Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/rP-ZDwkK-7WR5XQYed5s3iQeoMY.roa
File: rP-ZDwkK-7WR5XQYed5s3iQeoMY.roa (raw, json)
Hash identifier: JxBnHVfaVvCpbTOzoQ+a9qu0AKaLBI9jMSWfcMXzldE=
Subject key identifier: AC:FF:99:0F:09:0A:FB:B5:91:E5:74:18:79:DE:6C:DE:24:1E:A0:C6
Certificate issuer: /CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7
Certificate serial: 018571F0E8C5340E1A8F74A95D961C9C2D9E
Authority key identifier: 5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/rP-ZDwkK-7WR5XQYed5s3iQeoMY.roa
Signing time: Mon 02 Jan 2023 10:04:51 +0000
ROA not before: Mon 02 Jan 2023 10:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34942
IP address blocks: 185.100.36.0/22 maxlen: 24
193.189.139.0/24 maxlen: 24
2a06:340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e8:c5:34:0e:1a:8f:74:a9:5d:96:1c:9c:2d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7
Validity
Not Before: Jan 2 10:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acff990f090afbb591e5741879de6cde241ea0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ea:a3:43:b5:f7:1b:44:47:a1:a2:98:3e:20:
5f:25:fb:b2:26:e3:a1:1d:e4:bb:3a:1f:01:98:50:
88:8d:4d:ad:25:39:e2:5d:b8:e1:7e:f6:d4:d4:f9:
6d:d9:76:ec:40:b9:3a:da:51:37:09:1f:3d:27:e1:
26:0b:72:e1:af:d1:51:0b:de:6f:98:8b:23:0e:be:
c2:39:08:2b:d1:fb:e4:1f:8b:44:5c:db:a9:34:4b:
2d:e0:da:8c:08:82:b1:9b:b5:a2:6d:46:09:22:8c:
63:03:ed:76:3f:3f:6e:e9:39:e0:6f:13:dc:27:d9:
a4:30:a4:62:8c:07:56:d9:71:7b:8f:2a:3f:b6:aa:
57:e7:c2:45:94:71:65:36:dd:f0:f8:12:39:b1:d1:
3f:6a:b4:ff:6b:a0:0e:56:99:5e:52:4c:28:79:bc:
2d:df:0a:d7:e8:89:29:ba:83:9c:22:5d:06:df:a0:
2e:1d:89:d4:f4:8f:9a:59:ef:49:6b:04:a0:0f:2f:
03:6a:03:77:5d:4d:c3:38:01:ea:2b:24:4b:f6:10:
82:47:51:50:81:89:8f:f5:52:99:f1:e0:68:a8:1b:
ea:bc:33:02:52:69:e8:6e:61:55:db:54:2e:26:2f:
4e:63:6e:94:1c:20:db:b2:ef:15:84:de:11:f4:a0:
9a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FF:99:0F:09:0A:FB:B5:91:E5:74:18:79:DE:6C:DE:24:1E:A0:C6
X509v3 Authority Key Identifier:
keyid:5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/rP-ZDwkK-7WR5XQYed5s3iQeoMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.36.0/22
193.189.139.0/24
IPv6:
2a06:340::/29
Signature Algorithm: sha256WithRSAEncryption
49:25:9d:2e:c2:1d:a3:07:63:df:aa:a2:24:44:16:a1:61:9c:
be:61:20:23:f9:0e:d8:91:df:9e:68:e8:db:ed:86:6a:1d:82:
87:e4:fc:2c:eb:9e:a7:df:e5:3b:44:d7:07:fa:0f:27:30:fb:
bc:6e:8f:f6:67:7a:53:d5:32:06:d2:7f:b5:9e:68:dc:d8:f7:
84:2c:2e:f5:c9:a2:23:9c:4f:89:a6:7d:7e:7f:fe:07:18:a0:
72:20:92:2a:e2:ee:47:db:dd:22:b3:59:c0:19:b1:6b:cb:7d:
9a:9a:de:e6:78:21:61:2c:dc:54:4a:99:3e:12:64:d1:51:cc:
e5:15:37:87:e5:72:5c:21:a0:9f:4f:ce:1d:fd:3b:de:2b:a1:
ec:1f:a8:05:1d:2c:e3:3b:85:e6:cf:44:5a:cb:7b:c3:10:32:
33:d5:54:95:06:75:50:c9:60:f4:d2:00:9d:38:4e:f5:ac:eb:
36:40:d2:24:f9:63:96:43:a7:10:d9:0d:95:15:6f:bf:62:4f:
f0:07:27:92:e4:6b:70:af:97:61:48:0b:74:12:79:4b:51:e5:
cf:9b:44:ee:e3:42:fb:13:ce:9c:bc:f5:78:d1:ee:6a:71:8b:
73:6e:cf:1f:60:32:e7:10:59:32:2d:12:42:9d:a7:e3:14:2a:
75:3e:64:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVx8OjFNA4aj3SpXZYcnC2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMzVlZDA0M2M4ZGUxNTFiZWJkYzA5ZGZjYmZmY2M3ZGM3
NzU5YzcwHhcNMjMwMTAyMTAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZmOTkwZjA5MGFmYmI1OTFlNTc0MTg3OWRlNmNkZTI0MWVhMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOqjQ7X3G0RHoaKYPiBfJfuyJuOh
HeS7Oh8BmFCIjU2tJTniXbjhfvbU1Plt2XbsQLk62lE3CR89J+EmC3Lhr9FRC95v
mIsjDr7COQgr0fvkH4tEXNupNEst4NqMCIKxm7WibUYJIoxjA+12Pz9u6TngbxPc
J9mkMKRijAdW2XF7jyo/tqpX58JFlHFlNt3w+BI5sdE/arT/a6AOVpleUkwoebwt
3wrX6IkpuoOcIl0G36AuHYnU9I+aWe9JawSgDy8DagN3XU3DOAHqKyRL9hCCR1FQ
gYmP9VKZ8eBoqBvqvDMCUmnobmFV21QuJi9OY26UHCDbsu8VhN4R9KCagwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKz/mQ8JCvu1keV0GHnebN4kHqDGMB8GA1UdIwQY
MBaAFF417QQ8jeFRvr3Anfy//Mfcd1nHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGpYdEJEeU40VkctdmNDZF9MXzh4OXgzV2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMTdmYTItNzg2Ni00ZmExLTk3MmIt
MTc3NjgxM2U3MjI0LzEvclAtWkR3a0stN1dSNVhRWWVkNXMzaVFlb01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lMTdmYTItNzg2Ni00ZmExLTk3MmItMTc3NjgxM2U3MjI0
LzEvWGpYdEJEeU40VkctdmNDZF9MXzh4OXgzV2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWQkAwQA
wb2LMA0EAgACMAcDBQMqBgNAMA0GCSqGSIb3DQEBCwUAA4IBAQBJJZ0uwh2jB2Pf
qqIkRBahYZy+YSAj+Q7Ykd+eaOjb7YZqHYKH5Pws656n3+U7RNcH+g8nMPu8bo/2
Z3pT1TIG0n+1nmjc2PeELC71yaIjnE+Jpn1+f/4HGKByIJIq4u5H290is1nAGbFr
y32amt7meCFhLNxUSpk+EmTRUczlFTeH5XJcIaCfT84d/TveK6HsH6gFHSzjO4Xm
z0Ray3vDEDIz1VSVBnVQyWD00gCdOE71rOs2QNIk+WOWQ6cQ2Q2VFW+/Yk/wByeS
5Gtwr5dhSAt0EnlLUeXPm0Tu40L7E86cvPV40e5qcYtzbs8fYDLnEFkyLRJCnafj
FCp1PmTp
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:37 2024 by rpki-client on console.sobornost.net