Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/1IrO_3y-HwmpgGEacpcDiAR1Jh0.roa
File: 1IrO_3y-HwmpgGEacpcDiAR1Jh0.roa (raw, json)
Hash identifier: M/FJgg5K0k1wCArt04ZDZmeuJ7ooZCnfl1sWoTFr9TM=
Subject key identifier: D4:8A:CE:FF:7C:BE:1F:09:A9:80:61:1A:72:97:03:88:04:75:26:1D
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0189CC4C9744D0262B9695508DE7AF93F31A
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/1IrO_3y-HwmpgGEacpcDiAR1Jh0.roa
Signing time: Sun 06 Aug 2023 19:21:58 +0000
ROA not before: Sun 06 Aug 2023 19:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62041
IP address blocks: 91.108.4.0/22 maxlen: 22
91.108.8.0/22 maxlen: 22
95.161.64.0/20 maxlen: 20
91.108.56.0/22 maxlen: 22
149.154.162.0/23 maxlen: 23
149.154.164.0/22 maxlen: 22
149.154.164.0/23 maxlen: 23
149.154.160.0/23 maxlen: 23
149.154.160.0/22 maxlen: 22
149.154.166.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cc:4c:97:44:d0:26:2b:96:95:50:8d:e7:af:93:f3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Aug 6 19:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48aceff7cbe1f09a980611a729703880475261d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:ca:ca:6c:54:54:74:96:3b:15:c8:96:03:
09:b2:62:c9:62:0c:c9:ae:81:c3:e1:99:d4:ef:08:
ca:87:a8:93:e5:19:94:5d:ae:51:87:81:24:da:b6:
be:d7:d5:d0:18:ea:35:8d:a3:bf:0c:11:65:09:f8:
a0:5c:41:da:23:fb:3b:72:ee:45:ba:4d:1b:7b:07:
f9:1e:5a:8e:e9:ad:63:72:75:5d:a8:b5:c7:5d:ac:
65:4b:db:82:89:e0:02:cf:50:1b:78:e3:fb:e0:55:
6c:1e:8e:bd:9d:f8:72:9f:51:1a:fd:99:f7:88:75:
d4:ef:02:f1:83:c7:c6:ea:68:6f:f8:1d:27:5e:a5:
2c:a9:a4:48:b8:4c:d0:ea:42:ef:4d:37:92:89:af:
ff:bb:f7:d9:eb:55:2a:71:e7:2b:e6:0a:88:21:0d:
d2:0b:a1:8a:62:ae:25:76:e2:f3:2f:0a:cb:4b:7a:
ee:b4:48:b3:8c:77:16:a7:01:fc:be:c8:06:50:2f:
34:45:7c:b9:f0:bf:fc:78:b5:8b:01:e4:7c:61:8f:
19:8d:bf:07:31:c1:f0:5c:f1:1f:85:e5:83:16:b6:
a9:35:63:ac:d2:f0:43:0a:78:56:58:69:58:8c:5a:
d9:c4:27:05:98:c5:4e:d1:03:65:33:cf:0a:a7:47:
f3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8A:CE:FF:7C:BE:1F:09:A9:80:61:1A:72:97:03:88:04:75:26:1D
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/1IrO_3y-HwmpgGEacpcDiAR1Jh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.4.0-91.108.11.255
91.108.56.0/22
95.161.64.0/20
149.154.160.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:cd:b4:ac:b3:e7:27:a3:27:7c:cb:76:e3:bf:0e:91:22:c6:
8d:ee:ac:4e:73:34:f6:ea:53:7e:29:24:47:fd:dd:6d:00:a9:
4b:ee:d3:05:f7:2e:fe:37:24:82:fb:a5:6a:54:45:9c:47:e0:
b5:6d:fa:b6:5b:86:a8:2b:b2:94:c6:2d:f4:c8:e1:64:d4:4b:
c3:29:3e:91:69:4b:d9:d8:99:b3:9b:5c:68:a6:09:21:4a:be:
5c:5c:a9:97:c2:08:60:e3:40:cd:2c:5b:5b:71:5a:9a:4d:7d:
9f:4b:0c:ed:90:d2:d7:07:a0:ff:8d:2e:b7:ee:a8:ed:38:99:
ea:9a:34:b6:ac:c8:5a:18:3c:9e:0e:f8:b2:da:ec:fe:8c:5e:
40:ae:1b:5c:99:2b:77:b3:c3:70:fd:3c:89:11:08:60:fd:77:
65:42:06:43:69:77:fd:d9:fc:26:6c:44:79:a5:8e:c8:d5:5a:
24:da:a0:16:ec:7f:9d:de:e1:1a:2c:c1:42:b9:4a:93:3d:90:
42:d5:65:c0:8a:5f:90:eb:81:4c:fa:a3:b9:c7:f1:c5:37:f6:
4f:c4:b4:61:73:7d:a6:b9:c6:52:39:8a:8a:35:09:66:cd:9e:
7a:2a:fd:5a:94:bc:72:be:3c:01:9e:c5:e2:2f:66:6c:fc:9a:
f6:1f:f5:7a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYnMTJdE0CYrlpVQjeevk/MaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwODA2MTkyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhhY2VmZjdjYmUxZjA5YTk4MDYxMWE3Mjk3MDM4ODA0NzUyNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquPKymxUVHSWOxXIlgMJsmLJYgzJ
roHD4ZnU7wjKh6iT5RmUXa5Rh4Ek2ra+19XQGOo1jaO/DBFlCfigXEHaI/s7cu5F
uk0bewf5HlqO6a1jcnVdqLXHXaxlS9uCieACz1AbeOP74FVsHo69nfhyn1Ea/Zn3
iHXU7wLxg8fG6mhv+B0nXqUsqaRIuEzQ6kLvTTeSia//u/fZ61Uqcecr5gqIIQ3S
C6GKYq4lduLzLwrLS3rutEizjHcWpwH8vsgGUC80RXy58L/8eLWLAeR8YY8Zjb8H
McHwXPEfheWDFrapNWOs0vBDCnhWWGlYjFrZxCcFmMVO0QNlM88Kp0fzRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNSKzv98vh8JqYBhGnKXA4gEdSYdMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvMUlyT18zeS1Id21wZ0dFYWNwY0RpQVIxSmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJbbAQD
BAJbbAgDBAJbbDgDBARfoUADBAOVmqAwDQYJKoZIhvcNAQELBQADggEBAJvNtKyz
5yejJ3zLduO/DpEixo3urE5zNPbqU34pJEf93W0AqUvu0wX3Lv43JIL7pWpURZxH
4LVt+rZbhqgrspTGLfTI4WTUS8MpPpFpS9nYmbObXGimCSFKvlxcqZfCCGDjQM0s
W1txWppNfZ9LDO2Q0tcHoP+NLrfuqO04meqaNLasyFoYPJ4O+LLa7P6MXkCuG1yZ
K3ezw3D9PIkRCGD9d2VCBkNpd/3Z/CZsRHmljsjVWiTaoBbsf53e4RoswUK5SpM9
kELVZcCKX5DrgUz6o7nH8cU39k/EtGFzfaa5xlI5ioo1CWbNnnoq/VqUvHK+PAGe
xeIvZmz8mvYf9Xo=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:41 2023 by rpki-client on console.sobornost.net