Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/C0NIkUTmeqJNP2vffMxW8kMwpwM.roa
File: C0NIkUTmeqJNP2vffMxW8kMwpwM.roa (raw, json)
Hash identifier: n6zaObvpT0dxf44xMShsYeyLNCc5oXf/OGW8T7MpLrM=
Subject key identifier: 0B:43:48:91:44:E6:7A:A2:4D:3F:6B:DF:7C:CC:56:F2:43:30:A7:03
Certificate issuer: /CN=b14aaa9b084864f44bae18ba076b26067754fb62
Certificate serial: 0185728C88D826002BAE098320AF9C95EC82
Authority key identifier: B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/C0NIkUTmeqJNP2vffMxW8kMwpwM.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60641
IP address blocks: 5.39.233.0/24 maxlen: 24
5.39.236.0/24 maxlen: 24
5.39.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:88:d8:26:00:2b:ae:09:83:20:af:9c:95:ec:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aaa9b084864f44bae18ba076b26067754fb62
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b43489144e67aa24d3f6bdf7ccc56f24330a703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:58:20:62:dc:a0:80:be:b5:62:17:0b:5f:cb:
62:00:a0:c2:1d:d9:a4:24:48:18:55:4a:ae:37:67:
80:99:0b:21:af:5f:9f:e8:a4:2d:ff:51:2b:6d:b2:
e1:a9:89:48:fb:de:77:dd:25:c9:a4:c1:c1:03:e2:
0c:e8:bb:34:e6:97:19:78:03:36:3c:37:ff:46:2e:
0b:24:bb:12:d3:0b:a4:5d:99:26:83:14:cf:91:cd:
e4:af:d9:7b:aa:7d:d7:d1:8b:74:58:96:80:2d:29:
3a:ee:c3:1d:40:c7:b2:04:68:16:10:9e:72:fd:f2:
39:29:56:1e:2b:99:5a:d5:42:75:dc:89:35:0a:9c:
cf:57:37:bb:b0:3d:d6:b7:2b:0f:18:4e:69:f4:a9:
47:f7:50:4e:2f:80:43:f9:d8:d7:2f:84:0b:f4:c4:
b0:e5:80:bf:b1:8f:b6:16:64:48:31:6f:92:f3:7d:
26:2c:df:b1:70:a0:d7:43:88:e3:75:06:1b:5e:ff:
eb:07:6a:26:45:4b:a3:75:5d:20:5d:0d:07:f8:e1:
eb:90:ca:cf:08:76:ff:62:ce:66:21:36:1b:54:f8:
db:c6:fe:be:b7:d0:83:21:a3:25:40:80:9b:c0:48:
41:7c:7d:2a:db:62:72:0d:ef:88:2d:1e:91:d2:46:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:43:48:91:44:E6:7A:A2:4D:3F:6B:DF:7C:CC:56:F2:43:30:A7:03
X509v3 Authority Key Identifier:
keyid:B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/C0NIkUTmeqJNP2vffMxW8kMwpwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sUqqmwhIZPRLrhi6B2smBndU-2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.233.0-5.39.234.255
5.39.236.0/24
Signature Algorithm: sha256WithRSAEncryption
be:99:e9:37:36:58:bc:3b:b6:24:4e:6c:ed:18:bb:01:26:19:
df:28:45:30:6c:2d:b1:a7:bc:57:93:d3:b8:01:ed:33:90:41:
f1:69:a1:b9:59:2e:d3:77:93:e1:7d:d7:73:58:1b:93:87:a4:
32:ec:05:18:2b:d7:b8:ce:02:8d:94:03:26:78:44:60:d1:69:
42:95:6d:ff:8e:b1:82:3e:6c:3c:2f:23:a7:d5:18:11:26:50:
54:22:5d:14:b3:27:1c:0c:fb:e0:af:13:42:d4:6b:cf:74:73:
5e:be:fe:cf:d2:c0:14:74:36:c3:7f:36:af:f6:c8:7c:f8:60:
5c:9e:88:1b:a5:0e:a8:b9:8e:bc:c2:26:f8:14:16:d1:35:99:
a2:9c:e2:f1:f1:db:7c:02:63:52:e4:e1:bd:c3:73:78:b1:d1:
55:09:ee:d6:c3:cc:de:02:fd:e9:30:5d:00:40:6a:70:f6:93:
cf:b5:01:a7:a1:9c:a5:74:d7:03:c9:69:39:df:14:07:33:f8:
72:22:7c:00:5b:44:af:58:ae:4d:f5:a7:e2:61:32:2c:0b:ef:
0d:d0:5f:bf:40:9a:17:92:66:a2:b7:00:b8:64:1e:65:8e:05:
2d:ca:d1:de:40:42:1f:3f:d4:03:fd:b2:9f:8d:e9:28:47:02:
d0:7b:2a:e7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyjIjYJgArrgmDIK+cleyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFhYTliMDg0ODY0ZjQ0YmFlMThiYTA3NmIyNjA2Nzc1
NGZiNjIwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQzNDg5MTQ0ZTY3YWEyNGQzZjZiZGY3Y2NjNTZmMjQzMzBhNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFggYtyggL61YhcLX8tiAKDCHdmk
JEgYVUquN2eAmQshr1+f6KQt/1ErbbLhqYlI+9533SXJpMHBA+IM6Ls05pcZeAM2
PDf/Ri4LJLsS0wukXZkmgxTPkc3kr9l7qn3X0Yt0WJaALSk67sMdQMeyBGgWEJ5y
/fI5KVYeK5la1UJ13Ik1CpzPVze7sD3WtysPGE5p9KlH91BOL4BD+djXL4QL9MSw
5YC/sY+2FmRIMW+S830mLN+xcKDXQ4jjdQYbXv/rB2omRUujdV0gXQ0H+OHrkMrP
CHb/Ys5mITYbVPjbxv6+t9CDIaMlQICbwEhBfH0q22JyDe+ILR6R0kYsjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAtDSJFE5nqiTT9r33zMVvJDMKcDMB8GA1UdIwQY
MBaAFLFKqpsISGT0S64YugdrJgZ3VPtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEt
NThmYWEyN2U1NTQ5LzEvQzBOSWtVVG1lcUpOUDJ2ZmZNeFc4a013cHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yMjdhZmEtZGRlYy00NjQ0LTk4MmEtNThmYWEyN2U1NTQ5
LzEvc1VxcW13aElaUFJMcmhpNkIyc21CbmRVLTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAFJ+kD
BAAFJ+oDBAAFJ+wwDQYJKoZIhvcNAQELBQADggEBAL6Z6Tc2WLw7tiRObO0YuwEm
Gd8oRTBsLbGnvFeT07gB7TOQQfFpoblZLtN3k+F913NYG5OHpDLsBRgr17jOAo2U
AyZ4RGDRaUKVbf+OsYI+bDwvI6fVGBEmUFQiXRSzJxwM++CvE0LUa890c16+/s/S
wBR0NsN/Nq/2yHz4YFyeiBulDqi5jrzCJvgUFtE1maKc4vHx23wCY1Lk4b3Dc3ix
0VUJ7tbDzN4C/ekwXQBAanD2k8+1AaehnKV01wPJaTnfFAcz+HIifABbRK9Yrk31
p+JhMiwL7w3QX79AmheSZqK3ALhkHmWOBS3K0d5AQh8/1AP9sp+N6ShHAtB7Kuc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:58 2024 by rpki-client on console.sobornost.net