Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/CXiHXGPmcHUb9FXJCLo3Sau_S2U.roa
File: CXiHXGPmcHUb9FXJCLo3Sau_S2U.roa (raw, json)
Hash identifier: sP0Z69cPWxtFX1VxtiUmOSO60l2qheP82zkFtKm/N58=
Subject key identifier: 09:78:87:5C:63:E6:70:75:1B:F4:55:C9:08:BA:37:49:AB:BF:4B:65
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 01856B8A3779A2A159D9B81516A53AAB78AE
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/CXiHXGPmcHUb9FXJCLo3Sau_S2U.roa
Signing time: Sun 01 Jan 2023 04:14:58 +0000
ROA not before: Sun 01 Jan 2023 04:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200699
IP address blocks: 185.56.81.0/24 maxlen: 24
2a06:e80:1000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:37:79:a2:a1:59:d9:b8:15:16:a5:3a:ab:78:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 1 04:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0978875c63e670751bf455c908ba3749abbf4b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:59:7d:f5:82:f6:cf:de:bf:af:f9:73:6f:
25:a8:29:93:a7:87:7c:9e:66:fd:19:43:40:be:0b:
ed:6e:25:a8:38:8c:51:1e:5b:6c:0b:2d:76:5d:b8:
cc:6e:aa:29:75:77:16:73:35:f1:e7:ca:43:8e:8d:
59:8c:1a:a5:82:20:b5:61:1b:df:37:ed:c0:3c:08:
4b:b4:56:0d:e3:1a:b9:61:b4:02:74:e8:b3:76:b8:
7f:26:7a:b9:74:e4:fc:25:ac:91:ce:90:01:09:b4:
6b:c5:a4:8a:f8:c1:2f:5e:0f:98:30:50:78:99:58:
1a:2c:87:2c:5d:15:07:d2:46:8c:b3:8e:7c:13:f1:
94:f9:50:4a:08:53:a8:22:21:f2:2f:07:69:73:97:
88:ac:3b:b9:dc:b2:6c:09:00:d5:43:6c:f0:05:21:
ae:80:00:44:1a:5d:bb:d6:a4:ec:72:60:55:55:d9:
fe:55:f9:1e:13:0e:de:0a:b8:81:b1:c3:69:f3:ad:
e8:20:f2:fe:e0:8a:83:20:e6:98:a0:eb:eb:62:0b:
2b:a8:15:bc:e5:51:2d:3b:b7:6b:d8:94:58:75:bb:
51:f0:de:c4:f8:67:ec:95:83:a2:b6:0c:c9:7b:24:
0a:d6:a2:aa:f4:af:e4:9f:06:2b:8b:7c:64:e6:91:
63:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:78:87:5C:63:E6:70:75:1B:F4:55:C9:08:BA:37:49:AB:BF:4B:65
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/CXiHXGPmcHUb9FXJCLo3Sau_S2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.81.0/24
IPv6:
2a06:e80:1000::/36
Signature Algorithm: sha256WithRSAEncryption
93:89:37:cf:4c:07:24:ab:49:fa:68:89:b3:b5:9c:8c:66:4d:
cf:f8:bb:ed:a1:db:2f:1b:eb:e5:b1:a1:80:c7:2e:81:52:5c:
9e:97:24:f3:25:d9:1e:19:91:d8:a8:b8:aa:97:88:12:18:00:
f9:af:3d:4c:d0:40:fb:b8:f5:9c:54:e2:b8:54:b9:97:a1:9c:
da:eb:3d:5a:db:a8:95:0f:bc:03:0b:e8:a5:fd:1f:ab:2b:41:
6e:09:47:b1:e9:09:6e:84:6a:17:c2:8d:75:06:26:af:e8:57:
7b:2e:6d:cd:d6:31:55:7e:a5:f0:c3:8a:bf:7a:ec:10:68:73:
d7:bb:da:3c:7b:19:27:ec:ac:89:5e:3a:66:b4:6d:7b:e8:fa:
5b:40:fe:e9:e7:01:b6:2f:41:af:10:be:94:5d:0a:d4:80:75:
53:66:8e:35:f7:97:da:b1:2d:7c:4d:bf:09:1c:d1:f1:4e:b0:
94:0f:4b:f7:97:80:70:60:46:9c:1c:60:d8:95:d6:18:79:09:
a4:24:8f:94:57:59:95:3b:78:da:aa:79:23:f5:55:e2:b7:2a:
84:13:16:23:8f:4d:1d:e8:e3:e3:6d:89:f3:57:85:f7:f2:d5:
44:f4:03:4a:85:06:49:96:95:98:95:18:73:a5:60:3b:d1:5d:
7d:53:8c:81
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVrijd5oqFZ2bgVFqU6q3iuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjMwMTAxMDQxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc4ODc1YzYzZTY3MDc1MWJmNDU1YzkwOGJhMzc0OWFiYmY0YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiJZffWC9s/ev6/5c28lqCmTp4d8
nmb9GUNAvgvtbiWoOIxRHltsCy12XbjMbqopdXcWczXx58pDjo1ZjBqlgiC1YRvf
N+3APAhLtFYN4xq5YbQCdOizdrh/Jnq5dOT8JayRzpABCbRrxaSK+MEvXg+YMFB4
mVgaLIcsXRUH0kaMs458E/GU+VBKCFOoIiHyLwdpc5eIrDu53LJsCQDVQ2zwBSGu
gABEGl271qTscmBVVdn+VfkeEw7eCriBscNp863oIPL+4IqDIOaYoOvrYgsrqBW8
5VEtO7dr2JRYdbtR8N7E+GfslYOitgzJeyQK1qKq9K/knwYri3xk5pFjLQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAl4h1xj5nB1G/RVyQi6N0mrv0tlMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvQ1hpSFhHUG1jSFViOUZYSkNMbzNTYXVfUzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuThRMA4E
AgACMAgDBgQqBg6AEDANBgkqhkiG9w0BAQsFAAOCAQEAk4k3z0wHJKtJ+miJs7Wc
jGZNz/i77aHbLxvr5bGhgMcugVJcnpck8yXZHhmR2Ki4qpeIEhgA+a89TNBA+7j1
nFTiuFS5l6Gc2us9WtuolQ+8Awvopf0fqytBbglHsekJboRqF8KNdQYmr+hXey5t
zdYxVX6l8MOKv3rsEGhz17vaPHsZJ+ysiV46ZrRte+j6W0D+6ecBti9BrxC+lF0K
1IB1U2aONfeX2rEtfE2/CRzR8U6wlA9L95eAcGBGnBxg2JXWGHkJpCSPlFdZlTt4
2qp5I/VV4rcqhBMWI49NHejj422J81eF9/LVRPQDSoUGSZaVmJUYc6VgO9FdfVOM
gQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:03 2024 by rpki-client on console.sobornost.net