Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/It01UNOZcyWg_69newej2PY0q1Y.roa
File: It01UNOZcyWg_69newej2PY0q1Y.roa (raw, json)
Hash identifier: yal5imfNgW2H6z4lU3IWhm1rE+a7ziTDta8+EQK2SqM=
Subject key identifier: 22:DD:35:50:D3:99:73:25:A0:FF:AF:67:7B:07:A3:D8:F6:34:AB:56
Certificate issuer: /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial: 01856DAF54C420AE77F0F259E21F3DD6DB8E
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/It01UNOZcyWg_69newej2PY0q1Y.roa
Signing time: Sun 01 Jan 2023 14:14:45 +0000
ROA not before: Sun 01 Jan 2023 14:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209752
IP address blocks: 77.69.248.0/24 maxlen: 24
2001:1a40:10::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:54:c4:20:ae:77:f0:f2:59:e2:1f:3d:d6:db:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Validity
Not Before: Jan 1 14:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22dd3550d3997325a0ffaf677b07a3d8f634ab56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6d:34:80:a5:87:7e:2b:a1:c4:7e:11:ef:9b:
65:6d:ac:df:36:d5:7b:60:6f:38:60:b1:d2:91:ad:
e5:9c:22:44:8a:dc:47:a7:a1:ae:41:bc:71:eb:9a:
08:fc:79:aa:9b:e6:7f:15:24:26:39:ad:c2:6f:ed:
e8:38:9a:4e:8c:ce:f8:26:87:f2:1b:0c:4b:cb:5c:
53:b0:ee:d5:01:eb:e6:5a:5f:78:7d:a6:8f:37:1d:
99:e4:e6:20:07:be:c4:24:83:d2:89:76:0e:49:c2:
ab:ea:c6:6c:09:9e:7b:7e:68:1b:d2:24:6b:b3:ec:
6b:59:57:a4:67:ea:b5:02:e4:92:71:31:75:1d:35:
28:46:fc:9c:d9:64:d0:2b:fb:be:8b:7e:5b:8a:2f:
97:0c:30:50:4b:8b:de:c0:79:60:e1:25:34:2a:9c:
97:50:14:53:09:37:d5:48:4c:8e:ad:11:50:d9:ac:
30:73:7e:d5:d9:10:64:26:73:15:ab:d6:71:b8:6e:
d1:1c:d1:49:3f:54:5b:65:39:b5:c8:ba:fd:a4:67:
ac:cf:48:6c:d2:db:89:f8:d8:6e:95:a6:85:ff:9d:
8c:0a:3b:65:2e:8f:06:79:85:a1:49:5c:d0:39:fb:
50:0f:04:69:10:fd:75:46:bc:c9:40:78:c1:4d:bd:
c0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DD:35:50:D3:99:73:25:A0:FF:AF:67:7B:07:A3:D8:F6:34:AB:56
X509v3 Authority Key Identifier:
keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/It01UNOZcyWg_69newej2PY0q1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.69.248.0/24
IPv6:
2001:1a40:10::/64
Signature Algorithm: sha256WithRSAEncryption
82:15:79:c3:74:2e:58:51:f0:8e:a9:a6:59:09:ca:cc:c1:c8:
60:de:84:4c:d8:ff:04:05:d4:64:25:02:2f:29:79:9a:d0:be:
15:45:6c:51:dc:64:2d:07:4c:38:6a:8a:3a:2d:4f:72:3a:92:
95:a5:2a:c6:23:e6:cf:b9:cd:37:f2:79:af:59:5c:d1:69:db:
2c:95:23:c5:bb:27:43:77:eb:83:2b:83:73:d9:e6:21:7b:61:
e7:dc:95:73:ff:1b:8e:bf:2f:8b:52:7a:a2:47:18:d2:90:4e:
50:f4:6d:1c:46:9a:26:96:e9:f2:18:af:ea:b4:17:42:7d:2d:
51:94:8c:ee:5f:c7:4e:ad:3c:f1:42:00:64:8f:7a:e3:74:aa:
1e:fa:0f:df:ff:b2:c1:05:b5:a5:9a:a5:40:6a:e1:ec:af:92:
4b:48:40:3e:c7:b5:b3:65:4c:bd:df:bb:61:5e:41:61:d7:81:
6b:95:1a:23:f2:41:eb:d1:3b:63:74:7f:54:92:6e:d0:d4:9f:
44:cf:1a:d6:42:4e:90:67:f4:55:59:c6:cf:46:84:7b:c5:42:
34:26:91:45:9c:b2:66:7a:a5:14:f7:52:ef:b9:0f:a8:cd:19:
56:22:5f:00:4c:36:c6:66:b8:cf:9c:a0:77:99:64:cd:4c:ab:
43:29:a1:a3
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVtr1TEIK538PJZ4h891tuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmJjZDQwYzY3NzQ2NzdkMmMzNzAyZWY1OWVkZjQ5ZDBi
MzZjNmMwHhcNMjMwMTAxMTQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmRkMzU1MGQzOTk3MzI1YTBmZmFmNjc3YjA3YTNkOGY2MzRhYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm200gKWHfiuhxH4R75tlbazfNtV7
YG84YLHSka3lnCJEitxHp6GuQbxx65oI/Hmqm+Z/FSQmOa3Cb+3oOJpOjM74Jofy
GwxLy1xTsO7VAevmWl94faaPNx2Z5OYgB77EJIPSiXYOScKr6sZsCZ57fmgb0iRr
s+xrWVekZ+q1AuSScTF1HTUoRvyc2WTQK/u+i35bii+XDDBQS4vewHlg4SU0KpyX
UBRTCTfVSEyOrRFQ2awwc37V2RBkJnMVq9ZxuG7RHNFJP1RbZTm1yLr9pGesz0hs
0tuJ+NhulaaF/52MCjtlLo8GeYWhSVzQOftQDwRpEP11RrzJQHjBTb3AawIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFCLdNVDTmXMloP+vZ3sHo9j2NKtWMB8GA1UdIwQY
MBaAFOMrzUDGd0Z30sNwLvWe30nQs2xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEt
MDc0MDExNWI1YTUyLzEvSXQwMVVOT1pjeVdnXzY5bmV3ZWoyUFkwcTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEtMDc0MDExNWI1YTUy
LzEvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQATUX4MBEE
AgACMAsDCQAgARpAABAAADANBgkqhkiG9w0BAQsFAAOCAQEAghV5w3QuWFHwjqmm
WQnKzMHIYN6ETNj/BAXUZCUCLyl5mtC+FUVsUdxkLQdMOGqKOi1PcjqSlaUqxiPm
z7nNN/J5r1lc0WnbLJUjxbsnQ3frgyuDc9nmIXth59yVc/8bjr8vi1J6okcY0pBO
UPRtHEaaJpbp8hiv6rQXQn0tUZSM7l/HTq088UIAZI9643SqHvoP3/+ywQW1pZql
QGrh7K+SS0hAPse1s2VMvd+7YV5BYdeBa5UaI/JB69E7Y3R/VJJu0NSfRM8a1kJO
kGf0VVnGz0aEe8VCNCaRRZyyZnqlFPdS77kPqM0ZViJfAEw2xma4z5ygd5lkzUyr
Qymhow==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:13 2024 by rpki-client on console-ams.rpki-client.org