Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PMw0JQsodcozM9DsNgxtF9JPgd4.roa
File: PMw0JQsodcozM9DsNgxtF9JPgd4.roa (raw, json)
Hash identifier: otRqlSqgtjDEDpKRXC0Zd7d/Qkrfyj/Z2Cjj5M0A7NA=
Subject key identifier: 3C:CC:34:25:0B:28:75:CA:33:33:D0:EC:36:0C:6D:17:D2:4F:81:DE
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01867514A21FEAEB644E863C2CD315350B98
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PMw0JQsodcozM9DsNgxtF9JPgd4.roa
Signing time: Tue 21 Feb 2023 17:45:31 +0000
ROA not before: Tue 21 Feb 2023 17:45:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150752
IP address blocks: 14.102.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:14:a2:1f:ea:eb:64:4e:86:3c:2c:d3:15:35:0b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 21 17:45:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ccc34250b2875ca3333d0ec360c6d17d24f81de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5d:fc:f5:c5:e2:ca:97:5c:6c:eb:e8:41:37:
fb:8f:61:1a:c9:6b:26:e2:76:f8:6f:08:a5:f3:65:
c8:eb:8d:8d:7a:4b:b9:39:4a:7a:2e:a8:34:d1:d2:
5b:4c:3f:ae:43:b1:50:fb:ae:0f:e8:71:8c:88:a1:
33:3b:b0:dc:9e:b0:5f:40:90:a7:a1:a8:ea:45:4b:
7f:f8:e3:0e:d2:d4:40:83:8e:e9:6d:62:10:b4:50:
31:ea:41:e1:e2:70:ab:e3:da:7e:b3:2f:fa:e6:af:
24:b4:f9:90:e6:b2:bb:92:06:6a:59:94:33:ce:4b:
04:68:8d:9e:79:d4:17:dc:93:83:be:d8:4e:08:a1:
b5:c1:35:37:62:c5:86:46:f5:e5:57:c4:93:d3:37:
4b:56:75:44:7f:1a:e7:6e:1f:19:5a:f0:90:7f:03:
18:1d:76:52:b4:db:20:45:6c:48:05:df:b4:58:56:
77:35:f5:af:29:e8:86:72:56:cb:49:91:20:8b:f8:
ca:a0:f4:9c:ac:f8:0d:23:c9:80:07:3d:d5:09:57:
b2:fa:80:4e:20:2a:f7:32:fd:86:ce:67:a7:c6:1c:
a5:e7:d9:53:0c:1e:e5:17:c6:fb:de:6e:b6:3d:45:
d5:a5:52:f2:ca:f8:01:af:fd:78:c5:9b:89:c9:c1:
cf:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CC:34:25:0B:28:75:CA:33:33:D0:EC:36:0C:6D:17:D2:4F:81:DE
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PMw0JQsodcozM9DsNgxtF9JPgd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:13:2e:6a:c3:8f:4e:24:11:c5:b3:98:0a:dc:21:88:53:cc:
f6:05:cd:24:20:1c:c7:5c:ea:00:91:72:dd:8f:2d:93:48:7a:
8a:4f:4b:be:bc:bc:d4:e5:27:ac:dd:17:f0:0c:6b:54:62:9d:
9b:f9:88:66:83:c6:f5:14:c1:2d:90:c3:b5:1c:d7:c5:18:90:
49:7a:86:a7:94:a1:9e:23:e6:2c:56:9e:69:73:bf:05:7e:d8:
2c:a6:ce:9e:99:d8:b8:28:4d:92:fe:20:76:64:49:70:af:1f:
83:f9:55:07:91:e7:a8:fe:24:b8:0d:a1:3f:bb:ca:a9:92:0b:
da:93:bb:ac:ba:70:30:3b:09:65:4e:d2:1e:91:73:ad:c9:38:
df:6e:0f:8b:95:67:9d:f5:1a:89:60:b8:1a:51:4a:78:41:03:
88:33:3e:e2:27:52:45:47:db:36:b0:ae:e7:93:5c:a3:d3:6c:
5e:e7:1c:6c:04:d4:97:cc:eb:6e:ab:23:8b:ba:49:5b:07:ad:
51:79:a9:8e:b8:ee:d2:bd:d4:d9:14:9c:d2:c8:e9:96:c9:54:
f8:3d:a3:9a:97:3e:88:f4:57:40:2e:6e:13:f4:bf:0e:ba:e0:
1f:93:1a:3a:66:1d:48:84:d2:0a:17:67:5a:08:f1:c1:fa:9a:
e4:39:29:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ1FKIf6utkToY8LNMVNQuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMjIxMTc0NTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NjMzQyNTBiMjg3NWNhMzMzM2QwZWMzNjBjNmQxN2QyNGY4MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1389cXiypdcbOvoQTf7j2EayWsm
4nb4bwil82XI642Neku5OUp6Lqg00dJbTD+uQ7FQ+64P6HGMiKEzO7DcnrBfQJCn
oajqRUt/+OMO0tRAg47pbWIQtFAx6kHh4nCr49p+sy/65q8ktPmQ5rK7kgZqWZQz
zksEaI2eedQX3JODvthOCKG1wTU3YsWGRvXlV8ST0zdLVnVEfxrnbh8ZWvCQfwMY
HXZStNsgRWxIBd+0WFZ3NfWvKeiGclbLSZEgi/jKoPScrPgNI8mABz3VCVey+oBO
ICr3Mv2Gzmenxhyl59lTDB7lF8b73m62PUXVpVLyyvgBr/14xZuJycHPFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzMNCULKHXKMzPQ7DYMbRfST4HeMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvUE13MEpRc29kY296TTlEc05neHRGOUpQZ2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbhMA0G
CSqGSIb3DQEBCwUAA4IBAQB/Ey5qw49OJBHFs5gK3CGIU8z2Bc0kIBzHXOoAkXLd
jy2TSHqKT0u+vLzU5Ses3RfwDGtUYp2b+Yhmg8b1FMEtkMO1HNfFGJBJeoanlKGe
I+YsVp5pc78Fftgsps6emdi4KE2S/iB2ZElwrx+D+VUHkeeo/iS4DaE/u8qpkgva
k7usunAwOwllTtIekXOtyTjfbg+LlWed9RqJYLgaUUp4QQOIMz7iJ1JFR9s2sK7n
k1yj02xe5xxsBNSXzOtuqyOLuklbB61ReamOuO7SvdTZFJzSyOmWyVT4PaOalz6I
9FdALm4T9L8OuuAfkxo6Zh1IhNIKF2daCPHB+prkOSmt
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net