Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7KfGmgo4Yn7xsr3_O7JMHX5vBnA.roa
File: 7KfGmgo4Yn7xsr3_O7JMHX5vBnA.roa (raw, json)
Hash identifier: FqKVjLgmEXso7kZ5/b9B6eJ2SkiaEeii3QJ1FQ74TOw=
Subject key identifier: EC:A7:C6:9A:0A:38:62:7E:F1:B2:BD:FF:3B:B2:4C:1D:7E:6F:06:70
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 018572BA553A2CF42679659CE50F0342190F
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7KfGmgo4Yn7xsr3_O7JMHX5vBnA.roa
Signing time: Mon 02 Jan 2023 13:44:52 +0000
ROA not before: Mon 02 Jan 2023 13:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41195
IP address blocks: 176.118.186.0/23 maxlen: 24
2a0d:ca47::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:55:3a:2c:f4:26:79:65:9c:e5:0f:03:42:19:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 2 13:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eca7c69a0a38627ef1b2bdff3bb24c1d7e6f0670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c0:eb:22:16:e3:2c:83:fc:87:bd:d8:b7:dd:
ba:c4:64:b2:f7:7f:be:00:f5:23:73:09:b0:14:98:
57:c7:bb:fb:ae:3b:e2:34:f3:6c:c7:95:be:6f:92:
d8:1b:4f:69:ed:85:17:09:cd:3f:17:14:ae:eb:a3:
b6:85:f6:5c:0a:7f:cf:51:bb:9a:d7:13:36:e1:92:
06:8b:34:fd:00:6f:27:79:49:34:92:6c:d2:96:c4:
bd:ce:6c:1a:33:97:bc:16:d6:27:0c:a8:88:b7:6a:
a6:f0:58:72:95:c5:0c:d6:3c:de:df:d0:90:85:1a:
da:d4:be:91:56:1d:5d:97:56:0a:20:93:f4:6c:c9:
ba:47:74:e8:e6:57:05:56:f3:9d:16:76:21:96:d3:
74:dc:37:a5:80:d5:62:79:a8:dd:2b:be:16:4e:c2:
61:24:55:c6:04:d0:9e:6f:37:f6:cc:d0:46:38:dd:
72:b6:54:a1:f1:d5:a8:89:5e:76:6e:75:44:d6:59:
7e:7c:6b:28:8c:d6:7f:16:9a:d9:f0:b8:7f:cc:81:
3d:c5:8b:03:8d:ae:ed:89:52:01:1a:84:f5:6e:d3:
64:61:aa:e2:2e:c3:7b:ba:a1:af:35:5e:6c:0b:46:
82:03:30:3a:0a:5c:8a:76:a3:12:74:58:9e:3a:f2:
7f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A7:C6:9A:0A:38:62:7E:F1:B2:BD:FF:3B:B2:4C:1D:7E:6F:06:70
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/7KfGmgo4Yn7xsr3_O7JMHX5vBnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.186.0/23
IPv6:
2a0d:ca47::/47
Signature Algorithm: sha256WithRSAEncryption
80:36:1f:13:26:90:87:78:4b:4c:d9:85:2b:99:c5:f4:e5:11:
1e:ed:8a:f6:82:94:c4:f1:8b:48:44:85:20:62:42:a3:4b:a8:
d0:0a:c9:81:39:c5:b7:69:ee:42:49:ae:b1:26:b1:84:a3:d0:
c3:d4:f5:79:34:a7:97:d2:dd:d8:4b:07:06:38:2e:97:37:5c:
24:64:b8:dc:ec:16:99:2f:b2:cd:54:73:27:99:5c:f8:ab:81:
c4:a8:af:7b:62:c2:b4:4a:9a:4c:46:89:ef:c9:a2:cf:db:0b:
ef:e4:2d:b8:bc:0e:96:3e:47:a2:32:bb:50:70:2b:8e:de:9a:
29:b0:aa:7b:b8:a5:5b:95:3d:2a:69:82:eb:6b:75:11:cd:9c:
0e:ce:56:b7:1d:d3:10:f5:72:f0:0d:4a:4b:02:5d:45:15:95:
87:ed:c7:df:05:c9:b7:4a:86:95:4a:f4:90:81:ea:12:d3:55:
a6:2e:a6:aa:1f:62:04:39:0a:51:f9:b8:7c:34:e5:d9:b6:d7:
dd:f9:aa:8d:b7:d3:91:1a:9c:3a:ad:60:ca:87:e0:3b:96:dd:
00:fd:85:ca:b5:6d:29:f7:e8:36:41:f0:c7:11:95:41:dd:cc:
03:69:00:d3:b1:28:f3:47:d3:75:50:66:3a:85:be:af:c7:b9:
ea:f4:10:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyulU6LPQmeWWc5Q8DQhkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjMwMTAyMTM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E3YzY5YTBhMzg2MjdlZjFiMmJkZmYzYmIyNGMxZDdlNmYwNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMDrIhbjLIP8h73Yt926xGSy93++
APUjcwmwFJhXx7v7rjviNPNsx5W+b5LYG09p7YUXCc0/FxSu66O2hfZcCn/PUbua
1xM24ZIGizT9AG8neUk0kmzSlsS9zmwaM5e8FtYnDKiIt2qm8FhylcUM1jze39CQ
hRra1L6RVh1dl1YKIJP0bMm6R3To5lcFVvOdFnYhltN03DelgNVieajdK74WTsJh
JFXGBNCebzf2zNBGON1ytlSh8dWoiV52bnVE1ll+fGsojNZ/FprZ8Lh/zIE9xYsD
ja7tiVIBGoT1btNkYariLsN7uqGvNV5sC0aCAzA6ClyKdqMSdFieOvJ/dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOynxpoKOGJ+8bK9/zuyTB1+bwZwMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvN0tmR21nbzRZbjd4c3IzX083Sk1IWDV2Qm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHa6MA8E
AgACMAkDBwEqDcpHAAAwDQYJKoZIhvcNAQELBQADggEBAIA2HxMmkId4S0zZhSuZ
xfTlER7tivaClMTxi0hEhSBiQqNLqNAKyYE5xbdp7kJJrrEmsYSj0MPU9Xk0p5fS
3dhLBwY4Lpc3XCRkuNzsFpkvss1UcyeZXPirgcSor3tiwrRKmkxGie/Jos/bC+/k
Lbi8DpY+R6Iyu1BwK47emimwqnu4pVuVPSppgutrdRHNnA7OVrcd0xD1cvANSksC
XUUVlYftx98FybdKhpVK9JCB6hLTVaYupqofYgQ5ClH5uHw05dm21935qo2305Ea
nDqtYMqH4DuW3QD9hcq1bSn36DZB8McRlUHdzANpANOxKPNH03VQZjqFvq/Huer0
EKw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:10 2024 by rpki-client on console-ams.rpki-client.org