Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/1-TAi02WErXbUWhd4sMz5fvStA5U.roa
File: 1-TAi02WErXbUWhd4sMz5fvStA5U.roa (raw, json)
Hash identifier: y/PwGBQNKFFewOvIiCJCVKccjNO7xsB9DV8106CfMso=
Subject key identifier: F9:30:22:D3:65:84:AD:76:D4:5A:17:78:B0:CC:F9:7E:F4:AD:03:95
Certificate issuer: /CN=da7148d75bdc39ce9dd2e3bdaa75847b17b34ecb
Certificate serial: 01856FF93A093608E4B9E5679FDC5310366B
Authority key identifier: DA:71:48:D7:5B:DC:39:CE:9D:D2:E3:BD:AA:75:84:7B:17:B3:4E:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nFI11vcOc6d0uO9qnWEexezTss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/1-TAi02WErXbUWhd4sMz5fvStA5U.roa
Signing time: Mon 02 Jan 2023 00:54:42 +0000
ROA not before: Mon 02 Jan 2023 00:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48441
IP address blocks: 185.33.236.0/22 maxlen: 22
94.247.56.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3a:09:36:08:e4:b9:e5:67:9f:dc:53:10:36:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7148d75bdc39ce9dd2e3bdaa75847b17b34ecb
Validity
Not Before: Jan 2 00:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f93022d36584ad76d45a1778b0ccf97ef4ad0395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e8:11:ad:6f:00:d6:ff:62:d1:26:da:b3:f7:
3a:26:39:3a:7d:5e:d0:40:76:c9:55:ec:b7:61:e8:
e5:a9:15:60:9b:16:c8:16:8c:ae:49:72:ee:62:a8:
88:1f:40:8d:51:17:a0:af:0c:03:35:bb:49:b3:a3:
63:98:0d:eb:a8:85:f0:20:a7:1c:61:23:9e:1b:e0:
84:d2:09:ed:eb:b1:fd:c3:4f:74:c7:12:3b:ec:cf:
be:6a:45:96:2c:bb:8a:d8:24:5b:08:c1:27:7e:6b:
de:75:63:76:e2:6f:f5:d7:81:00:bb:7d:5b:ad:29:
b1:3c:20:28:ae:25:f6:02:cd:53:c6:c7:d4:c6:b9:
b7:dd:1e:c4:b8:3f:ff:02:3b:e1:91:cf:5d:a8:d6:
90:f5:e8:77:c3:90:a1:f5:b7:d0:f0:58:26:91:2d:
63:6d:86:3c:5c:9d:0a:f7:38:6c:09:52:de:2d:f8:
19:e5:93:2c:20:f3:27:ac:84:52:00:85:33:8e:cc:
44:ac:1d:67:4d:a0:c0:2c:b1:7a:c4:69:69:d7:be:
8b:ec:9b:ba:dd:60:54:ce:8a:5a:e5:37:fe:f8:44:
32:35:ad:07:37:5f:21:e3:b8:99:ea:9a:b5:62:19:
d8:90:bf:d9:e4:c5:07:32:f8:8d:da:c1:b3:a2:21:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:30:22:D3:65:84:AD:76:D4:5A:17:78:B0:CC:F9:7E:F4:AD:03:95
X509v3 Authority Key Identifier:
keyid:DA:71:48:D7:5B:DC:39:CE:9D:D2:E3:BD:AA:75:84:7B:17:B3:4E:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nFI11vcOc6d0uO9qnWEexezTss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/1-TAi02WErXbUWhd4sMz5fvStA5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/077a53-314b-4004-8f1e-def0cc34e008/1/2nFI11vcOc6d0uO9qnWEexezTss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.56.0/21
185.33.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:5b:77:de:ff:bb:39:e4:53:fa:9f:bb:17:92:be:4f:ec:b0:
d8:f4:2b:e1:9f:fc:97:97:43:79:a3:68:45:f7:2b:32:aa:d4:
02:f7:53:e8:a2:52:94:04:93:01:c7:2c:c9:64:03:22:b5:3c:
4a:4d:6a:fd:87:75:4b:6b:32:df:d7:1a:46:68:59:3d:b5:d7:
4a:6d:2b:5c:8e:0b:29:dd:85:0d:7b:b5:3b:01:0e:f2:ff:1e:
1f:68:6b:0f:97:bb:2c:9a:f2:0a:b4:71:55:6c:da:66:f9:3d:
a9:57:51:2d:e0:8a:82:e8:5a:1c:58:ad:db:c4:08:bb:9d:0d:
92:18:d4:56:a2:ec:2f:79:73:e5:c1:db:f3:b8:ec:ee:3c:ee:
f7:46:1f:8d:aa:13:59:90:1d:67:ff:fc:ab:e4:88:24:5c:c7:
19:74:8a:74:25:08:db:37:46:aa:fc:e4:a1:96:7f:17:3d:d8:
69:09:22:ee:b5:64:47:41:28:e1:a5:40:98:ce:42:11:72:ca:
43:52:53:82:99:67:f5:a2:0c:71:5f:54:df:c4:94:ce:ce:8e:
39:4e:80:55:1b:15:65:80:d6:c5:ec:8a:ab:c3:15:53:cf:62:
73:1b:a2:c1:ca:c7:e9:1e:ae:f6:45:32:d9:f8:ea:e7:3c:6e:
a2:52:2f:f3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVv+ToJNgjkueVnn9xTEDZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzE0OGQ3NWJkYzM5Y2U5ZGQyZTNiZGFhNzU4NDdiMTdi
MzRlY2IwHhcNMjMwMTAyMDA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTMwMjJkMzY1ODRhZDc2ZDQ1YTE3NzhiMGNjZjk3ZWY0YWQwMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwugRrW8A1v9i0Sbas/c6Jjk6fV7Q
QHbJVey3YejlqRVgmxbIFoyuSXLuYqiIH0CNURegrwwDNbtJs6NjmA3rqIXwIKcc
YSOeG+CE0gnt67H9w090xxI77M++akWWLLuK2CRbCMEnfmvedWN24m/114EAu31b
rSmxPCAoriX2As1TxsfUxrm33R7EuD//Ajvhkc9dqNaQ9eh3w5Ch9bfQ8FgmkS1j
bYY8XJ0K9zhsCVLeLfgZ5ZMsIPMnrIRSAIUzjsxErB1nTaDALLF6xGlp176L7Ju6
3WBUzopa5Tf++EQyNa0HN18h47iZ6pq1YhnYkL/Z5MUHMviN2sGzoiGQUwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkwItNlhK121FoXeLDM+X70rQOVMB8GA1UdIwQY
MBaAFNpxSNdb3DnOndLjvap1hHsXs07LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5GSTExdmNPYzZkMHVPOXFuV0VleGV6VHNzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wNzdhNTMtMzE0Yi00MDA0LThmMWUt
ZGVmMGNjMzRlMDA4LzEvMS1UQWkwMldFclhiVVdoZDRzTXo1ZnZTdEE1VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2UvMDc3YTUzLTMxNGItNDAwNC04ZjFlLWRlZjBjYzM0ZTAw
OC8xLzJuRkkxMXZjT2M2ZDB1TzlxbldFZXhlelRzcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA173OAME
Arkh7DANBgkqhkiG9w0BAQsFAAOCAQEAqFt33v+7OeRT+p+7F5K+T+yw2PQr4Z/8
l5dDeaNoRfcrMqrUAvdT6KJSlASTAccsyWQDIrU8Sk1q/Yd1S2sy39caRmhZPbXX
Sm0rXI4LKd2FDXu1OwEO8v8eH2hrD5e7LJryCrRxVWzaZvk9qVdRLeCKguhaHFit
28QIu50NkhjUVqLsL3lz5cHb87js7jzu90YfjaoTWZAdZ//8q+SIJFzHGXSKdCUI
2zdGqvzkoZZ/Fz3YaQki7rVkR0Eo4aVAmM5CEXLKQ1JTgpln9aIMcV9U38SUzs6O
OU6AVRsVZYDWxeyKq8MVU89icxuiwcrH6R6u9kUy2fjq5zxuolIv8w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:49 2024 by rpki-client on console-fra.rpki-client.org