Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/7Y7lbXXnRgppmMOFJFRqX7c69M8.roa
File: 7Y7lbXXnRgppmMOFJFRqX7c69M8.roa (raw, json)
Hash identifier: fhz5piK37HJ7HTRofxjruTv0b/Rp8zULfQfct3ojHng=
Subject key identifier: ED:8E:E5:6D:75:E7:46:0A:69:98:C3:85:24:54:6A:5F:B7:3A:F4:CF
Certificate issuer: /CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Certificate serial: 01856C78043C36C7D3B2C4227F62825F1DCB
Authority key identifier: 03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/7Y7lbXXnRgppmMOFJFRqX7c69M8.roa
Signing time: Sun 01 Jan 2023 08:34:42 +0000
ROA not before: Sun 01 Jan 2023 08:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 185.115.205.0/24 maxlen: 24
176.118.193.0/24 maxlen: 24
2a0c:a300::/29 maxlen: 29
2a12:ea80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:04:3c:36:c7:d3:b2:c4:22:7f:62:82:5f:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Validity
Not Before: Jan 1 08:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed8ee56d75e7460a6998c38524546a5fb73af4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:37:bc:48:f0:d5:9a:ca:4f:5b:3e:e1:02:
37:e8:86:0d:0e:f2:ed:42:37:3d:d5:19:b2:b3:54:
82:7c:2a:67:fa:3c:de:84:5a:0e:37:91:9f:12:d2:
7a:b6:45:5a:86:fe:b9:e4:0e:9f:a1:1f:a4:2e:ce:
43:b8:3c:eb:0e:d7:01:60:f1:e8:39:7b:39:fa:dd:
04:c6:de:f6:d2:39:20:84:01:3c:95:cb:db:47:04:
01:d0:09:74:af:96:cc:e1:42:ea:8b:7e:75:f4:dc:
c0:ab:7c:7d:d3:70:da:53:13:00:c2:09:37:b4:d9:
97:a4:f6:a9:c2:11:17:c5:46:e1:e1:21:42:b2:d7:
22:87:f4:3d:9b:f0:e3:c8:44:03:dd:9b:b9:84:90:
94:ec:fb:d7:6e:8c:39:8e:43:74:9b:b6:ec:48:09:
8c:b8:63:6d:67:d9:c7:33:8c:7e:b9:16:ca:56:d5:
98:76:44:e0:91:1e:6f:e3:c0:6e:1a:a9:92:06:e3:
99:ff:d5:78:0a:55:6e:01:10:b0:40:b9:f4:7a:3c:
7e:e8:f5:81:1c:18:76:81:ba:c9:09:f1:49:df:34:
74:be:7a:09:86:bd:b3:c7:0e:87:fc:48:d8:f8:88:
65:96:2d:6f:54:63:6b:b8:f2:24:58:a1:ba:73:ad:
4c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8E:E5:6D:75:E7:46:0A:69:98:C3:85:24:54:6A:5F:B7:3A:F4:CF
X509v3 Authority Key Identifier:
keyid:03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/7Y7lbXXnRgppmMOFJFRqX7c69M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.193.0/24
185.115.205.0/24
IPv6:
2a0c:a300::/29
2a12:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
90:d6:a0:71:e8:34:e6:30:9c:41:26:11:86:31:e4:93:dd:40:
eb:91:c8:0b:c2:d4:a1:f2:c0:0a:9f:72:81:f4:04:70:62:4e:
60:5f:97:2a:5a:0d:dd:af:95:00:0f:40:94:42:61:78:9d:ce:
5e:1c:19:fd:d7:68:b9:15:9f:77:e0:46:f8:eb:77:a9:ef:6d:
01:b2:d1:fe:27:8b:54:62:3a:42:e0:fe:b4:dd:47:c2:8f:2d:
b3:b6:37:02:88:87:8d:11:44:9a:1b:82:d6:6e:87:db:9f:60:
5d:e2:be:a3:ef:0f:9b:ac:bd:f0:4d:21:8e:1c:c1:0a:07:a2:
a9:78:72:1c:d8:35:40:3a:7e:2b:af:cd:c5:6e:33:a5:23:58:
8c:57:5d:50:4b:08:13:68:29:ff:be:84:cb:ed:2f:77:4f:78:
cd:f3:53:b6:6e:1a:9c:88:18:90:67:0c:23:dc:60:0a:a5:ac:
ba:5c:31:ac:02:f2:18:17:29:21:52:bb:17:fe:da:d9:63:c3:
58:9c:3d:3e:61:44:36:68:d2:8a:53:8d:48:cd:aa:1b:05:5e:
df:e8:ce:f9:48:ce:04:9b:49:c1:fd:7c:eb:5d:0f:f8:4f:58:
13:fe:67:72:1f:6b:9c:b8:f6:93:9c:e9:27:e4:a7:22:1e:80:
19:e8:09:c2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVseAQ8NsfTssQif2KCXx3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzODRlODhmYjc5YTM3NzZjYjA1ODNlMmI2N2EwYmVjNmRm
YzY4YjgwHhcNMjMwMTAxMDgzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhlZTU2ZDc1ZTc0NjBhNjk5OGMzODUyNDU0NmE1ZmI3M2FmNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz03vEjw1ZrKT1s+4QI36IYNDvLt
Qjc91Rmys1SCfCpn+jzehFoON5GfEtJ6tkVahv655A6foR+kLs5DuDzrDtcBYPHo
OXs5+t0Ext720jkghAE8lcvbRwQB0Al0r5bM4ULqi3519NzAq3x903DaUxMAwgk3
tNmXpPapwhEXxUbh4SFCstcih/Q9m/DjyEQD3Zu5hJCU7PvXbow5jkN0m7bsSAmM
uGNtZ9nHM4x+uRbKVtWYdkTgkR5v48BuGqmSBuOZ/9V4ClVuARCwQLn0ejx+6PWB
HBh2gbrJCfFJ3zR0vnoJhr2zxw6H/EjY+Ihlli1vVGNruPIkWKG6c61MywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFO2O5W1150YKaZjDhSRUal+3OvTPMB8GA1UdIwQY
MBaAFAOE6I+3mjd2ywWD4rZ6C+xt/Gi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMt
MzMzYTM4NGQ0MTdkLzEvN1k3bGJYWG5SZ3BwbU1PRkpGUnFYN2M2OU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMtMzMzYTM4NGQ0MTdk
LzEvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAsHbBAwQA
uXPNMBQEAgACMA4DBQMqDKMAAwUDKhLqgDANBgkqhkiG9w0BAQsFAAOCAQEAkNag
ceg05jCcQSYRhjHkk91A65HIC8LUofLACp9ygfQEcGJOYF+XKloN3a+VAA9AlEJh
eJ3OXhwZ/ddouRWfd+BG+Ot3qe9tAbLR/ieLVGI6QuD+tN1Hwo8ts7Y3AoiHjRFE
mhuC1m6H259gXeK+o+8Pm6y98E0hjhzBCgeiqXhyHNg1QDp+K6/NxW4zpSNYjFdd
UEsIE2gp/76Ey+0vd094zfNTtm4anIgYkGcMI9xgCqWsulwxrALyGBcpIVK7F/7a
2WPDWJw9PmFENmjSilONSM2qGwVe3+jO+UjOBJtJwf18610P+E9YE/5nch9rnLj2
k5zpJ+SnIh6AGegJwg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:51 2024 by rpki-client on console-ams.rpki-client.org