:8c:
ef:3e:a1:8d:04:00:cb:6b:90:47:20:67:93:85:a9:
70:72:9f:f8:48:fd:82:07:95:d2:df:80:30:3e:a1:
bf:0f:6b:10:bd:fb:6e:a1:bd:f4:96:56:10:ae:0b:
19:b5:17:64:7e:2e:86:54:3b:44:9a:50:83:c7:02:
7c:af:2f:f0:76:38:23:e1:77:a5:f2:3b:46:e2:2f:
32:32:97:c3:8d:54:68:27:82:9e:52:bb:00:a1:c6:
33:41:84:46:26:73:71:9f:0b:36:e8:51:7a:e2:ef:
df:78:cd:28:2e:6f:0a:e9:6e:6d:cb:71:2e:bc:24:
4a:50:e4:4f:89:4a:57:99:48:9a:f3:ec:4b:3a:c0:
bf:db:9e:b2:d7:11:44:1b:3a:43:40:0a:cf:6c:f3:
98:98:54:54:31:6b:a6:25:a6:ab:31:eb:16:24:71:
d0:86:ca:31:fd:48:68:58:58:16:2a:2c:6e:b5:49:
dc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B9:70:4B:82:47:32:CB:A3:F6:0C:9C:07:68:A2:87:9F:DB:1F:1E
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7lwS4JHMsuj9gycB2iih5_bHx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0/22
212.68.172.0-212.68.179.255
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
37:6e:7d:9f:b7:80:e9:67:b1:32:8b:d5:1d:51:40:78:ee:55:
59:fc:39:45:ea:d3:27:05:78:94:08:2e:aa:59:78:b2:37:f5:
83:fd:5e:f4:54:7b:d4:4b:e2:2b:49:46:ef:0b:fd:10:28:9b:
10:03:94:5d:3a:20:58:ec:51:62:f8:e9:b2:1d:ec:5c:dc:a2:
4d:a9:b9:f9:83:a8:c1:05:4c:3f:81:9d:be:62:1b:c9:c2:e6:
a8:9e:3a:07:dd:00:d6:f8:8d:f3:f6:16:ae:10:ca:e8:78:ad:
98:a0:6a:47:77:d5:d4:84:ff:f8:4c:d5:31:1a:fd:e0:c6:1f:
4c:99:f0:2d:85:68:9c:6f:ad:d5:f6:33:92:8c:53:3f:3d:b2:
9f:1b:a3:ae:4e:9f:15:36:78:83:22:3a:aa:13:94:1a:65:c2:
e3:cf:23:37:d4:ac:03:73:ac:b9:04:b9:2d:65:6a:d2:cd:f9:
fb:67:1d:95:bc:77:e4:5e:46:6e:42:18:42:17:8f:a3:23:d2:
fe:0e:2d:be:35:0f:e1:4a:62:a7:b1:3e:05:c2:e7:67:c0:0e:
28:c3:10:a9:53:bc:3e:84:8d:dc:22:ec:59:6e:ed:0f:a6:47:
6a:53:9f:fc:0d:8b:4b:df:26:9e:e4:c3:f3:be:96:6e:a1:b9:
bc:74:53:2d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYuAS4lK4jv20s3CyfWCX5KIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMxMDMwMTExNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI5NzA0YjgyNDczMmNiYTNmNjBjOWMwNzY4YTI4NzlmZGIxZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05ZHZ+PAI9DPUNy6eW01i4AjQDwq
xWmhT2qt7dNn2N3fD+b6ag2TzvKfYydAuepKVyY+CLFbLeS8iFfj3eLJO7UiFKPZ
30VXk4zvPqGNBADLa5BHIGeThalwcp/4SP2CB5XS34AwPqG/D2sQvftuob30llYQ
rgsZtRdkfi6GVDtEmlCDxwJ8ry/wdjgj4Xel8jtG4i8yMpfDjVRoJ4KeUrsAocYz
QYRGJnNxnws26FF64u/feM0oLm8K6W5ty3EuvCRKUORPiUpXmUia8+xLOsC/256y
1xFEGzpDQArPbPOYmFRUMWumJaarMesWJHHQhsox/UhoWFgWKixutUncywIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHu5cEuCRzLLo/YMnAdoooef2x8eMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvZTdsd1M0SkhNc3VqOWd5Y0IyaWloNV9iSHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQC1ESkMAwD
BALURKwDBALURLADBALURLgwDQYJKoZIhvcNAQELBQADggEBADdufZ+3gOlnsTKL
1R1RQHjuVVn8OUXq0ycFeJQILqpZeLI39YP9XvRUe9RL4itJRu8L/RAomxADlF06
IFjsUWL46bId7Fzcok2pufmDqMEFTD+Bnb5iG8nC5qieOgfdANb4jfP2Fq4Qyuh4
rZigakd31dSE//hM1TEa/eDGH0yZ8C2FaJxvrdX2M5KMUz89sp8bo65OnxU2eIMi
OqoTlBplwuPPIzfUrANzrLkEuS1latLN+ftnHZW8d+ReRm5CGEIXj6Mj0v4OLb41
D+FKYqexPgXC52fADijDEKlTvD6Ejdwi7Flu7Q+mR2pTn/wNi0vfJp7kw/O+lm6h
ubx0Uy0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:19 2023 by rpki-client on console.sobornost.net