Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/85b29b-0ea2-4741-b439-e4b66a3fe5bc/1/s5GADRJjqug8dZVz_7jxooSG3Fc.roa
File: s5GADRJjqug8dZVz_7jxooSG3Fc.roa (raw, json)
Hash identifier: t7VIRS7PBMfvD4SlJNDQKAnb6lATj/cNHC4EGTSYICI=
Subject key identifier: B3:91:80:0D:12:63:AA:E8:3C:75:95:73:FF:B8:F1:A2:84:86:DC:57
Certificate issuer: /CN=7df11a3160db8ce7918bf3ec58b5c5e1e3e93821
Certificate serial: 01856B5311F1D0FBD6596D69122624CA80E1
Authority key identifier: 7D:F1:1A:31:60:DB:8C:E7:91:8B:F3:EC:58:B5:C5:E1:E3:E9:38:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEaMWDbjOeRi_PsWLXF4ePpOCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/85b29b-0ea2-4741-b439-e4b66a3fe5bc/1/s5GADRJjqug8dZVz_7jxooSG3Fc.roa
Signing time: Sun 01 Jan 2023 03:14:44 +0000
ROA not before: Sun 01 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41504
IP address blocks: 195.3.212.0/22 maxlen: 24
2001:67c:2378::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:11:f1:d0:fb:d6:59:6d:69:12:26:24:ca:80:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df11a3160db8ce7918bf3ec58b5c5e1e3e93821
Validity
Not Before: Jan 1 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b391800d1263aae83c759573ffb8f1a28486dc57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7a:22:38:7f:b4:87:9d:5b:aa:12:39:e6:5c:
2d:d5:13:10:55:c7:8b:e1:04:de:5a:5e:b3:0c:e9:
7d:8d:3c:cb:fc:bd:9d:20:d9:2b:00:92:91:78:a6:
51:c9:8f:a2:37:65:ed:3f:05:75:93:5f:97:5a:13:
cc:3d:78:7a:5c:02:79:bc:b1:b9:8a:e1:80:04:af:
ae:6d:20:00:85:2a:49:be:53:02:66:5c:b0:aa:4c:
7a:04:b4:92:26:6e:3f:3f:a1:c5:0c:5c:f5:5b:ec:
3f:2d:4e:db:1c:34:a3:2a:9a:6b:e5:20:c5:d7:5b:
b1:c2:a5:4b:4f:bb:df:c2:9f:19:cb:5f:ea:b0:4b:
64:59:0a:28:79:78:78:a1:99:3f:2b:d1:64:0a:94:
c5:39:6a:2a:0b:b8:d6:9d:1b:f6:a6:68:14:ed:ee:
34:f4:91:c0:6b:51:11:38:42:51:e7:fc:19:2e:55:
86:11:f8:36:21:65:16:76:07:ba:14:c2:1f:18:24:
02:5c:8e:03:1f:aa:e9:81:9a:2c:9c:f0:e3:d4:94:
31:19:79:6f:46:2b:ff:da:22:10:4a:0b:47:42:34:
43:98:73:58:ed:ce:26:ab:ce:9d:3c:15:87:81:77:
b1:83:1e:a4:50:51:4d:54:87:4c:71:14:c8:1e:6b:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:91:80:0D:12:63:AA:E8:3C:75:95:73:FF:B8:F1:A2:84:86:DC:57
X509v3 Authority Key Identifier:
keyid:7D:F1:1A:31:60:DB:8C:E7:91:8B:F3:EC:58:B5:C5:E1:E3:E9:38:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEaMWDbjOeRi_PsWLXF4ePpOCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/85b29b-0ea2-4741-b439-e4b66a3fe5bc/1/s5GADRJjqug8dZVz_7jxooSG3Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/85b29b-0ea2-4741-b439-e4b66a3fe5bc/1/ffEaMWDbjOeRi_PsWLXF4ePpOCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.3.212.0/22
IPv6:
2001:67c:2378::/48
Signature Algorithm: sha256WithRSAEncryption
5d:63:21:ec:34:3f:80:8f:54:1c:f0:9c:30:96:9f:d9:6d:45:
19:4c:59:ab:f6:15:25:b2:eb:0a:be:23:96:f5:b3:1d:16:ab:
59:79:13:67:90:bc:55:97:26:ad:2a:ef:68:4d:1c:f5:30:72:
e1:d8:a4:2c:b5:36:0b:a2:16:8d:d3:8d:19:f5:61:85:8e:29:
0e:7f:de:70:92:cd:be:d2:70:0d:3f:23:33:98:71:3d:d3:fb:
e6:8b:1c:05:19:b0:13:01:9e:9b:4e:0d:d9:fb:04:d0:f4:73:
ec:e2:21:20:b5:e9:16:7d:d9:1b:58:81:f2:85:30:e0:17:23:
6b:40:1d:1c:d3:f3:4e:e7:65:5a:69:e2:0e:9f:d2:26:c5:b2:
d4:6a:48:46:ce:80:37:2e:bd:2e:a9:b5:92:b8:d6:fe:d7:55:
0e:6d:79:be:cf:d9:3b:2b:e9:cf:c3:0a:5a:b1:37:9f:02:a3:
2f:a4:df:ab:53:c9:ad:4f:d7:cc:b9:eb:d5:b3:3e:81:f0:57:
ec:6d:e7:c9:06:c3:34:de:14:cd:20:b7:7b:da:b1:49:e6:ff:
a8:aa:91:f5:68:18:cd:02:6a:df:08:01:21:9e:d6:c0:d4:5f:
3e:d4:ef:e4:cd:2c:13:2a:b3:67:cb:eb:79:2c:b1:77:00:45:
59:02:ac:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrUxHx0PvWWW1pEiYkyoDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjExYTMxNjBkYjhjZTc5MThiZjNlYzU4YjVjNWUxZTNl
OTM4MjEwHhcNMjMwMTAxMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkxODAwZDEyNjNhYWU4M2M3NTk1NzNmZmI4ZjFhMjg0ODZkYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunoiOH+0h51bqhI55lwt1RMQVceL
4QTeWl6zDOl9jTzL/L2dINkrAJKReKZRyY+iN2XtPwV1k1+XWhPMPXh6XAJ5vLG5
iuGABK+ubSAAhSpJvlMCZlywqkx6BLSSJm4/P6HFDFz1W+w/LU7bHDSjKppr5SDF
11uxwqVLT7vfwp8Zy1/qsEtkWQooeXh4oZk/K9FkCpTFOWoqC7jWnRv2pmgU7e40
9JHAa1EROEJR5/wZLlWGEfg2IWUWdge6FMIfGCQCXI4DH6rpgZosnPDj1JQxGXlv
Riv/2iIQSgtHQjRDmHNY7c4mq86dPBWHgXexgx6kUFFNVIdMcRTIHmsA/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLORgA0SY6roPHWVc/+48aKEhtxXMB8GA1UdIwQY
MBaAFH3xGjFg24znkYvz7Fi1xeHj6TghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFYU1XRGJqT2VSaV9Qc1dMWEY0ZVBwT0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84NWIyOWItMGVhMi00NzQxLWI0Mzkt
ZTRiNjZhM2ZlNWJjLzEvczVHQURSSmpxdWc4ZFpWel83anhvb1NHM0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84NWIyOWItMGVhMi00NzQxLWI0MzktZTRiNjZhM2ZlNWJj
LzEvZmZFYU1XRGJqT2VSaV9Qc1dMWEY0ZVBwT0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwwPUMA8E
AgACMAkDBwAgAQZ8I3gwDQYJKoZIhvcNAQELBQADggEBAF1jIew0P4CPVBzwnDCW
n9ltRRlMWav2FSWy6wq+I5b1sx0Wq1l5E2eQvFWXJq0q72hNHPUwcuHYpCy1Ngui
Fo3TjRn1YYWOKQ5/3nCSzb7ScA0/IzOYcT3T++aLHAUZsBMBnptODdn7BND0c+zi
ISC16RZ92RtYgfKFMOAXI2tAHRzT807nZVpp4g6f0ibFstRqSEbOgDcuvS6ptZK4
1v7XVQ5teb7P2Tsr6c/DClqxN58Coy+k36tTya1P18y569WzPoHwV+xt58kGwzTe
FM0gt3vasUnm/6iqkfVoGM0Cat8IASGe1sDUXz7U7+TNLBMqs2fL63kssXcARVkC
rM8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:02 2024 by rpki-client on console.sobornost.net