Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7HemBgG9E714lD1zyvljigjlxD8.roa
File: 7HemBgG9E714lD1zyvljigjlxD8.roa (raw, json)
Hash identifier: h5ieMev8KdKT04lQOfBjfm05Ih9lgIedmHMfs2EOpL0=
Subject key identifier: EC:77:A6:06:01:BD:13:BD:78:94:3D:73:CA:F9:63:8A:08:E5:C4:3F
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 0185729EDC52058C335034B66A5784B11611
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7HemBgG9E714lD1zyvljigjlxD8.roa
Signing time: Mon 02 Jan 2023 13:14:51 +0000
ROA not before: Mon 02 Jan 2023 13:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 146.109.0.0/16 maxlen: 24
185.210.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:dc:52:05:8c:33:50:34:b6:6a:57:84:b1:16:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 2 13:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec77a60601bd13bd78943d73caf9638a08e5c43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3a:e6:13:b8:a4:76:67:88:ee:85:26:e8:94:
07:8e:e9:33:16:64:65:46:b8:8b:9a:32:4a:03:db:
95:bc:5c:34:6a:07:bf:59:cc:ea:52:e9:18:80:6b:
54:8c:68:43:80:26:02:6f:39:49:3b:e4:0e:8e:48:
6d:49:96:96:8a:3d:80:71:e5:51:5d:1a:b0:0a:7a:
7a:9f:b9:47:73:3f:c6:60:1c:32:f1:5b:cd:8d:3a:
eb:d3:18:c5:d7:f8:37:31:2a:33:fb:9f:c4:e7:ea:
53:8e:d0:43:46:5d:79:4b:5c:39:e3:7f:b3:33:42:
cc:c2:63:44:c7:db:6d:92:5d:60:c6:2a:64:d0:20:
e0:60:00:bf:d6:30:81:a7:6f:f6:c6:8d:2a:88:3b:
d6:f2:ab:29:28:1a:27:c1:b1:f4:bd:35:f1:fb:85:
94:7b:3c:67:b2:91:17:d1:8d:65:0f:5f:6c:05:66:
f8:35:87:a3:f2:ab:d7:61:79:41:8e:13:66:f0:1a:
16:19:4b:bf:eb:29:d6:5b:5a:63:29:16:ef:de:42:
67:13:b8:a3:a2:3a:4e:18:ad:1e:64:2c:e3:3a:e0:
ca:9b:ce:11:8c:b2:af:23:43:c3:28:99:ed:f2:e4:
ca:2a:26:8d:38:18:b4:92:ef:55:a1:8d:7b:94:62:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:77:A6:06:01:BD:13:BD:78:94:3D:73:CA:F9:63:8A:08:E5:C4:3F
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7HemBgG9E714lD1zyvljigjlxD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.0.0/16
185.210.32.0/22
Signature Algorithm: sha256WithRSAEncryption
07:18:0e:ce:95:8e:d4:af:59:36:af:3c:7f:f2:fc:2c:90:73:
4e:d5:55:ea:90:46:7f:3b:d9:3d:6b:ae:cc:ef:ea:28:64:d9:
35:55:b7:b8:4a:e4:90:67:de:db:f4:df:bd:d8:5e:66:2a:62:
86:73:cc:53:cd:7f:f8:bd:51:8c:a0:82:a4:ae:13:ce:19:55:
1f:a4:38:70:86:f7:8b:d8:20:45:29:d8:c3:54:14:82:95:d7:
8b:f2:35:a5:cf:d1:40:87:62:d9:b6:12:58:9c:0e:10:89:e7:
86:cb:c9:df:75:93:d3:97:cb:01:4a:a9:0f:54:5b:aa:7a:5b:
b5:5e:11:72:c3:35:1f:69:4a:4c:e8:50:d4:46:bc:1d:d0:71:
ca:b4:df:11:12:4e:1a:4b:51:e7:cf:4d:38:45:5d:6f:6d:cc:
45:38:41:c5:88:ee:97:d8:da:66:12:72:ce:8b:86:0f:d6:32:
36:ad:50:30:dd:76:60:f2:b9:ae:87:fe:20:25:b0:5a:4c:61:
93:45:27:b0:2f:62:f9:2b:9a:55:2c:e2:9b:a3:01:bd:f1:7c:
0c:3a:68:8f:66:c1:d1:c0:35:75:19:64:9f:cd:f5:94:77:90:
23:c7:75:af:99:9a:66:3d:45:cc:f3:0c:70:52:ba:f3:a2:5c:
f2:12:74:01
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVyntxSBYwzUDS2aleEsRYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjMwMTAyMTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc3YTYwNjAxYmQxM2JkNzg5NDNkNzNjYWY5NjM4YTA4ZTVjNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTrmE7ikdmeI7oUm6JQHjukzFmRl
RriLmjJKA9uVvFw0age/WczqUukYgGtUjGhDgCYCbzlJO+QOjkhtSZaWij2AceVR
XRqwCnp6n7lHcz/GYBwy8VvNjTrr0xjF1/g3MSoz+5/E5+pTjtBDRl15S1w543+z
M0LMwmNEx9ttkl1gxipk0CDgYAC/1jCBp2/2xo0qiDvW8qspKBonwbH0vTXx+4WU
ezxnspEX0Y1lD19sBWb4NYej8qvXYXlBjhNm8BoWGUu/6ynWW1pjKRbv3kJnE7ij
ojpOGK0eZCzjOuDKm84RjLKvI0PDKJnt8uTKKiaNOBi0ku9VoY17lGJpwwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFOx3pgYBvRO9eJQ9c8r5Y4oI5cQ/MB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvN0hlbUJnRzlFNzE0bEQxenl2bGppZ2pseEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkm0DBAK5
0iAwDQYJKoZIhvcNAQELBQADggEBAAcYDs6VjtSvWTavPH/y/CyQc07VVeqQRn87
2T1rrszv6ihk2TVVt7hK5JBn3tv0373YXmYqYoZzzFPNf/i9UYyggqSuE84ZVR+k
OHCG94vYIEUp2MNUFIKV14vyNaXP0UCHYtm2ElicDhCJ54bLyd91k9OXywFKqQ9U
W6p6W7VeEXLDNR9pSkzoUNRGvB3Qccq03xESThpLUefPTThFXW9tzEU4QcWI7pfY
2mYScs6Lhg/WMjatUDDddmDyua6H/iAlsFpMYZNFJ7AvYvkrmlUs4pujAb3xfAw6
aI9mwdHANXUZZJ/N9ZR3kCPHda+ZmmY9RczzDHBSuvOiXPISdAE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:58 2024 by rpki-client on console-fra.rpki-client.org