Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/ewVz6FSz0_6BJwzqKrfq_4HbfBA.roa
File: ewVz6FSz0_6BJwzqKrfq_4HbfBA.roa (raw, json)
Hash identifier: Vh2c25RHozrxzqnH4n7/AN+Fi+VcCoLCAiuo5rvccQ4=
Subject key identifier: 7B:05:73:E8:54:B3:D3:FE:81:27:0C:EA:2A:B7:EA:FF:81:DB:7C:10
Certificate issuer: /CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Certificate serial: 01856F2FE7E65BA4F30BEC2B96D5A48D08FB
Authority key identifier: 09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/ewVz6FSz0_6BJwzqKrfq_4HbfBA.roa
Signing time: Sun 01 Jan 2023 21:14:48 +0000
ROA not before: Sun 01 Jan 2023 21:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199008
IP address blocks: 176.122.50.0/24 maxlen: 24
176.122.49.0/24 maxlen: 24
176.122.48.0/24 maxlen: 24
176.122.51.0/24 maxlen: 24
176.122.56.0/21 maxlen: 21
176.122.52.0/22 maxlen: 22
176.122.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e7:e6:5b:a4:f3:0b:ec:2b:96:d5:a4:8d:08:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Validity
Not Before: Jan 1 21:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b0573e854b3d3fe81270cea2ab7eaff81db7c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:65:ca:7f:f3:82:6a:5e:b9:92:ad:b9:ae:
45:b2:ae:0a:14:54:88:02:43:58:3d:8c:a9:07:95:
a1:95:6a:a5:37:f1:65:61:93:7d:ac:3a:77:56:02:
2f:1c:21:49:f9:a7:ee:b5:18:90:fa:a9:8b:24:a7:
80:9a:9e:50:3a:30:e1:01:ad:af:a2:b6:63:af:77:
09:df:95:5b:62:20:cd:bc:9d:7b:c6:83:5a:29:64:
c6:04:70:f8:8d:cc:c2:b8:bc:87:34:d1:f5:5d:21:
54:66:09:61:b8:3b:3f:fe:4d:cd:d9:5d:e3:a5:63:
3e:70:6d:b7:6b:f8:c1:44:03:e5:5c:a1:e8:d3:4c:
9a:63:da:93:53:30:b5:56:43:63:86:7c:53:0e:06:
e5:21:7c:bf:69:e3:50:8f:2c:93:ee:3b:83:d1:e1:
98:09:60:2c:80:b4:db:97:54:ca:48:e6:b6:2e:bf:
1e:91:7d:78:30:82:e3:dc:d3:6d:87:29:5d:51:c7:
e6:b6:6f:61:2c:29:3b:b8:49:77:6a:dd:74:ea:85:
50:1d:47:0d:38:0f:7d:18:ff:eb:89:b6:37:80:ce:
c4:7f:72:e7:d9:06:84:33:6f:36:08:82:7b:7e:95:
40:6d:9c:65:0d:45:c4:6e:ef:20:6a:f1:07:5a:b3:
8a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:05:73:E8:54:B3:D3:FE:81:27:0C:EA:2A:B7:EA:FF:81:DB:7C:10
X509v3 Authority Key Identifier:
keyid:09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/ewVz6FSz0_6BJwzqKrfq_4HbfBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.48.0/20
Signature Algorithm: sha256WithRSAEncryption
af:8a:77:d6:66:81:24:ce:53:60:33:b6:75:3a:78:3f:e5:7c:
f7:43:8c:3c:70:e6:a0:73:30:76:a4:52:c4:a3:1f:11:57:a9:
71:44:e2:d1:c8:5d:70:44:38:03:69:eb:f3:d0:d0:29:bf:8e:
95:fe:e0:45:72:76:0f:5f:e1:00:75:b5:23:46:08:d1:79:8a:
22:15:8d:a2:97:9d:29:09:94:e8:c5:22:e6:d3:61:5c:fe:35:
ea:04:dc:4b:76:4b:5a:11:26:fd:ac:fa:8e:ab:af:d1:f2:dd:
08:49:77:a2:71:8c:f8:05:8e:d4:9a:9a:af:96:21:bc:dc:8d:
62:c2:62:02:cc:a0:7e:6b:65:55:58:20:e7:a5:1d:59:05:79:
0b:5c:ae:32:dd:81:a6:b2:90:9a:7a:64:22:56:b8:33:8c:66:
11:1b:74:f0:5d:83:8b:1e:39:4c:c6:8d:ca:56:2c:cc:40:dd:
2e:1a:9f:4f:62:9d:d7:7a:99:06:be:e9:c9:32:22:3a:2f:ca:
44:8e:57:16:0e:a7:2d:f8:e3:5e:90:59:dc:dd:46:05:ed:ba:
62:f4:7f:96:7b:29:3f:2e:ed:cf:21:5d:f2:44:80:c0:b1:c9:
b7:f5:68:2b:a3:8c:13:27:2b:f0:67:d4:67:0c:3b:f6:22:18:
84:59:24:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL+fmW6TzC+wrltWkjQj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTAyMjg5MDRiOWRiZWI0NzkyYTY5NzcyN2UzNmFhZmQ4
NGQyZTkwHhcNMjMwMTAxMjExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjA1NzNlODU0YjNkM2ZlODEyNzBjZWEyYWI3ZWFmZjgxZGI3YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAdlyn/zgmpeuZKtua5Fsq4KFFSI
AkNYPYypB5WhlWqlN/FlYZN9rDp3VgIvHCFJ+afutRiQ+qmLJKeAmp5QOjDhAa2v
orZjr3cJ35VbYiDNvJ17xoNaKWTGBHD4jczCuLyHNNH1XSFUZglhuDs//k3N2V3j
pWM+cG23a/jBRAPlXKHo00yaY9qTUzC1VkNjhnxTDgblIXy/aeNQjyyT7juD0eGY
CWAsgLTbl1TKSOa2Lr8ekX14MILj3NNthyldUcfmtm9hLCk7uEl3at106oVQHUcN
OA99GP/ribY3gM7Ef3Ln2QaEM282CIJ7fpVAbZxlDUXEbu8gavEHWrOK8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsFc+hUs9P+gScM6iq36v+B23wQMB8GA1UdIwQY
MBaAFAlQIokEudvrR5Kml3J+Nqr9hNLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQt
NjI4MjFjMmMyOTlmLzEvZXdWejZGU3owXzZCSnd6cUtyZnFfNEhiZkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQtNjI4MjFjMmMyOTlm
LzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsHowMA0G
CSqGSIb3DQEBCwUAA4IBAQCvinfWZoEkzlNgM7Z1Ong/5Xz3Q4w8cOagczB2pFLE
ox8RV6lxROLRyF1wRDgDaevz0NApv46V/uBFcnYPX+EAdbUjRgjReYoiFY2il50p
CZToxSLm02Fc/jXqBNxLdktaESb9rPqOq6/R8t0ISXeicYz4BY7UmpqvliG83I1i
wmICzKB+a2VVWCDnpR1ZBXkLXK4y3YGmspCaemQiVrgzjGYRG3TwXYOLHjlMxo3K
VizMQN0uGp9PYp3XepkGvunJMiI6L8pEjlcWDqct+ONekFnc3UYF7bpi9H+Weyk/
Lu3PIV3yRIDAscm39Wgro4wTJyvwZ9RnDDv2IhiEWSQo
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:35 2024 by rpki-client on console-fra.rpki-client.org