Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/g-7apWw-zXKKfT34I7d828ZcEHw.roa
File: g-7apWw-zXKKfT34I7d828ZcEHw.roa (raw, json)
Hash identifier: P59zq/VdRuHk+I1F2EsgbMyFvOOBAT9qPuUwh84wHJI=
Subject key identifier: 83:EE:DA:A5:6C:3E:CD:72:8A:7D:3D:F8:23:B7:7C:DB:C6:5C:10:7C
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DBF7695F04AF6E9C649A8640A3902
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/g-7apWw-zXKKfT34I7d828ZcEHw.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 62.220.118.0/23 maxlen: 24
81.12.43.0/24 maxlen: 24
87.107.100.0/22 maxlen: 22
81.12.77.0/24 maxlen: 24
81.12.96.0/22 maxlen: 22
81.12.96.0/21 maxlen: 24
81.12.102.0/23 maxlen: 23
81.12.100.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:bf:76:95:f0:4a:f6:e9:c6:49:a8:64:0a:39:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83eedaa56c3ecd728a7d3df823b77cdbc65c107c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:25:8f:d6:78:f7:b8:6c:93:83:92:7e:53:ac:
e5:3f:7b:53:06:dd:a3:b5:95:b4:06:b3:6b:5b:2a:
ec:62:ab:7e:d3:2c:84:8f:f9:27:56:21:22:6b:22:
51:c6:71:e6:3a:83:1a:b3:e2:f2:31:9a:43:12:7b:
cb:fd:c4:ac:00:15:f8:0d:4c:5d:47:c2:1b:a0:4b:
cc:84:71:9e:4e:f3:fc:7f:cf:fd:b0:70:a9:d0:4e:
ac:af:ee:98:31:61:4e:4a:d7:ca:85:1c:2a:04:e1:
fc:a4:14:9f:0e:cf:2b:ab:f5:ba:ea:10:55:29:fb:
a8:c1:17:f5:6d:2b:8b:b6:c2:19:a6:45:bc:f5:48:
96:76:4c:07:67:28:95:46:34:17:a8:24:2e:e4:35:
54:67:58:3e:59:e3:c6:a2:c4:51:59:40:ba:57:81:
03:a8:0f:e5:74:de:97:91:da:14:72:ab:b7:f6:1a:
a0:dc:23:c4:f5:01:39:f9:a3:46:a9:eb:88:78:99:
c3:c1:8f:85:aa:d6:74:5d:24:1e:21:af:6a:01:59:
b7:3b:9d:77:4b:5d:ee:90:ed:64:37:ac:ff:3e:99:
08:fd:04:cf:c5:7e:7d:0f:78:c8:cb:d0:79:f6:a4:
65:26:b1:e4:62:4b:b2:e5:16:9f:ea:13:6e:cc:b8:
59:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EE:DA:A5:6C:3E:CD:72:8A:7D:3D:F8:23:B7:7C:DB:C6:5C:10:7C
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/g-7apWw-zXKKfT34I7d828ZcEHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.118.0/23
81.12.43.0/24
81.12.77.0/24
81.12.96.0/21
87.107.100.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:0f:09:5b:4c:17:38:5e:99:22:57:c2:ae:ed:5c:4f:e7:1b:
d9:ce:eb:0d:63:30:d8:0f:72:03:bb:86:88:2e:50:32:4b:ad:
d8:ed:63:c7:67:e9:8c:86:d7:b4:ca:8a:9e:81:64:b2:99:d1:
bf:74:08:42:2b:e6:a4:cc:3d:2b:a1:ff:da:1d:10:43:9b:f6:
0f:3e:cd:6d:be:3a:67:9d:be:00:b7:a2:99:2b:36:17:cf:db:
e4:83:26:9e:a5:cf:4f:69:6a:8b:c7:db:83:31:49:7f:d5:d3:
8b:e3:b1:4a:1c:7b:4b:ae:63:77:3e:72:c6:d9:a0:33:e0:04:
87:3c:12:b9:ff:4e:90:83:bf:c1:03:e5:ea:9d:53:ff:5a:18:
4f:5a:7c:50:f8:f6:c9:5f:d3:b0:9e:09:e2:d0:57:a2:f9:17:
4c:9c:23:3e:48:d7:d5:96:9b:e2:a8:1c:98:29:5d:03:e4:11:
cd:b2:7d:10:f3:7c:7e:af:95:bb:60:9a:c1:ee:0f:6f:ef:dd:
b7:75:de:ee:3f:ae:01:40:df:31:31:3b:aa:3e:91:ca:b6:86:
e7:23:16:cf:b9:5a:ce:d1:34:5a:57:55:f9:5b:05:c7:84:6f:
71:fe:a1:a7:f2:89:b9:85:47:f0:cc:71:e7:fa:0b:68:33:79:
3a:cb:4e:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvXb92lfBK9unGSahkCjkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2VlZGFhNTZjM2VjZDcyOGE3ZDNkZjgyM2I3N2NkYmM2NWMxMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSWP1nj3uGyTg5J+U6zlP3tTBt2j
tZW0BrNrWyrsYqt+0yyEj/knViEiayJRxnHmOoMas+LyMZpDEnvL/cSsABX4DUxd
R8IboEvMhHGeTvP8f8/9sHCp0E6sr+6YMWFOStfKhRwqBOH8pBSfDs8rq/W66hBV
KfuowRf1bSuLtsIZpkW89UiWdkwHZyiVRjQXqCQu5DVUZ1g+WePGosRRWUC6V4ED
qA/ldN6XkdoUcqu39hqg3CPE9QE5+aNGqeuIeJnDwY+FqtZ0XSQeIa9qAVm3O513
S13ukO1kN6z/PpkI/QTPxX59D3jIy9B59qRlJrHkYkuy5Raf6hNuzLhZUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIPu2qVsPs1yin09+CO3fNvGXBB8MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvZy03YXBXdy16WEtLZlQzNEk3ZDgyOFpjRUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBPtx2AwQA
UQwrAwQAUQxNAwQDUQxgAwQCV2tkMA0GCSqGSIb3DQEBCwUAA4IBAQC5DwlbTBc4
XpkiV8Ku7VxP5xvZzusNYzDYD3IDu4aILlAyS63Y7WPHZ+mMhte0yoqegWSymdG/
dAhCK+akzD0rof/aHRBDm/YPPs1tvjpnnb4At6KZKzYXz9vkgyaepc9PaWqLx9uD
MUl/1dOL47FKHHtLrmN3PnLG2aAz4ASHPBK5/06Qg7/BA+XqnVP/WhhPWnxQ+PbJ
X9Owngni0Fei+RdMnCM+SNfVlpviqByYKV0D5BHNsn0Q83x+r5W7YJrB7g9v7923
dd7uP64BQN8xMTuqPpHKtobnIxbPuVrO0TRaV1X5WwXHhG9x/qGn8om5hUfwzHHn
+gtoM3k6y06e
Generated at Wed Aug 16 08:40:34 2023 by rpki-client on console-ams.rpki-client.org