Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kAPrEaHmKFYZWA4dmAS2XKgqm60.roa
File: kAPrEaHmKFYZWA4dmAS2XKgqm60.roa (raw, json)
Hash identifier: N6R0eymjqbIz2swodiFzY52tfZ6xQJup2avYqsR94K8=
Subject key identifier: 90:03:EB:11:A1:E6:28:56:19:58:0E:1D:98:04:B6:5C:A8:2A:9B:AD
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FD63D92A1C23BF80ACC666DFB23E0
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kAPrEaHmKFYZWA4dmAS2XKgqm60.roa
Signing time: Mon 02 Jan 2023 17:38:04 +0000
ROA not before: Mon 02 Jan 2023 17:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7759
IP address blocks: 77.83.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d6:3d:92:a1:c2:3b:f8:0a:cc:66:6d:fb:23:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9003eb11a1e6285619580e1d9804b65ca82a9bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:81:30:8c:1b:fd:1b:5c:bd:d8:24:bf:07:c0:
72:ab:23:41:89:35:1d:39:39:ff:a7:ea:ec:93:42:
5a:d5:15:fc:81:24:96:55:39:9c:7e:97:c3:83:e7:
6c:f3:9d:a8:ed:35:7a:49:60:de:6d:21:21:94:b1:
a1:a0:e7:4c:f0:d1:be:4c:69:f1:f9:c8:8d:ad:82:
4b:2c:40:9a:55:48:1f:9f:bd:46:a2:dd:65:4c:7c:
31:9c:76:0b:d6:e6:9a:e0:f4:28:93:15:82:65:72:
7d:67:8a:d5:e1:1c:16:91:33:82:c6:9d:13:1c:55:
ad:99:a3:46:ef:13:ba:f9:f9:90:32:74:1b:1f:7c:
47:60:c2:45:1f:1b:9a:0b:7e:b2:83:82:27:0a:34:
38:90:44:a7:20:07:bd:b1:6a:11:59:a9:34:29:43:
ad:99:a3:2f:4a:93:c2:b1:6e:03:1e:2c:78:66:f1:
1d:6e:c0:eb:39:c7:26:9d:82:16:23:b4:34:88:62:
9b:8f:09:d6:1b:b9:bf:57:50:8a:36:34:11:30:c8:
a7:96:6e:62:f0:4a:53:ab:12:22:67:e8:07:01:96:
4e:74:e6:44:06:c5:95:f5:ab:bc:0f:aa:0d:56:f9:
30:67:cf:d8:2d:3f:e9:90:96:d2:5a:67:08:45:42:
f7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:03:EB:11:A1:E6:28:56:19:58:0E:1D:98:04:B6:5C:A8:2A:9B:AD
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kAPrEaHmKFYZWA4dmAS2XKgqm60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.240.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:be:d8:1b:51:c9:10:a0:09:25:3d:67:3f:9c:e3:e4:a3:db:
3a:19:88:cc:5f:cc:1c:1b:6f:97:7e:f2:57:79:df:53:2c:64:
53:07:76:af:ec:a4:55:ac:f4:69:63:96:bc:8b:70:72:a8:3c:
78:42:50:6c:03:e0:07:20:82:4e:34:d2:a0:21:da:b7:48:f3:
1e:18:9d:70:7a:64:3c:35:2e:51:3d:3a:6c:71:7a:f5:e8:4e:
09:b1:f5:cd:f4:bb:b6:3a:cd:65:78:61:0e:c8:e7:46:ee:3b:
74:3a:1c:9b:68:c3:3e:64:91:b9:7a:bc:36:63:09:60:b6:1b:
b3:11:3c:6b:92:55:75:5c:23:b4:f7:1f:e2:f3:d0:f7:fb:e1:
5f:98:9d:1b:e5:29:e0:2c:a5:23:eb:dc:c0:d0:a2:97:9f:7a:
22:6a:ac:46:a2:2f:52:40:f3:4d:a5:00:de:4d:e6:9b:07:ff:
ac:83:b8:76:b9:bd:aa:42:a7:77:54:63:6a:57:ac:2b:a7:e1:
2a:8f:cc:7a:0c:f0:29:d9:2f:9a:a4:41:50:b2:cd:1e:a1:63:
a5:97:15:2e:7f:91:f2:5d:9c:9e:92:5a:d6:59:ed:a7:94:bb:
f6:da:b6:d6:55:98:73:bd:91:11:ec:fe:a2:db:22:ee:e8:77:
b1:af:d7:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj9Y9kqHCO/gKzGZt+yPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDAzZWIxMWExZTYyODU2MTk1ODBlMWQ5ODA0YjY1Y2E4MmE5YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4EwjBv9G1y92CS/B8ByqyNBiTUd
OTn/p+rsk0Ja1RX8gSSWVTmcfpfDg+ds852o7TV6SWDebSEhlLGhoOdM8NG+TGnx
+ciNrYJLLECaVUgfn71Got1lTHwxnHYL1uaa4PQokxWCZXJ9Z4rV4RwWkTOCxp0T
HFWtmaNG7xO6+fmQMnQbH3xHYMJFHxuaC36yg4InCjQ4kESnIAe9sWoRWak0KUOt
maMvSpPCsW4DHix4ZvEdbsDrOccmnYIWI7Q0iGKbjwnWG7m/V1CKNjQRMMinlm5i
8EpTqxIiZ+gHAZZOdOZEBsWV9au8D6oNVvkwZ8/YLT/pkJbSWmcIRUL3tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAD6xGh5ihWGVgOHZgEtlyoKputMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEva0FQckVhSG1LRllaV0E0ZG1BUzJYS2dxbTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVPwMA0G
CSqGSIb3DQEBCwUAA4IBAQAbvtgbUckQoAklPWc/nOPko9s6GYjMX8wcG2+XfvJX
ed9TLGRTB3av7KRVrPRpY5a8i3ByqDx4QlBsA+AHIIJONNKgIdq3SPMeGJ1wemQ8
NS5RPTpscXr16E4JsfXN9Lu2Os1leGEOyOdG7jt0OhybaMM+ZJG5erw2Ywlgthuz
ETxrklV1XCO09x/i89D3++FfmJ0b5SngLKUj69zA0KKXn3oiaqxGoi9SQPNNpQDe
TeabB/+sg7h2ub2qQqd3VGNqV6wrp+Eqj8x6DPAp2S+apEFQss0eoWOllxUuf5Hy
XZyeklrWWe2nlLv22rbWVZhzvZER7P6i2yLu6Hexr9ex
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org