Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/k5Q5zo3fTPs6o0yYUsCKdhjaze0.roa
File: k5Q5zo3fTPs6o0yYUsCKdhjaze0.roa (raw, json)
Hash identifier: t6qyGX3e/VfnFu3esvHeZMmKhE/ChCyhdYBR7KR6i7Q=
Subject key identifier: 93:94:39:CE:8D:DF:4C:FB:3A:A3:4C:98:52:C0:8A:76:18:DA:CD:ED
Certificate issuer: /CN=7e566fff407f31c6ae856c3743ef3e5f22f8d35b
Certificate serial: 01857230DE95652E8D8527EB35ECCB9C7660
Authority key identifier: 7E:56:6F:FF:40:7F:31:C6:AE:85:6C:37:43:EF:3E:5F:22:F8:D3:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flZv_0B_McauhWw3Q-8-XyL401s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/k5Q5zo3fTPs6o0yYUsCKdhjaze0.roa
Signing time: Mon 02 Jan 2023 11:14:43 +0000
ROA not before: Mon 02 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61351
IP address blocks: 185.206.140.0/22 maxlen: 24
2a04:a240::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:de:95:65:2e:8d:85:27:eb:35:ec:cb:9c:76:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e566fff407f31c6ae856c3743ef3e5f22f8d35b
Validity
Not Before: Jan 2 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=939439ce8ddf4cfb3aa34c9852c08a7618dacded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:34:93:06:c9:b8:38:da:d8:b2:3d:15:cf:0d:
92:d5:3a:39:89:d0:ef:76:aa:be:fa:6b:47:f8:be:
bf:32:18:e9:28:6e:f1:ac:00:a0:bd:39:eb:ac:96:
96:0a:8a:14:e9:2e:b2:5a:72:f2:c8:51:4e:ee:72:
ae:8d:15:c2:2c:b4:c7:99:77:37:68:2a:f3:44:44:
10:de:6e:fa:d4:5f:37:c6:1d:90:63:68:0a:c1:0c:
94:d1:d0:6c:0b:5c:7a:4c:d9:80:4c:be:f3:30:94:
57:d1:49:56:26:bf:d1:4e:d8:53:15:1f:3d:24:92:
f1:60:38:0a:ba:2c:1a:2f:d4:4f:f6:8a:8b:e8:d1:
67:ff:ad:78:32:94:d6:68:25:64:67:26:68:86:60:
96:52:62:d2:9c:54:58:a1:fb:81:62:21:e9:de:da:
a1:30:46:cc:ec:5c:34:de:81:cb:d4:24:fa:34:5a:
f2:ab:e7:90:de:b6:82:dd:39:bc:42:39:bc:ae:b2:
ee:5d:9d:eb:69:9e:ae:2b:1b:32:97:46:79:a7:5b:
cc:a5:d1:cf:a5:94:25:97:6a:59:75:7b:76:f4:14:
47:0f:8b:f1:00:16:6f:f4:90:c7:57:a9:d6:ac:21:
c1:8f:8d:8a:d2:00:37:7a:85:54:c8:11:1a:d3:4c:
f9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:94:39:CE:8D:DF:4C:FB:3A:A3:4C:98:52:C0:8A:76:18:DA:CD:ED
X509v3 Authority Key Identifier:
keyid:7E:56:6F:FF:40:7F:31:C6:AE:85:6C:37:43:EF:3E:5F:22:F8:D3:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flZv_0B_McauhWw3Q-8-XyL401s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/k5Q5zo3fTPs6o0yYUsCKdhjaze0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/flZv_0B_McauhWw3Q-8-XyL401s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.140.0/22
IPv6:
2a04:a240::/29
Signature Algorithm: sha256WithRSAEncryption
5d:16:8a:b6:95:ff:64:ce:de:3b:a7:38:65:da:45:b0:3a:ba:
75:cd:0b:82:27:ec:c3:4e:de:2a:b2:b7:3e:d3:d9:18:82:75:
b9:96:e7:fa:57:cc:60:cb:1d:03:da:b5:09:56:37:e4:86:94:
32:21:78:6d:b4:60:ef:29:c1:14:7d:1f:07:ac:1a:78:ec:1e:
fa:c6:7e:a4:1e:6f:fb:42:fa:db:05:6b:8b:ad:71:03:a5:5f:
d6:27:ca:45:b3:e3:36:ac:5e:33:d2:79:37:99:83:8c:2c:5e:
89:cd:6c:bd:88:74:95:9e:02:08:ab:f9:08:3b:54:82:88:f0:
a7:41:e1:c2:6b:0b:65:de:ac:f9:01:f7:fd:5f:01:ee:70:1b:
82:0b:b9:2b:ce:33:bd:d6:b5:09:20:a9:c2:f8:12:b3:3a:7f:
a8:70:20:91:18:62:e3:94:6b:11:0e:46:d9:4d:6c:3c:59:ce:
9e:69:8c:f8:50:74:20:b5:6f:15:2f:6a:e8:21:95:c4:8f:d9:
69:52:e3:6a:01:d3:6f:e9:0a:9e:6f:81:65:b9:55:be:5e:2c:
8c:61:df:6d:4b:9f:7d:2d:28:ab:77:23:18:9c:0d:bb:ed:c6:
f5:75:91:10:09:3c:8a:65:72:45:67:90:dc:43:aa:27:f7:e7:
9c:a1:e7:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMN6VZS6NhSfrNezLnHZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNTY2ZmZmNDA3ZjMxYzZhZTg1NmMzNzQzZWYzZTVmMjJm
OGQzNWIwHhcNMjMwMTAyMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk0MzljZThkZGY0Y2ZiM2FhMzRjOTg1MmMwOGE3NjE4ZGFjZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujSTBsm4ONrYsj0Vzw2S1To5idDv
dqq++mtH+L6/MhjpKG7xrACgvTnrrJaWCooU6S6yWnLyyFFO7nKujRXCLLTHmXc3
aCrzREQQ3m761F83xh2QY2gKwQyU0dBsC1x6TNmATL7zMJRX0UlWJr/RTthTFR89
JJLxYDgKuiwaL9RP9oqL6NFn/614MpTWaCVkZyZohmCWUmLSnFRYofuBYiHp3tqh
MEbM7Fw03oHL1CT6NFryq+eQ3raC3Tm8Qjm8rrLuXZ3raZ6uKxsyl0Z5p1vMpdHP
pZQll2pZdXt29BRHD4vxABZv9JDHV6nWrCHBj42K0gA3eoVUyBEa00z5gQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJOUOc6N30z7OqNMmFLAinYY2s3tMB8GA1UdIwQY
MBaAFH5Wb/9AfzHGroVsN0PvPl8i+NNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxadl8wQl9NY2F1aFd3M1EtOC1YeUw0MDFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wNDA1NjQtNTk1Mi00MjIzLWJjY2Et
Zjg3NmMwNTVhMzE1LzEvazVRNXpvM2ZUUHM2bzB5WVVzQ0tkaGphemUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wNDA1NjQtNTk1Mi00MjIzLWJjY2EtZjg3NmMwNTVhMzE1
LzEvZmxadl8wQl9NY2F1aFd3M1EtOC1YeUw0MDFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc6MMA0E
AgACMAcDBQMqBKJAMA0GCSqGSIb3DQEBCwUAA4IBAQBdFoq2lf9kzt47pzhl2kWw
Orp1zQuCJ+zDTt4qsrc+09kYgnW5luf6V8xgyx0D2rUJVjfkhpQyIXhttGDvKcEU
fR8HrBp47B76xn6kHm/7QvrbBWuLrXEDpV/WJ8pFs+M2rF4z0nk3mYOMLF6JzWy9
iHSVngIIq/kIO1SCiPCnQeHCawtl3qz5Aff9XwHucBuCC7krzjO91rUJIKnC+BKz
On+ocCCRGGLjlGsRDkbZTWw8Wc6eaYz4UHQgtW8VL2roIZXEj9lpUuNqAdNv6Qqe
b4FluVW+XiyMYd9tS599LSirdyMYnA277cb1dZEQCTyKZXJFZ5DcQ6on9+ecoedI
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:26 2024 by rpki-client on console.sobornost.net