Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e4bd6a-adaf-48c8-b999-53570a1abd04/1/h7QBAUh8hMdW2imJh7yGnE1H5GA.roa
File: h7QBAUh8hMdW2imJh7yGnE1H5GA.roa (raw, json)
Hash identifier: iZDBFVoj1Apofd0xKm8mLuCnsIX5G9yojFw/NOhY9Zg=
Subject key identifier: 87:B4:01:01:48:7C:84:C7:56:DA:29:89:87:BC:86:9C:4D:47:E4:60
Certificate issuer: /CN=ef78bc969a8307336ef4044f3dfef1fe136382b3
Certificate serial: 01856D9D3C3918D542CFE0C4C0754E8D74C7
Authority key identifier: EF:78:BC:96:9A:83:07:33:6E:F4:04:4F:3D:FE:F1:FE:13:63:82:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73i8lpqDBzNu9ARPPf7x_hNjgrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e4bd6a-adaf-48c8-b999-53570a1abd04/1/h7QBAUh8hMdW2imJh7yGnE1H5GA.roa
Signing time: Sun 01 Jan 2023 13:54:59 +0000
ROA not before: Sun 01 Jan 2023 13:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8749
IP address blocks: 37.32.101.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:3c:39:18:d5:42:cf:e0:c4:c0:75:4e:8d:74:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef78bc969a8307336ef4044f3dfef1fe136382b3
Validity
Not Before: Jan 1 13:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b40101487c84c756da298987bc869c4d47e460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5a:68:2b:2d:4d:31:56:16:bc:95:37:70:60:
4a:26:11:22:72:95:2b:df:2d:14:9e:b0:a7:bf:dc:
cb:ea:35:e9:02:0b:65:40:95:89:5a:bc:1e:45:fd:
b9:ef:e7:4a:b3:d3:22:63:40:42:c0:51:a9:3d:b6:
3e:2b:1f:13:b3:ac:e9:6f:cd:80:09:ff:11:37:1b:
15:53:3b:d4:e3:b2:b0:d6:01:f0:64:05:c6:ea:51:
64:a1:a3:36:de:5d:d9:1b:80:0b:3f:56:ee:fd:50:
ee:93:c0:46:a9:15:fd:0b:72:91:5d:23:dd:ad:58:
56:70:8e:27:2f:ec:54:ed:11:d8:35:ba:72:46:04:
47:14:de:39:65:61:11:f3:95:d6:cd:c0:44:1a:4e:
4c:f5:7a:3a:2e:18:58:32:21:4e:9c:ba:9f:e4:30:
01:11:3f:fb:bd:48:22:a3:e9:66:20:45:11:ae:cf:
ad:83:a6:c7:24:03:53:ae:ed:b8:a2:36:36:c6:97:
ba:64:67:ed:3e:2f:6c:49:55:fd:73:2a:89:02:c9:
06:12:d9:ba:35:f7:81:51:11:b2:c0:ab:05:33:70:
53:37:bf:23:3c:ee:b1:90:ed:7b:32:07:3e:6a:35:
6d:4c:b0:81:bb:19:0b:a9:8b:97:c1:47:c5:3f:70:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B4:01:01:48:7C:84:C7:56:DA:29:89:87:BC:86:9C:4D:47:E4:60
X509v3 Authority Key Identifier:
keyid:EF:78:BC:96:9A:83:07:33:6E:F4:04:4F:3D:FE:F1:FE:13:63:82:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73i8lpqDBzNu9ARPPf7x_hNjgrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e4bd6a-adaf-48c8-b999-53570a1abd04/1/h7QBAUh8hMdW2imJh7yGnE1H5GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e4bd6a-adaf-48c8-b999-53570a1abd04/1/73i8lpqDBzNu9ARPPf7x_hNjgrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.101.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:37:f9:24:12:70:99:a5:11:e0:43:0a:92:f4:20:d9:b0:9b:
ab:63:b8:92:bf:4b:ac:0e:e9:50:79:a9:a3:e0:e7:99:f0:d6:
66:7f:f2:88:1b:4a:d9:ed:11:5c:2d:93:9c:69:08:ea:1b:76:
b9:33:47:b9:0a:71:f7:42:a8:79:cb:a3:76:68:ed:40:ff:8c:
a3:d4:7b:2a:de:c0:71:4e:61:6c:be:70:8e:fc:76:27:2e:24:
2f:4f:28:86:cc:5b:0f:e1:88:fc:9b:a0:8a:db:75:5d:af:56:
9c:09:43:13:65:14:df:20:ed:04:4f:23:4e:bf:5d:cc:f9:a8:
7a:6f:24:62:1a:b4:ab:f1:fe:43:5e:35:10:6a:6a:08:2d:15:
02:fb:cb:d2:be:ed:89:a5:f0:d9:31:df:7e:6f:bf:ea:ea:5c:
ae:6a:22:31:1c:63:c9:b7:46:fd:df:44:e5:32:24:bb:0c:76:
96:ce:53:0f:64:5b:c5:37:65:83:8b:5c:34:66:77:a0:45:eb:
98:4f:6a:6f:d0:35:d8:cc:be:dd:11:0d:b6:07:15:78:5e:62:
1c:f2:51:d4:94:9e:0e:03:d6:c8:b4:89:91:e1:18:c2:e5:7d:
35:8b:e0:8c:dc:f5:8a:79:4a:0f:18:05:13:91:7a:e7:b9:65:
db:9e:d4:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnTw5GNVCz+DEwHVOjXTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNzhiYzk2OWE4MzA3MzM2ZWY0MDQ0ZjNkZmVmMWZlMTM2
MzgyYjMwHhcNMjMwMTAxMTM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I0MDEwMTQ4N2M4NGM3NTZkYTI5ODk4N2JjODY5YzRkNDdlNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1poKy1NMVYWvJU3cGBKJhEicpUr
3y0UnrCnv9zL6jXpAgtlQJWJWrweRf257+dKs9MiY0BCwFGpPbY+Kx8Ts6zpb82A
Cf8RNxsVUzvU47Kw1gHwZAXG6lFkoaM23l3ZG4ALP1bu/VDuk8BGqRX9C3KRXSPd
rVhWcI4nL+xU7RHYNbpyRgRHFN45ZWER85XWzcBEGk5M9Xo6LhhYMiFOnLqf5DAB
ET/7vUgio+lmIEURrs+tg6bHJANTru24ojY2xpe6ZGftPi9sSVX9cyqJAskGEtm6
NfeBURGywKsFM3BTN78jPO6xkO17Mgc+ajVtTLCBuxkLqYuXwUfFP3CMLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe0AQFIfITHVtopiYe8hpxNR+RgMB8GA1UdIwQY
MBaAFO94vJaagwczbvQETz3+8f4TY4KzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNpOGxwcURCek51OUFSUFBmN3hfaE5qZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lNGJkNmEtYWRhZi00OGM4LWI5OTkt
NTM1NzBhMWFiZDA0LzEvaDdRQkFVaDhoTWRXMmltSmg3eUduRTFINUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lNGJkNmEtYWRhZi00OGM4LWI5OTktNTM1NzBhMWFiZDA0
LzEvNzNpOGxwcURCek51OUFSUFBmN3hfaE5qZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSBlMA0G
CSqGSIb3DQEBCwUAA4IBAQCdN/kkEnCZpRHgQwqS9CDZsJurY7iSv0usDulQeamj
4OeZ8NZmf/KIG0rZ7RFcLZOcaQjqG3a5M0e5CnH3Qqh5y6N2aO1A/4yj1Hsq3sBx
TmFsvnCO/HYnLiQvTyiGzFsP4Yj8m6CK23Vdr1acCUMTZRTfIO0ETyNOv13M+ah6
byRiGrSr8f5DXjUQamoILRUC+8vSvu2JpfDZMd9+b7/q6lyuaiIxHGPJt0b930Tl
MiS7DHaWzlMPZFvFN2WDi1w0ZnegReuYT2pv0DXYzL7dEQ22BxV4XmIc8lHUlJ4O
A9bItImR4RjC5X01i+CM3PWKeUoPGAUTkXrnuWXbntRB
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:49 2024 by rpki-client on console.sobornost.net