Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/d0druxA1Y7YVWIG30W7RojId3tg.roa
File: d0druxA1Y7YVWIG30W7RojId3tg.roa (raw, json)
Hash identifier: hFzNAJF81TsLBnVB/9EsA3kBf1oj8/r5j2XSm7eXIL8=
Subject key identifier: 77:47:6B:BB:10:35:63:B6:15:58:81:B7:D1:6E:D1:A2:32:1D:DE:D8
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD76A867EC32973ABBCAAFB1E0130A
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/d0druxA1Y7YVWIG30W7RojId3tg.roa
Signing time: Sun 01 Jan 2023 15:05:08 +0000
ROA not before: Sun 01 Jan 2023 15:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209916
IP address blocks: 45.157.116.0/22 maxlen: 24
194.147.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:76:a8:67:ec:32:97:3a:bb:ca:af:b1:e0:13:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77476bbb103563b6155881b7d16ed1a2321dded8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:c3:08:27:2a:65:b7:b1:45:fc:5f:48:b8:
75:90:27:8b:91:01:ba:fd:43:a7:30:00:c1:00:59:
de:5a:df:c8:6d:e1:d2:bb:48:f7:18:ca:c3:55:73:
d6:5e:61:37:00:10:0d:b2:6f:ca:1b:21:1b:f1:f5:
5c:cb:c0:3e:b2:fe:2d:b3:3c:b8:65:91:12:8e:bd:
c2:12:7a:ea:fc:ed:5b:89:03:36:92:6d:18:ed:11:
7d:63:43:25:d6:87:04:b4:17:5d:0d:41:3d:32:e0:
91:e5:3d:be:0f:69:c2:2b:e4:e6:35:cc:5c:e3:8d:
22:c1:6a:9b:b4:84:85:05:a7:12:98:75:ba:69:b7:
33:d3:30:26:e4:98:6d:1e:4c:81:36:18:95:09:ab:
bf:df:ca:7b:c8:15:43:17:89:fb:1a:73:49:9f:dc:
1d:b3:3d:7b:19:cb:58:32:6a:29:25:30:91:81:e3:
6f:f8:51:7f:b8:b1:4f:79:eb:9f:bf:4a:3f:63:6c:
f8:f7:d9:46:9f:8f:fb:a3:96:1b:73:61:2b:10:d5:
01:06:48:6c:87:56:be:9e:ef:45:92:3f:08:1b:aa:
43:19:1f:6c:1a:2f:2a:07:d6:52:65:8f:e6:7a:48:
74:66:96:d8:2d:74:35:b1:1c:0f:72:d6:18:96:0c:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:47:6B:BB:10:35:63:B6:15:58:81:B7:D1:6E:D1:A2:32:1D:DE:D8
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/d0druxA1Y7YVWIG30W7RojId3tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
194.147.109.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ba:9e:66:16:57:f2:66:04:e5:f5:e3:30:cb:6c:d2:83:a8:
95:66:d9:38:97:b7:7d:6f:f5:a6:c6:88:76:00:02:df:73:12:
2b:0a:7e:84:89:25:60:dd:54:38:58:34:55:f3:c8:e5:1f:50:
10:16:a1:04:5c:af:c3:57:64:3a:75:71:f5:9d:4e:6f:20:52:
45:31:fc:b9:f6:08:82:09:8e:1f:cf:8d:92:f7:22:ae:2c:75:
12:14:41:5b:ea:9b:76:b8:58:78:ed:c1:7f:00:02:44:42:2e:
68:5b:3d:e8:17:97:03:6d:0d:9c:06:5f:17:49:79:a9:84:25:
4b:12:37:ae:e9:65:c0:57:dd:f4:73:7d:f2:ff:8f:91:1a:98:
b8:38:58:11:c6:ac:a1:38:48:bf:d9:e4:d1:94:bf:fe:d7:ad:
51:2b:32:9d:03:68:5a:bd:57:79:67:37:05:94:5e:39:24:e9:
1c:d0:df:9b:4d:41:c5:80:79:d4:7e:02:9c:19:60:c1:5d:bd:
d8:15:bc:7a:65:d3:9c:32:11:15:f7:d2:2a:ac:e3:4e:bf:f8:
91:a5:0e:0c:1a:32:5e:01:a6:7d:39:74:af:38:40:ca:de:75:
15:df:95:90:cd:a7:de:aa:4a:4a:7b:80:a7:9b:02:57:21:20:
8f:04:23:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3XaoZ+wylzq7yq+x4BMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ3NmJiYjEwMzU2M2I2MTU1ODgxYjdkMTZlZDFhMjMyMWRkZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrLDCCcqZbexRfxfSLh1kCeLkQG6
/UOnMADBAFneWt/IbeHSu0j3GMrDVXPWXmE3ABANsm/KGyEb8fVcy8A+sv4tszy4
ZZESjr3CEnrq/O1biQM2km0Y7RF9Y0Ml1ocEtBddDUE9MuCR5T2+D2nCK+TmNcxc
440iwWqbtISFBacSmHW6abcz0zAm5JhtHkyBNhiVCau/38p7yBVDF4n7GnNJn9wd
sz17GctYMmopJTCRgeNv+FF/uLFPeeufv0o/Y2z499lGn4/7o5Ybc2ErENUBBkhs
h1a+nu9Fkj8IG6pDGR9sGi8qB9ZSZY/mekh0ZpbYLXQ1sRwPctYYlgxs+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdHa7sQNWO2FViBt9Fu0aIyHd7YMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvZDBkcnV4QTFZN1lWV0lHMzBXN1JvaklkM3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ10AwQA
wpNtMA0GCSqGSIb3DQEBCwUAA4IBAQCFup5mFlfyZgTl9eMwy2zSg6iVZtk4l7d9
b/Wmxoh2AALfcxIrCn6EiSVg3VQ4WDRV88jlH1AQFqEEXK/DV2Q6dXH1nU5vIFJF
Mfy59giCCY4fz42S9yKuLHUSFEFb6pt2uFh47cF/AAJEQi5oWz3oF5cDbQ2cBl8X
SXmphCVLEjeu6WXAV930c33y/4+RGpi4OFgRxqyhOEi/2eTRlL/+161RKzKdA2ha
vVd5ZzcFlF45JOkc0N+bTUHFgHnUfgKcGWDBXb3YFbx6ZdOcMhEV99IqrONOv/iR
pQ4MGjJeAaZ9OXSvOEDK3nUV35WQzafeqkpKe4CnmwJXISCPBCNm
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:06 2024 by rpki-client on console-ams.rpki-client.org