Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/i8mA65klyuFFKJccMOhu3PVzdqU.roa
File: i8mA65klyuFFKJccMOhu3PVzdqU.roa (raw, json)
Hash identifier: 2CGgCFvWs0jksTdzQ0wpP1lZhgMURjzwKYlbrZFzOfU=
Subject key identifier: 8B:C9:80:EB:99:25:CA:E1:45:28:97:1C:30:E8:6E:DC:F5:73:76:A5
Certificate issuer: /CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Certificate serial: 01856FF93A645A5EC88311EC7BBFB9E0309E
Authority key identifier: 07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/i8mA65klyuFFKJccMOhu3PVzdqU.roa
Signing time: Mon 02 Jan 2023 00:54:42 +0000
ROA not before: Mon 02 Jan 2023 00:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 194.11.156.0/22 maxlen: 22
2001:67c:5d8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3a:64:5a:5e:c8:83:11:ec:7b:bf:b9:e0:30:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Validity
Not Before: Jan 2 00:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bc980eb9925cae14528971c30e86edcf57376a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:54:b3:b2:e3:45:3c:d2:43:cf:9f:da:77:5f:
94:aa:28:ba:4c:99:f3:2d:2b:7b:83:83:0d:fe:6f:
99:80:5d:5c:06:96:9d:2d:3f:37:1c:5d:03:b7:c2:
96:c9:20:fc:4d:25:08:d0:a8:43:b6:06:77:9a:34:
02:37:c9:f5:9a:cf:46:b9:52:69:91:40:65:6b:d9:
89:07:56:41:5b:bc:ed:01:61:ad:69:e3:ef:65:5d:
8a:82:c9:4f:bf:22:e0:3b:2a:8c:a5:bf:77:b9:40:
2d:30:bd:db:a4:52:4a:51:33:04:e2:10:fe:db:80:
a6:70:c2:38:4b:50:07:1c:a7:1e:e6:f5:4a:3e:f5:
8c:3d:6d:78:00:a6:83:f4:74:2f:fd:e7:04:ce:2b:
7f:79:79:76:f3:33:60:53:95:37:93:d3:7e:af:f3:
2b:a9:2e:ca:22:7a:cc:59:5f:62:2c:83:e5:e7:14:
b9:a4:08:2a:d7:cf:a0:94:26:3b:0a:06:29:57:ae:
fc:00:88:78:eb:5a:b8:8a:f2:e8:9e:8d:87:6b:a7:
78:ec:15:1f:78:e2:86:cd:54:74:31:ce:0f:45:9d:
45:de:aa:4c:fd:bc:e9:99:b0:e9:b4:d8:36:7d:2f:
58:ff:c2:d3:cd:d6:95:10:eb:15:94:86:16:72:7c:
aa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C9:80:EB:99:25:CA:E1:45:28:97:1C:30:E8:6E:DC:F5:73:76:A5
X509v3 Authority Key Identifier:
keyid:07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/i8mA65klyuFFKJccMOhu3PVzdqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/B16ZPnb51_pATWmmy2DUv5jyuh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.156.0/22
IPv6:
2001:67c:5d8::/48
Signature Algorithm: sha256WithRSAEncryption
19:82:df:70:af:b9:15:e5:9c:54:68:3b:1f:fe:83:16:a1:39:
c3:a5:52:2a:76:ce:dd:eb:ae:4f:49:47:67:f6:75:47:c9:d3:
40:04:3c:05:5f:27:99:fc:d2:6d:35:b4:61:1e:87:30:92:c1:
2d:a3:73:db:5b:4d:0d:9d:01:ef:23:00:d9:db:ed:99:da:31:
50:7f:f6:58:d0:4f:8d:94:82:dd:a5:38:76:74:2a:b7:4a:a9:
72:80:b9:ab:0b:bd:58:57:23:80:50:3f:13:11:aa:db:7b:f4:
fc:ed:9e:b2:79:43:0c:64:62:fc:69:02:53:34:a8:27:71:2b:
eb:57:2a:60:53:23:79:f7:48:d1:2a:81:be:94:f7:73:f8:3b:
4d:5f:2c:9e:aa:a6:74:2f:8f:5c:75:42:78:d2:0d:c7:54:b2:
60:81:b7:18:f9:d3:42:0e:6e:cd:ee:76:6c:da:12:85:22:f0:
87:e8:4d:c3:2e:fa:98:1a:68:d4:74:0e:b8:b2:5e:ef:c5:d3:
17:f2:09:9f:04:11:d3:6e:21:a6:b8:7d:ef:df:f6:82:e0:64:
2c:5e:a3:95:05:b0:87:38:aa:20:a4:f9:f5:34:ba:c4:d9:02:
28:aa:a9:3d:2d:28:2a:7d:0a:90:57:16:46:e1:7d:16:33:6d:
0f:00:bd:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv+TpkWl7IgxHse7+54DCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NWU5OTNlNzZmOWQ3ZmE0MDRkNjlhNmNiNjBkNGJmOThm
MmJhMWUwHhcNMjMwMTAyMDA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmM5ODBlYjk5MjVjYWUxNDUyODk3MWMzMGU4NmVkY2Y1NzM3NmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1SzsuNFPNJDz5/ad1+Uqii6TJnz
LSt7g4MN/m+ZgF1cBpadLT83HF0Dt8KWySD8TSUI0KhDtgZ3mjQCN8n1ms9GuVJp
kUBla9mJB1ZBW7ztAWGtaePvZV2KgslPvyLgOyqMpb93uUAtML3bpFJKUTME4hD+
24CmcMI4S1AHHKce5vVKPvWMPW14AKaD9HQv/ecEzit/eXl28zNgU5U3k9N+r/Mr
qS7KInrMWV9iLIPl5xS5pAgq18+glCY7CgYpV678AIh461q4ivLono2Ha6d47BUf
eOKGzVR0Mc4PRZ1F3qpM/bzpmbDptNg2fS9Y/8LTzdaVEOsVlIYWcnyqpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvJgOuZJcrhRSiXHDDobtz1c3alMB8GA1UdIwQY
MBaAFAdemT52+df6QE1ppstg1L+Y8roeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYt
ZTE1ZTY2NmFkNmMyLzEvaThtQTY1a2x5dUZGS0pjY01PaHUzUFZ6ZHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYtZTE1ZTY2NmFkNmMy
LzEvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwgucMA8E
AgACMAkDBwAgAQZ8BdgwDQYJKoZIhvcNAQELBQADggEBABmC33CvuRXlnFRoOx/+
gxahOcOlUip2zt3rrk9JR2f2dUfJ00AEPAVfJ5n80m01tGEehzCSwS2jc9tbTQ2d
Ae8jANnb7ZnaMVB/9ljQT42Ugt2lOHZ0KrdKqXKAuasLvVhXI4BQPxMRqtt79Pzt
nrJ5QwxkYvxpAlM0qCdxK+tXKmBTI3n3SNEqgb6U93P4O01fLJ6qpnQvj1x1QnjS
DcdUsmCBtxj500IObs3udmzaEoUi8IfoTcMu+pgaaNR0DriyXu/F0xfyCZ8EEdNu
Iaa4fe/f9oLgZCxeo5UFsIc4qiCk+fU0usTZAiiqqT0tKCp9CpBXFkbhfRYzbQ8A
vbA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:50 2024 by rpki-client on console.sobornost.net