Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/Vec7_uicXHIjz-gBGAdr4O6AuDo.roa
File: Vec7_uicXHIjz-gBGAdr4O6AuDo.roa (raw, json)
Hash identifier: ZM4DwuF9ZfT+l1V6VJGsLnYTzHNwFrXtX5rg3Q1h4Bw=
Subject key identifier: 55:E7:3B:FE:E8:9C:5C:72:23:CF:E8:01:18:07:6B:E0:EE:80:B8:3A
Certificate issuer: /CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Certificate serial: 01856F42CE4200455AC7D09CA367AAA4045A
Authority key identifier: 9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/Vec7_uicXHIjz-gBGAdr4O6AuDo.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47787
IP address blocks: 176.221.32.0/21 maxlen: 32
185.99.232.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:42:00:45:5a:c7:d0:9c:a3:67:aa:a4:04:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55e73bfee89c5c7223cfe80118076be0ee80b83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:49:d1:57:86:c5:e9:51:ff:a8:5d:b6:ab:
3e:48:3e:61:4b:43:75:d7:d3:84:05:79:8d:f5:dd:
71:b8:d0:68:39:4c:8e:fe:6a:c3:ca:5c:f7:e7:44:
14:c6:ff:f9:15:45:ce:52:18:79:1e:dc:13:1e:af:
04:f3:60:92:4c:20:66:bd:11:f0:43:e2:e3:01:27:
78:3e:1c:45:0c:3c:0a:fc:ff:ac:19:b7:41:87:42:
62:9d:09:eb:a0:62:e3:a6:16:81:15:c4:b0:e4:e2:
6e:6f:89:dc:47:91:6d:f6:2c:2f:33:9a:06:17:42:
5c:a1:3a:cc:82:c4:d1:9f:74:b6:71:5d:34:ca:ad:
05:a1:02:a3:4a:0c:82:d0:a3:ba:4d:3b:cf:22:9c:
09:85:69:d4:15:12:a5:25:6d:76:ad:eb:53:35:1e:
41:de:1e:2f:67:69:8f:d3:81:7e:56:34:95:0d:a6:
3b:ae:49:9d:d2:c4:92:a6:4a:49:e6:23:11:60:9b:
4f:39:d4:aa:58:f1:cc:7a:ab:26:58:8d:2b:21:6a:
02:49:6f:1d:4d:74:df:a4:38:8b:66:59:22:99:5a:
36:d8:6a:34:1a:a1:cc:a9:5e:65:65:b9:8d:c8:29:
ec:8c:ce:70:8f:e0:a3:21:b2:0d:b1:6d:1d:4b:c5:
c0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E7:3B:FE:E8:9C:5C:72:23:CF:E8:01:18:07:6B:E0:EE:80:B8:3A
X509v3 Authority Key Identifier:
keyid:9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/Vec7_uicXHIjz-gBGAdr4O6AuDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.32.0/21
185.99.232.0/22
Signature Algorithm: sha256WithRSAEncryption
26:09:86:64:17:6a:44:c3:fe:dd:c4:4e:85:d5:4c:5f:9a:d3:
57:37:73:61:11:07:79:a4:00:82:4f:7a:93:bd:b3:dd:31:11:
5f:ee:90:88:4b:9b:ea:e8:e9:65:1c:45:47:e6:38:39:96:5a:
5f:57:f1:41:73:c2:61:01:15:8a:b7:07:8f:9d:7e:60:a8:fc:
bb:23:80:83:74:6f:71:f5:37:0e:b8:ba:0a:6e:ec:3f:f7:93:
d4:83:60:26:4d:25:b7:a6:81:a6:7a:bc:da:88:4d:e3:72:6c:
18:a5:e8:74:50:2c:3b:63:61:ce:0d:49:d8:f9:62:7d:40:59:
8d:7f:0d:73:68:62:56:14:fa:f4:d8:48:3c:e8:10:9b:b4:69:
5c:06:8a:b5:f9:05:4d:70:a9:20:ca:93:35:56:1c:66:dc:4e:
8c:44:14:1e:e3:de:40:d0:8b:93:d9:72:e3:d8:ba:e0:de:2c:
51:b3:e2:ec:b6:9d:ec:a8:a5:a6:46:38:e7:83:c5:1f:77:24:
f6:ad:f6:b5:93:cf:72:b7:51:04:d8:44:12:1a:86:83:3b:6f:
a9:ee:f7:1a:88:1b:a2:a1:e6:1d:66:33:56:bb:5d:20:d4:e6:
8b:3d:61:30:7c:b0:f0:b3:84:35:4d:59:ce:ae:3d:61:af:ab:
9d:c0:f3:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQs5CAEVax9Cco2eqpARaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGVkZjQ3ODIyYWVlMjdkYTI4ZDM0ZGFiMWZlN2EzYzYw
YTZhYWEwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU3M2JmZWU4OWM1YzcyMjNjZmU4MDExODA3NmJlMGVlODBiODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/5J0VeGxelR/6hdtqs+SD5hS0N1
19OEBXmN9d1xuNBoOUyO/mrDylz350QUxv/5FUXOUhh5HtwTHq8E82CSTCBmvRHw
Q+LjASd4PhxFDDwK/P+sGbdBh0JinQnroGLjphaBFcSw5OJub4ncR5Ft9iwvM5oG
F0JcoTrMgsTRn3S2cV00yq0FoQKjSgyC0KO6TTvPIpwJhWnUFRKlJW12retTNR5B
3h4vZ2mP04F+VjSVDaY7rkmd0sSSpkpJ5iMRYJtPOdSqWPHMeqsmWI0rIWoCSW8d
TXTfpDiLZlkimVo22Go0GqHMqV5lZbmNyCnsjM5wj+CjIbINsW0dS8XAZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFXnO/7onFxyI8/oARgHa+DugLg6MB8GA1UdIwQY
MBaAFJ7e30eCKu4n2ijTTasf56PGCmqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUt
ZDczOTkyOTIwMTlhLzEvVmVjN191aWNYSElqei1nQkdBZHI0TzZBdURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUtZDczOTkyOTIwMTlh
LzEvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsN0gAwQC
uWPoMA0GCSqGSIb3DQEBCwUAA4IBAQAmCYZkF2pEw/7dxE6F1UxfmtNXN3NhEQd5
pACCT3qTvbPdMRFf7pCIS5vq6OllHEVH5jg5llpfV/FBc8JhARWKtwePnX5gqPy7
I4CDdG9x9TcOuLoKbuw/95PUg2AmTSW3poGmerzaiE3jcmwYpeh0UCw7Y2HODUnY
+WJ9QFmNfw1zaGJWFPr02Eg86BCbtGlcBoq1+QVNcKkgypM1Vhxm3E6MRBQe495A
0IuT2XLj2Lrg3ixRs+Lstp3sqKWmRjjng8UfdyT2rfa1k89yt1EE2EQSGoaDO2+p
7vcaiBuioeYdZjNWu10g1OaLPWEwfLDws4Q1TVnOrj1hr6udwPMT
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:22 2024 by rpki-client on console-ams.rpki-client.org