Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dbDdZlOfq1J7vihqqON0-apSdOs.roa
File: dbDdZlOfq1J7vihqqON0-apSdOs.roa (raw, json)
Hash identifier: 5oIkHGBTt1Z6IQZzq7222TfuXUi0fvzWGgTQ96scJ1Q=
Subject key identifier: 75:B0:DD:66:53:9F:AB:52:7B:BE:28:6A:A8:E3:74:F9:AA:52:74:EB
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018919DEB4DF6E64FBF72AF623096B369A0D
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dbDdZlOfq1J7vihqqON0-apSdOs.roa
Signing time: Mon 03 Jul 2023 03:49:32 +0000
ROA not before: Mon 03 Jul 2023 03:49:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 14.102.228.0/22 maxlen: 24
14.102.237.0/24 maxlen: 24
14.102.238.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:19:de:b4:df:6e:64:fb:f7:2a:f6:23:09:6b:36:9a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 3 03:49:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b0dd66539fab527bbe286aa8e374f9aa5274eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cb:54:09:62:13:cb:e2:8e:94:49:32:52:2b:
f4:9b:8e:68:12:c4:ed:c1:3f:18:6b:25:3b:61:25:
ca:2e:c6:b1:f8:4f:f5:30:28:c0:07:16:89:ef:62:
20:17:25:26:68:b2:32:9f:cc:34:de:63:be:3e:67:
09:0d:ca:79:e4:e7:d1:4c:77:40:61:d4:6f:17:aa:
2f:3b:e2:71:46:93:8d:73:b1:37:6d:1f:9c:3f:fd:
d6:3c:60:e2:0d:1a:0c:f0:a9:f5:bf:2c:f5:88:70:
1b:28:73:c6:56:15:e8:43:bd:1b:89:ad:3b:76:8a:
58:8a:cc:6f:9b:93:e0:33:2c:64:80:36:56:e3:ac:
50:c2:2d:4e:db:50:8c:57:dd:8d:08:ed:4a:fe:6d:
ca:96:92:31:b3:db:0a:5b:e7:53:94:ef:5a:1b:da:
4f:c1:9c:0e:da:2e:9d:30:60:c9:f2:af:dc:6e:2e:
4b:17:b7:d1:8f:73:7d:35:79:1e:02:3c:a4:d3:f9:
f8:b8:0f:82:ba:98:5b:75:9d:41:34:0f:03:24:43:
7b:a5:8f:7c:4d:54:da:2b:71:50:2f:44:0d:94:3b:
53:1c:7b:dd:e1:8e:59:3a:e8:6a:70:0c:87:b8:b5:
7a:49:bc:46:e1:ca:7b:e8:39:18:8a:f2:e2:eb:c8:
0b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B0:DD:66:53:9F:AB:52:7B:BE:28:6A:A8:E3:74:F9:AA:52:74:EB
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/dbDdZlOfq1J7vihqqON0-apSdOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.228.0/22
14.102.234.0/24
14.102.237.0-14.102.238.255
Signature Algorithm: sha256WithRSAEncryption
6c:72:3b:a3:b8:38:83:d2:e7:65:2f:c0:bd:c9:0e:c8:55:49:
4c:f7:fc:f2:83:07:b8:8d:f5:17:5a:73:8e:51:eb:16:de:22:
c4:d7:e5:6c:2f:93:cc:3b:b0:c3:f1:f0:a9:0e:b7:77:97:56:
2e:5c:eb:44:71:73:fe:e1:f0:d2:a3:9d:66:6e:3c:a9:7d:ed:
6d:71:fb:6e:00:d4:9d:5f:6b:e7:1f:2a:fc:e8:cb:58:9d:9b:
66:65:8e:b8:c8:fa:f9:22:77:0f:42:82:a9:dc:a6:f0:cc:97:
32:71:b5:51:d4:d3:3b:93:3b:a6:b8:d6:24:b3:54:d3:91:cc:
03:92:69:51:91:0b:3c:d0:ac:16:26:ab:00:c9:22:97:6d:7c:
d3:fb:b1:c9:17:19:24:07:af:6c:da:55:35:82:86:45:8e:55:
2d:41:d2:29:5a:1d:66:d0:3e:0b:2b:d7:06:07:99:32:ab:fb:
b2:cf:3f:90:57:98:e0:aa:ab:ee:0a:0b:3d:82:5a:0d:0e:35:
15:75:61:df:53:a4:86:23:13:d2:55:1c:1b:78:cf:fb:1c:74:
bd:14:3c:5c:23:64:16:1b:04:9b:a4:0a:fa:c5:e8:00:22:05:
cf:25:b0:4d:e9:e8:5a:91:4d:c0:90:38:db:13:22:10:4f:33:
5e:09:0d:09
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYkZ3rTfbmT79yr2IwlrNpoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNzAzMDM0OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIwZGQ2NjUzOWZhYjUyN2JiZTI4NmFhOGUzNzRmOWFhNTI3NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ctUCWITy+KOlEkyUiv0m45oEsTt
wT8YayU7YSXKLsax+E/1MCjABxaJ72IgFyUmaLIyn8w03mO+PmcJDcp55OfRTHdA
YdRvF6ovO+JxRpONc7E3bR+cP/3WPGDiDRoM8Kn1vyz1iHAbKHPGVhXoQ70bia07
dopYisxvm5PgMyxkgDZW46xQwi1O21CMV92NCO1K/m3KlpIxs9sKW+dTlO9aG9pP
wZwO2i6dMGDJ8q/cbi5LF7fRj3N9NXkeAjyk0/n4uA+CuphbdZ1BNA8DJEN7pY98
TVTaK3FQL0QNlDtTHHvd4Y5ZOuhqcAyHuLV6SbxG4cp76DkYivLi68gLLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHWw3WZTn6tSe74oaqjjdPmqUnTrMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZGJEZFpsT2ZxMUo3dmlocXFPTjAtYXBTZE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCDmbkAwQA
DmbqMAwDBAAOZu0DBAAOZu4wDQYJKoZIhvcNAQELBQADggEBAGxyO6O4OIPS52Uv
wL3JDshVSUz3/PKDB7iN9Rdac45R6xbeIsTX5Wwvk8w7sMPx8KkOt3eXVi5c60Rx
c/7h8NKjnWZuPKl97W1x+24A1J1fa+cfKvzoy1idm2ZljrjI+vkidw9CgqncpvDM
lzJxtVHU0zuTO6a41iSzVNORzAOSaVGRCzzQrBYmqwDJIpdtfNP7sckXGSQHr2za
VTWChkWOVS1B0ilaHWbQPgsr1wYHmTKr+7LPP5BXmOCqq+4KCz2CWg0ONRV1Yd9T
pIYjE9JVHBt4z/scdL0UPFwjZBYbBJukCvrF6AAiBc8lsE3p6FqRTcCQONsTIhBP
M14JDQk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net