Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/9LibML1OZ0_68PRfVJrHiNLKiHI.roa
File: 9LibML1OZ0_68PRfVJrHiNLKiHI.roa (raw, json)
Hash identifier: Rx36W56RkVsJXeUoZcmH0RthK7h2W7SSk6T+DbzTAkM=
Subject key identifier: F4:B8:9B:30:BD:4E:67:4F:FA:F0:F4:5F:54:9A:C7:88:D2:CA:88:72
Certificate issuer: /CN=3ffc412721c0c6e7a4c5767ae98c4521def51501
Certificate serial: 01856F82363517E0FEEC3DF60C82EFF340AB
Authority key identifier: 3F:FC:41:27:21:C0:C6:E7:A4:C5:76:7A:E9:8C:45:21:DE:F5:15:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_xBJyHAxuekxXZ66YxFId71FQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/9LibML1OZ0_68PRfVJrHiNLKiHI.roa
Signing time: Sun 01 Jan 2023 22:44:42 +0000
ROA not before: Sun 01 Jan 2023 22:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207307
IP address blocks: 91.205.159.0/24 maxlen: 24
2a05:b380::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:36:35:17:e0:fe:ec:3d:f6:0c:82:ef:f3:40:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ffc412721c0c6e7a4c5767ae98c4521def51501
Validity
Not Before: Jan 1 22:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4b89b30bd4e674ffaf0f45f549ac788d2ca8872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:dc:2c:28:4a:3c:58:dd:d0:b3:4b:0e:53:
28:22:47:d7:29:bf:36:37:25:51:1c:fd:8d:e3:54:
b7:9d:14:06:e2:44:39:4e:fd:3b:5f:b8:3e:8d:56:
2a:23:14:90:7c:a9:90:dc:39:27:4a:ce:02:9c:4d:
01:e0:5f:33:8f:ab:14:26:53:a5:e0:34:d2:e2:b6:
5d:6d:28:db:41:dd:e2:69:a4:a7:e8:97:12:39:89:
72:2e:c8:bd:6b:28:46:ca:83:19:c7:ef:37:14:77:
05:b4:52:6e:1e:c4:22:6c:c0:17:12:59:e0:5d:82:
ba:60:6d:a0:af:3a:2f:0f:76:6e:18:4b:d8:87:82:
61:33:2c:f0:ee:ad:1b:62:fa:32:04:6e:6b:b2:ab:
3d:18:2a:ff:0e:5a:23:91:2f:e3:38:d4:e5:86:9f:
a3:c8:17:7e:27:87:7d:4f:2a:11:c1:4a:bb:c9:66:
a3:c1:5d:31:59:10:28:69:31:b7:0a:8a:a7:2c:f0:
ad:05:55:45:2f:e9:cb:91:5a:e9:9d:ff:f4:2f:88:
c8:95:14:1a:b8:e2:da:49:b4:70:b5:64:1f:be:26:
03:fa:b0:28:00:48:b1:8b:39:f1:d6:35:b4:bc:de:
65:ba:40:8d:75:8d:f9:98:24:f4:16:81:56:f0:79:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B8:9B:30:BD:4E:67:4F:FA:F0:F4:5F:54:9A:C7:88:D2:CA:88:72
X509v3 Authority Key Identifier:
keyid:3F:FC:41:27:21:C0:C6:E7:A4:C5:76:7A:E9:8C:45:21:DE:F5:15:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_xBJyHAxuekxXZ66YxFId71FQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/9LibML1OZ0_68PRfVJrHiNLKiHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd90b9-fa88-4bd9-a7d5-22118b361490/1/P_xBJyHAxuekxXZ66YxFId71FQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.159.0/24
IPv6:
2a05:b380::/29
Signature Algorithm: sha256WithRSAEncryption
1a:a5:7d:07:bd:fd:b2:15:67:d1:91:f8:3b:60:5f:e8:db:97:
7d:f9:40:83:8b:9f:7f:01:94:17:0e:1a:50:23:db:24:1a:e5:
05:43:44:cd:b9:bc:48:2a:17:11:64:fd:cf:94:a4:c4:a6:c2:
ca:90:77:38:f0:80:86:ee:58:de:f8:0b:74:db:86:a2:4b:c9:
8d:8a:6e:21:24:11:19:e0:bc:be:fc:e7:8c:75:8d:cf:7f:3b:
a6:63:a4:b8:5c:41:67:2f:38:72:18:7d:12:4c:08:a3:e1:f0:
60:79:54:e8:5c:31:4d:37:b5:06:5a:b7:c6:15:ca:02:15:e9:
5f:17:4a:cb:6e:a2:ca:38:70:b3:04:b2:18:0d:3c:18:20:14:
00:65:3c:d7:75:b7:8e:c4:4b:f3:2b:b2:77:6d:9d:05:77:d8:
c6:c5:ee:cd:3b:8f:1e:54:e6:f7:48:96:4f:08:8f:d7:09:2f:
79:be:cf:1f:4d:67:fd:57:eb:b5:c6:5f:0b:4b:91:af:93:68:
12:ea:8e:d4:95:e7:7d:85:d3:15:d3:ee:2a:d8:16:b6:9b:62:
50:02:76:18:35:0c:5f:4a:b9:24:e9:51:29:53:bd:2e:fa:e0:
ad:ac:95:93:f2:e4:03:83:75:37:95:a1:15:9b:57:f2:56:50:
73:ed:97:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvgjY1F+D+7D32DILv80CrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmM0MTI3MjFjMGM2ZTdhNGM1NzY3YWU5OGM0NTIxZGVm
NTE1MDEwHhcNMjMwMTAxMjI0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI4OWIzMGJkNGU2NzRmZmFmMGY0NWY1NDlhYzc4OGQyY2E4ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9ncLChKPFjd0LNLDlMoIkfXKb82
NyVRHP2N41S3nRQG4kQ5Tv07X7g+jVYqIxSQfKmQ3DknSs4CnE0B4F8zj6sUJlOl
4DTS4rZdbSjbQd3iaaSn6JcSOYlyLsi9ayhGyoMZx+83FHcFtFJuHsQibMAXElng
XYK6YG2grzovD3ZuGEvYh4JhMyzw7q0bYvoyBG5rsqs9GCr/DlojkS/jONTlhp+j
yBd+J4d9TyoRwUq7yWajwV0xWRAoaTG3CoqnLPCtBVVFL+nLkVrpnf/0L4jIlRQa
uOLaSbRwtWQfviYD+rAoAEixiznx1jW0vN5lukCNdY35mCT0FoFW8Hm+0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPS4mzC9TmdP+vD0X1Sax4jSyohyMB8GA1UdIwQY
MBaAFD/8QSchwMbnpMV2eumMRSHe9RUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF94Qkp5SEF4dWVreFhaNjZZeEZJZDcxRlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZDkwYjktZmE4OC00YmQ5LWE3ZDUt
MjIxMThiMzYxNDkwLzEvOUxpYk1MMU9aMF82OFBSZlZKckhpTkxLaUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZDkwYjktZmE4OC00YmQ5LWE3ZDUtMjIxMThiMzYxNDkw
LzEvUF94Qkp5SEF4dWVreFhaNjZZeEZJZDcxRlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW82fMA0E
AgACMAcDBQMqBbOAMA0GCSqGSIb3DQEBCwUAA4IBAQAapX0Hvf2yFWfRkfg7YF/o
25d9+UCDi59/AZQXDhpQI9skGuUFQ0TNubxIKhcRZP3PlKTEpsLKkHc48ICG7lje
+At024aiS8mNim4hJBEZ4Ly+/OeMdY3PfzumY6S4XEFnLzhyGH0STAij4fBgeVTo
XDFNN7UGWrfGFcoCFelfF0rLbqLKOHCzBLIYDTwYIBQAZTzXdbeOxEvzK7J3bZ0F
d9jGxe7NO48eVOb3SJZPCI/XCS95vs8fTWf9V+u1xl8LS5Gvk2gS6o7Uled9hdMV
0+4q2Ba2m2JQAnYYNQxfSrkk6VEpU70u+uCtrJWT8uQDg3U3laEVm1fyVlBz7Zfd
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:40 2024 by rpki-client on console.sobornost.net