Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/77ePEnZrnFYrUaxYijAYguDHkzs.roa
File: 77ePEnZrnFYrUaxYijAYguDHkzs.roa (raw, json)
Hash identifier: T4tLr/Lxy6ZVmQHqgp17j8hvtxUoRcJEzY+yh/KijBY=
Subject key identifier: EF:B7:8F:12:76:6B:9C:56:2B:51:AC:58:8A:30:18:82:E0:C7:93:3B
Certificate issuer: /CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Certificate serial: 01856F42CEB8DB19B7F1DB2F6974061EF4FC
Authority key identifier: 9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/77ePEnZrnFYrUaxYijAYguDHkzs.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208277
IP address blocks: 176.221.32.0/21 maxlen: 32
185.99.232.0/22 maxlen: 32
2a03:9c80:8000::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:b8:db:19:b7:f1:db:2f:69:74:06:1e:f4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efb78f12766b9c562b51ac588a301882e0c7933b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:83:b1:b7:dd:56:df:ba:94:eb:6a:5f:cb:
d6:c1:1b:69:e0:30:9d:ac:d0:59:a4:30:6c:10:67:
40:6b:3d:ad:33:ca:f2:42:e2:3c:18:ec:3b:2a:1d:
fc:f0:97:da:6b:1a:4e:27:d8:51:64:bd:5c:1c:f6:
64:6d:c8:b2:4e:89:7c:0d:92:10:0c:b6:64:d5:3a:
50:6d:18:f4:46:be:f8:6d:03:25:3a:10:47:59:97:
91:b7:82:1d:6c:e3:55:2a:ec:55:15:27:38:d2:b5:
8e:f5:ba:57:82:ac:d2:ff:1e:3f:35:0d:ef:38:e4:
14:e6:0f:a8:1f:ad:ed:28:32:2a:8f:24:70:d6:5a:
49:fb:bb:f3:7b:47:41:ec:8d:52:0e:86:e3:ab:42:
0c:67:29:d1:7a:39:6e:18:be:d3:d1:37:2e:fb:6c:
f0:bf:0f:8b:c3:0c:65:0a:cd:58:d2:8c:56:9d:39:
e4:a5:1e:51:6e:8d:4b:8d:f2:49:c0:9e:17:48:9e:
26:f2:07:b7:ab:9e:96:68:e9:49:20:3b:9f:f7:4b:
b0:34:49:23:59:12:0b:bc:40:10:a8:95:9a:cf:25:
67:86:40:ed:f8:bc:0d:7d:79:67:ae:04:d3:90:e9:
11:c6:72:9b:06:68:a1:a5:e9:7f:69:c8:59:a2:77:
95:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B7:8F:12:76:6B:9C:56:2B:51:AC:58:8A:30:18:82:E0:C7:93:3B
X509v3 Authority Key Identifier:
keyid:9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/77ePEnZrnFYrUaxYijAYguDHkzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.32.0/21
185.99.232.0/22
IPv6:
2a03:9c80:8000::/34
Signature Algorithm: sha256WithRSAEncryption
56:b8:ea:c8:77:bb:94:47:e3:f0:74:0a:98:b7:33:4f:15:30:
21:54:36:08:5d:c8:f1:76:ed:08:26:db:e8:af:13:6b:35:fd:
64:a8:62:73:20:ad:3b:6b:21:53:23:d9:97:c4:5a:c9:0f:3d:
9b:6a:5e:6a:3d:87:37:04:1f:53:d7:b3:cc:96:a8:1e:d5:d2:
11:ac:ad:7b:e4:ab:64:49:4f:0a:79:2b:cf:01:17:ca:f8:5a:
c8:bb:56:d5:4a:20:0c:38:52:0e:58:ca:cc:f4:b1:ed:43:9d:
df:4f:f2:02:16:e9:1c:f6:85:02:a5:bc:a3:33:9f:bb:14:0f:
07:d0:4f:27:74:22:56:7a:8e:f4:93:16:45:ec:4d:d0:da:fb:
e4:ed:74:c7:5e:2e:d8:52:b0:2f:6a:96:70:c5:4f:19:aa:16:
4b:de:43:29:f8:b5:d9:cf:45:75:37:c8:96:92:74:03:87:4f:
c5:19:70:b7:cf:b4:16:01:5b:14:e7:1c:76:0e:fb:ae:53:70:
b0:d9:1a:65:75:95:a8:79:f1:26:53:ff:d4:9f:3f:65:1f:41:
d1:1a:99:fe:fa:15:0e:ee:1d:fa:ff:4c:0c:8b:fb:5e:3d:34:
ca:ee:63:7d:87:1e:18:ea:01:03:38:46:db:61:2e:e5:65:59:
0a:d9:a0:5c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVvQs642xm38dsvaXQGHvT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGVkZjQ3ODIyYWVlMjdkYTI4ZDM0ZGFiMWZlN2EzYzYw
YTZhYWEwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmI3OGYxMjc2NmI5YzU2MmI1MWFjNTg4YTMwMTg4MmUwYzc5MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7iDsbfdVt+6lOtqX8vWwRtp4DCd
rNBZpDBsEGdAaz2tM8ryQuI8GOw7Kh388JfaaxpOJ9hRZL1cHPZkbciyTol8DZIQ
DLZk1TpQbRj0Rr74bQMlOhBHWZeRt4IdbONVKuxVFSc40rWO9bpXgqzS/x4/NQ3v
OOQU5g+oH63tKDIqjyRw1lpJ+7vze0dB7I1SDobjq0IMZynRejluGL7T0Tcu+2zw
vw+LwwxlCs1Y0oxWnTnkpR5Rbo1LjfJJwJ4XSJ4m8ge3q56WaOlJIDuf90uwNEkj
WRILvEAQqJWazyVnhkDt+LwNfXlnrgTTkOkRxnKbBmihpel/achZoneVnwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFO+3jxJ2a5xWK1GsWIowGILgx5M7MB8GA1UdIwQY
MBaAFJ7e30eCKu4n2ijTTasf56PGCmqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUt
ZDczOTkyOTIwMTlhLzEvNzdlUEVuWnJuRllyVWF4WWlqQVlndURIa3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUtZDczOTkyOTIwMTlh
LzEvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDsN0gAwQC
uWPoMA4EAgACMAgDBgYqA5yAgDANBgkqhkiG9w0BAQsFAAOCAQEAVrjqyHe7lEfj
8HQKmLczTxUwIVQ2CF3I8XbtCCbb6K8TazX9ZKhicyCtO2shUyPZl8RayQ89m2pe
aj2HNwQfU9ezzJaoHtXSEayte+SrZElPCnkrzwEXyvhayLtW1UogDDhSDljKzPSx
7UOd30/yAhbpHPaFAqW8ozOfuxQPB9BPJ3QiVnqO9JMWRexN0Nr75O10x14u2FKw
L2qWcMVPGaoWS95DKfi12c9FdTfIlpJ0A4dPxRlwt8+0FgFbFOccdg77rlNwsNka
ZXWVqHnxJlP/1J8/ZR9B0RqZ/voVDu4d+v9MDIv7Xj00yu5jfYceGOoBAzhG22Eu
5WVZCtmgXA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:22 2024 by rpki-client on console-ams.rpki-client.org