Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Koq8GG8goNn-ukMseRZrCxGqvts.roa
File: Koq8GG8goNn-ukMseRZrCxGqvts.roa (raw, json)
Hash identifier: GE2WFl4wIwDTBX3xqbfU9HgAGyrOkkFZs/U+he7nIAs=
Subject key identifier: 2A:8A:BC:18:6F:20:A0:D9:FE:BA:43:2C:79:16:6B:0B:11:AA:BE:DB
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB5D10CBB85D58E0BAD661B5F7C01
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Koq8GG8goNn-ukMseRZrCxGqvts.roa
Signing time: Sun 01 Jan 2023 22:04:50 +0000
ROA not before: Sun 01 Jan 2023 22:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 81.12.112.0/22 maxlen: 22
81.12.126.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b5:d1:0c:bb:85:d5:8e:0b:ad:66:1b:5f:7c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a8abc186f20a0d9feba432c79166b0b11aabedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:3f:9e:39:e5:a6:e3:45:88:75:fa:36:db:
1c:4c:02:22:f2:88:51:fe:49:0b:d6:a7:13:c1:46:
73:c7:1b:23:96:53:12:eb:a8:cc:18:a5:b2:83:e5:
96:b5:d6:a1:cc:38:2a:92:c6:53:69:8b:41:b0:cb:
7f:32:37:f6:ea:aa:2e:af:b3:78:ea:29:4f:1a:4a:
e8:05:85:5d:00:b6:ae:47:a8:b7:cc:69:ed:0a:81:
8d:f7:cd:c4:56:ed:18:ab:34:06:99:59:31:a3:e6:
d4:e3:39:f8:19:f1:eb:ae:fe:d1:91:a4:ab:a1:d9:
f3:9b:b6:69:ff:64:08:93:20:58:0d:16:29:50:d9:
70:8f:05:71:da:3c:e1:10:7f:a8:7d:ca:e6:a2:63:
48:fe:b8:a1:8f:db:e1:8e:25:72:0b:8f:94:1d:12:
3c:a6:f2:2b:66:c0:62:8f:4b:41:d4:95:c4:14:0e:
5b:26:a6:e0:01:b2:fb:e6:a6:49:93:94:85:e2:c4:
91:eb:de:eb:b9:54:75:65:71:35:c9:06:94:2c:18:
86:ba:f7:0a:7e:be:79:48:a9:5a:0c:c8:9d:91:34:
b9:c8:07:db:0b:72:76:b5:24:33:54:50:17:e8:53:
1d:30:55:8d:d4:59:fe:22:e7:ec:74:53:c5:0b:16:
33:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8A:BC:18:6F:20:A0:D9:FE:BA:43:2C:79:16:6B:0B:11:AA:BE:DB
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Koq8GG8goNn-ukMseRZrCxGqvts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.112.0/22
81.12.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:a1:7f:de:f4:c3:2a:ca:df:95:c1:4a:51:e2:6c:c8:5a:63:
a2:6b:1b:bc:69:00:c1:8e:dc:18:a5:a9:25:75:25:ab:9c:f0:
5d:ad:21:47:17:f0:9c:99:4e:de:ae:d2:b5:43:36:22:05:bd:
9f:f4:7e:81:79:16:ea:99:81:70:c5:50:25:7b:69:ee:f9:43:
70:39:e5:b7:c1:f8:35:27:c7:31:a4:a6:5a:b5:af:13:f1:60:
8c:0a:3a:d8:1f:29:39:e2:2e:54:76:b2:26:91:cb:6d:12:33:
46:9f:fb:d6:c3:52:1d:f7:5e:55:79:a9:d2:7f:1a:f1:cd:5b:
53:ae:66:19:12:f1:7b:ef:30:8f:56:c9:6e:96:51:8b:19:a7:
dd:84:ca:e0:bd:d0:ed:78:89:9c:62:8b:fd:d0:ca:35:29:b6:
27:34:d3:fe:70:26:44:6d:00:61:15:6c:30:e6:b9:f0:8c:7c:
96:b1:3d:79:83:6b:4f:a8:e2:8a:07:c5:f4:bf:03:1f:3f:2e:
b5:45:2b:e2:01:d8:57:dd:d1:15:d2:e4:f3:bb:1a:a7:91:79:
de:98:1e:8a:94:cd:69:27:c6:45:92:d6:52:1d:f8:9e:f0:68:
b3:93:7a:94:c9:af:88:8a:fd:17:d8:b2:d2:cc:18:80:c6:cb:
20:97:31:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXbXRDLuF1Y4LrWYbX3wBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThhYmMxODZmMjBhMGQ5ZmViYTQzMmM3OTE2NmIwYjExYWFiZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph0/njnlpuNFiHX6NtscTAIi8ohR
/kkL1qcTwUZzxxsjllMS66jMGKWyg+WWtdahzDgqksZTaYtBsMt/Mjf26qour7N4
6ilPGkroBYVdALauR6i3zGntCoGN983EVu0YqzQGmVkxo+bU4zn4GfHrrv7RkaSr
odnzm7Zp/2QIkyBYDRYpUNlwjwVx2jzhEH+ofcrmomNI/rihj9vhjiVyC4+UHRI8
pvIrZsBij0tB1JXEFA5bJqbgAbL75qZJk5SF4sSR697ruVR1ZXE1yQaULBiGuvcK
fr55SKlaDMidkTS5yAfbC3J2tSQzVFAX6FMdMFWN1Fn+IufsdFPFCxYziwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqKvBhvIKDZ/rpDLHkWawsRqr7bMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvS29xOEdHOGdvTm4tdWtNc2VSWnJDeEdxdnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUQxwAwQB
UQx+MA0GCSqGSIb3DQEBCwUAA4IBAQChoX/e9MMqyt+VwUpR4mzIWmOiaxu8aQDB
jtwYpakldSWrnPBdrSFHF/CcmU7ertK1QzYiBb2f9H6BeRbqmYFwxVAle2nu+UNw
OeW3wfg1J8cxpKZata8T8WCMCjrYHyk54i5UdrImkcttEjNGn/vWw1Id915VeanS
fxrxzVtTrmYZEvF77zCPVslullGLGafdhMrgvdDteImcYov90Mo1KbYnNNP+cCZE
bQBhFWww5rnwjHyWsT15g2tPqOKKB8X0vwMfPy61RSviAdhX3dEV0uTzuxqnkXne
mB6KlM1pJ8ZFktZSHfie8Gizk3qUya+Iiv0X2LLSzBiAxssglzFT
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:54 2024 by rpki-client on console-ams.rpki-client.org