Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/aB9QUb8LyxzT4j6hGWKBV4i7O1g.roa
File: aB9QUb8LyxzT4j6hGWKBV4i7O1g.roa (raw, json)
Hash identifier: QPRQnyBmwqWF/tf8vkipLe5NO77jYsipe0Onm+40Za0=
Subject key identifier: 68:1F:50:51:BF:0B:CB:1C:D3:E2:3E:A1:19:62:81:57:88:BB:3B:58
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB9B160256B9879AE758E5C62BADF
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/aB9QUb8LyxzT4j6hGWKBV4i7O1g.roa
Signing time: Sun 01 Jan 2023 22:04:51 +0000
ROA not before: Sun 01 Jan 2023 22:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 87.107.192.0/22 maxlen: 22
87.107.196.0/22 maxlen: 22
87.107.254.0/23 maxlen: 23
81.12.28.0/24 maxlen: 24
87.107.206.0/23 maxlen: 23
87.107.204.0/23 maxlen: 23
87.107.200.0/22 maxlen: 22
87.107.212.0/22 maxlen: 22
87.107.208.0/22 maxlen: 22
87.107.216.0/22 maxlen: 22
87.107.224.0/22 maxlen: 22
87.107.220.0/22 maxlen: 22
87.107.233.0/24 maxlen: 24
87.107.232.0/24 maxlen: 24
87.107.230.0/23 maxlen: 23
87.107.229.0/24 maxlen: 24
87.107.228.0/24 maxlen: 24
87.107.236.0/22 maxlen: 22
87.107.234.0/23 maxlen: 23
87.107.240.0/23 maxlen: 23
87.107.246.0/23 maxlen: 23
87.107.244.0/23 maxlen: 23
87.107.242.0/23 maxlen: 23
87.107.253.0/24 maxlen: 24
87.107.252.0/24 maxlen: 24
87.107.250.0/23 maxlen: 23
87.107.248.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b9:b1:60:25:6b:98:79:ae:75:8e:5c:62:ba:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=681f5051bf0bcb1cd3e23ea11962815788bb3b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:04:be:2f:4a:71:f3:3a:72:04:c4:94:c0:8d:
85:1e:5e:54:4b:5d:1f:e9:86:12:4e:a8:ee:3a:10:
25:98:67:e4:8c:7e:9b:6c:bb:0e:1b:17:95:04:3f:
57:60:cf:27:de:14:e5:5a:5b:e7:21:8a:52:8a:4b:
1b:40:9b:41:16:62:90:d2:f9:99:68:2f:c6:62:16:
70:94:9d:2e:e9:4e:a1:80:b0:4b:88:c3:71:73:d1:
35:2e:50:2a:e1:54:b3:98:80:92:b0:dc:28:67:12:
b4:56:53:cd:e4:9b:4d:8f:a7:f2:5c:56:3a:4c:51:
4f:e4:4b:64:20:cb:c7:df:66:0e:9e:b7:b9:29:28:
c8:b0:ef:22:74:70:31:1b:1e:4c:4c:5b:f4:7b:79:
f7:63:f6:d5:e6:02:08:8d:f2:20:8a:36:ab:a5:19:
3e:9d:cc:98:32:99:47:ab:78:a4:95:9a:ba:13:93:
77:68:ba:dd:7f:5f:3d:01:ca:29:ac:fa:e0:9b:9b:
9f:4b:39:e4:11:90:dc:90:0f:f4:fa:99:1d:a6:d1:
c3:40:a0:e5:d3:ee:8a:99:d0:05:53:5c:bd:14:39:
a3:24:be:9e:c7:bb:94:2c:90:33:14:29:00:6f:bb:
fe:09:69:4e:d4:e5:90:00:7c:63:a2:ab:2d:b0:ae:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1F:50:51:BF:0B:CB:1C:D3:E2:3E:A1:19:62:81:57:88:BB:3B:58
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/aB9QUb8LyxzT4j6hGWKBV4i7O1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.28.0/24
87.107.192.0/18
Signature Algorithm: sha256WithRSAEncryption
cc:f6:16:e4:01:65:00:ef:aa:b9:13:60:3d:f0:a3:07:43:c9:
25:0d:75:94:6e:32:84:e4:04:e5:e5:f1:b3:31:ca:a4:2a:3b:
58:cc:cd:a8:6d:a7:06:96:0b:07:ee:37:9a:c0:5b:05:5a:5c:
82:08:67:e7:9d:39:3f:48:2f:83:51:91:7b:25:24:a1:56:34:
aa:0f:f4:77:65:15:44:c1:56:66:25:77:1f:91:f4:99:be:00:
9d:11:b8:23:86:bf:22:12:4f:08:4d:e7:db:e3:72:c3:e8:a5:
50:89:a8:a5:3e:bf:78:98:71:cd:38:8e:2a:cc:54:44:ec:d2:
a8:07:e5:89:a7:a4:96:99:0d:d9:f0:37:8e:8c:08:ce:85:48:
f1:5f:09:52:36:e1:0d:bb:7a:2d:1c:db:26:0c:fa:28:d2:c2:
9a:b1:00:d9:d5:e7:fb:0f:f5:9c:62:5a:51:e1:fd:d9:f1:42:
dd:7f:d4:54:91:f2:5a:f4:14:be:ec:80:61:6b:38:85:c6:86:
45:fb:18:21:a2:6e:0d:44:67:6e:ca:a3:a3:0f:be:d2:b1:e3:
97:8a:b1:3a:0b:e3:2e:bb:ba:19:fe:ad:c7:f9:a3:bb:f2:01:
a5:2b:98:f0:f7:e9:6f:bc:f4:39:63:de:9d:a5:90:04:cc:ef:
73:b7:9e:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXbmxYCVrmHmudY5cYrrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFmNTA1MWJmMGJjYjFjZDNlMjNlYTExOTYyODE1Nzg4YmIzYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigS+L0px8zpyBMSUwI2FHl5US10f
6YYSTqjuOhAlmGfkjH6bbLsOGxeVBD9XYM8n3hTlWlvnIYpSiksbQJtBFmKQ0vmZ
aC/GYhZwlJ0u6U6hgLBLiMNxc9E1LlAq4VSzmICSsNwoZxK0VlPN5JtNj6fyXFY6
TFFP5EtkIMvH32YOnre5KSjIsO8idHAxGx5MTFv0e3n3Y/bV5gIIjfIgijarpRk+
ncyYMplHq3iklZq6E5N3aLrdf189AcoprPrgm5ufSznkEZDckA/0+pkdptHDQKDl
0+6KmdAFU1y9FDmjJL6ex7uULJAzFCkAb7v+CWlO1OWQAHxjoqstsK5xHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGgfUFG/C8sc0+I+oRligVeIuztYMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvYUI5UVViOEx5eHpUNGo2aEdXS0JWNGk3TzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQwcAwQG
V2vAMA0GCSqGSIb3DQEBCwUAA4IBAQDM9hbkAWUA76q5E2A98KMHQ8klDXWUbjKE
5ATl5fGzMcqkKjtYzM2obacGlgsH7jeawFsFWlyCCGfnnTk/SC+DUZF7JSShVjSq
D/R3ZRVEwVZmJXcfkfSZvgCdEbgjhr8iEk8ITefb43LD6KVQiailPr94mHHNOI4q
zFRE7NKoB+WJp6SWmQ3Z8DeOjAjOhUjxXwlSNuENu3otHNsmDPoo0sKasQDZ1ef7
D/WcYlpR4f3Z8ULdf9RUkfJa9BS+7IBhaziFxoZF+xghom4NRGduyqOjD77SseOX
irE6C+Muu7oZ/q3H+aO78gGlK5jw9+lvvPQ5Y96dpZAEzO9zt54D
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org