Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hZy7XESlF0fLvEB13EOaBplrwyc.roa
File: hZy7XESlF0fLvEB13EOaBplrwyc.roa (raw, json)
Hash identifier: gqd2llhSLxpv1tuehynV9UwVNfu+yLr2r0q4GQ5cbJA=
Subject key identifier: 85:9C:BB:5C:44:A5:17:47:CB:BC:40:75:DC:43:9A:06:99:6B:C3:27
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DBFCBBB13FD46E9F4B1FDBA0B1A08
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hZy7XESlF0fLvEB13EOaBplrwyc.roa
Signing time: Sun 01 Jan 2023 22:04:53 +0000
ROA not before: Sun 01 Jan 2023 22:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204834
IP address blocks: 87.107.94.0/24 maxlen: 24
87.107.94.0/23 maxlen: 23
87.107.95.0/24 maxlen: 24
81.12.92.0/23 maxlen: 23
81.12.92.0/24 maxlen: 24
81.12.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:bf:cb:bb:13:fd:46:e9:f4:b1:fd:ba:0b:1a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859cbb5c44a51747cbbc4075dc439a06996bc327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:c4:ca:5e:79:81:67:97:c2:5c:c1:ff:84:
28:b1:64:d8:da:82:2b:6b:51:f7:6f:3b:6a:62:f1:
8d:3f:dc:6b:68:55:22:98:f6:8a:bd:01:b0:c8:51:
4b:d7:1c:d4:1d:a9:d3:5a:2e:a0:28:89:50:49:95:
5b:46:fc:19:bc:8d:da:d0:65:ea:cb:ab:44:43:30:
19:7d:5a:ec:bd:0c:82:fe:d5:47:22:ee:a4:59:b5:
1c:02:f3:01:53:3a:b8:44:ba:02:53:67:6a:27:41:
6b:fe:c2:75:8b:3a:47:81:67:b4:96:76:a6:1b:39:
66:46:87:b2:0c:34:1d:ba:2f:ed:42:39:79:2c:6b:
0a:c2:9e:22:6d:a3:9c:ce:03:ac:7e:22:ec:d5:9f:
11:58:af:c6:be:3d:9c:57:a1:e7:b8:83:63:a4:78:
2a:4a:f2:2b:bd:1b:50:b8:8f:78:6f:6e:b3:d5:10:
73:08:f5:ef:1e:b6:88:7e:be:0a:fa:e0:14:3b:46:
cc:05:07:43:c5:2b:8a:62:70:7b:61:1c:5f:e4:4a:
04:12:42:1f:98:84:2a:ec:6f:4f:ab:47:9e:c9:b5:
24:21:6c:d5:4b:c8:16:f9:56:d0:07:b3:ef:9e:8c:
53:3f:6b:e1:66:9c:1e:57:b7:c6:c7:83:fb:1d:78:
31:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:BB:5C:44:A5:17:47:CB:BC:40:75:DC:43:9A:06:99:6B:C3:27
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hZy7XESlF0fLvEB13EOaBplrwyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.92.0/23
87.107.94.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:d0:40:7d:43:0f:1b:99:f8:35:e1:43:03:70:9b:5d:e3:a7:
18:99:88:8a:71:03:46:3c:e6:24:41:be:3b:40:2b:f3:68:f3:
31:0e:59:23:fb:e7:c2:2c:61:95:d3:fc:6f:af:2f:d3:ee:01:
9f:a6:5f:e0:1b:19:43:98:6e:73:3a:18:f1:b5:c2:d4:81:6e:
c4:38:f7:c6:b7:1f:cc:7e:72:ed:99:ab:15:7a:2a:63:94:10:
5a:3e:9f:da:37:99:5e:f1:7e:f1:a5:25:5d:c4:cc:2d:3a:39:
d6:0b:76:bf:90:1c:5e:de:a4:af:8d:70:f2:81:96:49:25:31:
4f:93:19:47:67:c6:57:64:80:a7:51:07:17:93:d6:e7:71:39:
78:4c:01:a8:8e:ae:55:8e:cf:f8:1b:b3:0f:5c:ed:9f:e9:41:
a9:57:d4:8a:73:57:a3:7c:ff:cb:be:39:75:1e:e7:80:26:6a:
cd:f2:3e:9d:63:b3:f0:62:68:f5:39:0f:76:5d:8b:a2:53:e7:
f4:5c:86:52:28:c4:3b:58:5c:6a:98:9e:4f:08:bf:36:fb:f3:
87:59:27:fd:44:99:28:bc:87:1e:f7:aa:88:40:f6:cb:e7:07:
1f:ef:15:79:aa:e1:91:2e:2d:66:0e:03:49:2f:02:39:ba:2c:
bc:1c:8d:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXb/LuxP9Run0sf26CxoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTljYmI1YzQ0YTUxNzQ3Y2JiYzQwNzVkYzQzOWEwNjk5NmJjMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgHEyl55gWeXwlzB/4QosWTY2oIr
a1H3bztqYvGNP9xraFUimPaKvQGwyFFL1xzUHanTWi6gKIlQSZVbRvwZvI3a0GXq
y6tEQzAZfVrsvQyC/tVHIu6kWbUcAvMBUzq4RLoCU2dqJ0Fr/sJ1izpHgWe0lnam
GzlmRoeyDDQdui/tQjl5LGsKwp4ibaOczgOsfiLs1Z8RWK/Gvj2cV6HnuINjpHgq
SvIrvRtQuI94b26z1RBzCPXvHraIfr4K+uAUO0bMBQdDxSuKYnB7YRxf5EoEEkIf
mIQq7G9Pq0eeybUkIWzVS8gW+VbQB7PvnoxTP2vhZpweV7fGx4P7HXgxMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWcu1xEpRdHy7xAddxDmgaZa8MnMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvaFp5N1hFU2xGMGZMdkVCMTNFT2FCcGxyd3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUQxcAwQB
V2teMA0GCSqGSIb3DQEBCwUAA4IBAQBr0EB9Qw8bmfg14UMDcJtd46cYmYiKcQNG
POYkQb47QCvzaPMxDlkj++fCLGGV0/xvry/T7gGfpl/gGxlDmG5zOhjxtcLUgW7E
OPfGtx/MfnLtmasVeipjlBBaPp/aN5le8X7xpSVdxMwtOjnWC3a/kBxe3qSvjXDy
gZZJJTFPkxlHZ8ZXZICnUQcXk9bncTl4TAGojq5Vjs/4G7MPXO2f6UGpV9SKc1ej
fP/Lvjl1HueAJmrN8j6dY7PwYmj1OQ92XYuiU+f0XIZSKMQ7WFxqmJ5PCL82+/OH
WSf9RJkovIce96qIQPbL5wcf7xV5quGRLi1mDgNJLwI5uiy8HI2w
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org