Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/SsNxnUvkxkjq3WDCu9-aPveg_W0.roa
File: SsNxnUvkxkjq3WDCu9-aPveg_W0.roa (raw, json)
Hash identifier: X6vTmFHPheUAvDK6yWR5onsJHKw7kX9VyfCxX9UMCYc=
Subject key identifier: 4A:C3:71:9D:4B:E4:C6:48:EA:DD:60:C2:BB:DF:9A:3E:F7:A0:FD:6D
Certificate issuer: /CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Certificate serial: 018570707B51EF2F556B13C846B2F043DC40
Authority key identifier: 52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/SsNxnUvkxkjq3WDCu9-aPveg_W0.roa
Signing time: Mon 02 Jan 2023 03:04:57 +0000
ROA not before: Mon 02 Jan 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42563
IP address blocks: 91.197.56.0/24 maxlen: 24
2001:678:41c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7b:51:ef:2f:55:6b:13:c8:46:b2:f0:43:dc:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Validity
Not Before: Jan 2 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ac3719d4be4c648eadd60c2bbdf9a3ef7a0fd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1a:57:53:c5:2b:e1:cd:4a:11:8f:ee:11:b9:
33:cf:9e:c2:ef:7e:08:92:b2:aa:b6:90:d3:8a:80:
fd:d7:b4:68:8b:47:1e:55:0b:c9:5a:80:c5:b5:20:
ac:19:d0:da:ca:e0:2f:1b:fb:07:7c:d9:b3:bb:2e:
eb:91:93:e4:67:b5:06:27:0c:1b:4d:da:c6:47:8a:
0e:dc:b2:4c:0f:05:1c:0c:3a:ca:9d:2e:68:14:cc:
74:d7:ad:26:bf:c4:88:ac:ce:8c:6a:96:52:e3:5d:
0a:7c:94:ce:f5:72:38:ae:6a:fb:cc:6f:13:a0:6d:
e3:c8:fe:b4:80:3d:dd:78:8e:4d:98:e8:12:3a:32:
77:69:07:a9:a3:25:23:31:31:4f:f3:f4:73:7e:67:
3a:5e:e9:82:48:9d:a4:6e:29:ba:d9:24:06:89:76:
bc:86:ae:85:b7:d4:1c:41:6d:8b:d7:11:09:3a:a7:
76:f1:10:48:e9:54:9d:cf:c1:b9:49:d7:cc:a8:aa:
56:bd:67:be:88:d3:03:aa:4b:78:af:9d:78:6f:55:
31:50:08:a6:72:3e:73:73:9e:87:a0:43:bd:c3:aa:
70:99:54:1b:2f:77:cb:08:7b:87:59:88:86:47:20:
94:ef:d2:9c:02:5a:74:24:99:2d:7d:93:34:70:e7:
a6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C3:71:9D:4B:E4:C6:48:EA:DD:60:C2:BB:DF:9A:3E:F7:A0:FD:6D
X509v3 Authority Key Identifier:
keyid:52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/SsNxnUvkxkjq3WDCu9-aPveg_W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.56.0/24
IPv6:
2001:678:41c::/48
Signature Algorithm: sha256WithRSAEncryption
79:a9:6d:f4:b5:f0:0d:2f:d0:d6:b7:19:15:91:67:05:1a:ba:
b9:8d:d2:4a:6c:4c:53:27:a7:23:de:16:5e:1b:e0:2b:b6:85:
32:9a:57:7a:15:c6:bc:7d:91:7f:3c:34:0b:74:15:4d:60:81:
40:98:ad:81:cb:c6:44:04:f9:19:9a:43:fd:c4:5a:17:13:ae:
56:d6:6e:06:b3:57:1d:35:8d:e5:8d:c3:d4:ad:c9:3f:87:b3:
1b:16:1f:72:5a:72:a8:7f:aa:f8:2c:1c:f2:29:9e:3f:8a:da:
7c:04:28:e1:12:fd:76:cc:fa:d5:96:c7:71:66:23:05:5f:d8:
15:37:77:00:e7:d0:d9:da:97:95:61:42:12:b2:6b:23:c8:67:
42:00:78:56:0b:4c:8c:84:46:13:82:b2:28:1b:c1:33:fc:df:
78:31:14:8b:9e:ca:cd:58:3d:cc:88:1f:62:f7:9a:e5:cb:06:
e1:ec:22:f8:7e:6e:9f:b2:a8:19:4b:4f:ac:ce:df:ac:c5:90:
86:8e:30:30:94:c7:44:05:da:13:88:23:f9:72:25:69:72:38:
94:59:4c:56:23:59:5e:cd:d0:ac:5d:f2:d2:6f:fd:e5:2e:67:
8f:09:71:27:58:f0:af:54:7c:e6:79:75:f7:8f:fd:9f:3f:a9:
45:d8:39:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwcHtR7y9VaxPIRrLwQ9xAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmYyMWVlYjM2NDE0YjMyODBlNmMzM2IwYjU3Mjk2Yjhm
NmI2NzUwHhcNMjMwMTAyMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMzNzE5ZDRiZTRjNjQ4ZWFkZDYwYzJiYmRmOWEzZWY3YTBmZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhpXU8Ur4c1KEY/uEbkzz57C734I
krKqtpDTioD917Roi0ceVQvJWoDFtSCsGdDayuAvG/sHfNmzuy7rkZPkZ7UGJwwb
TdrGR4oO3LJMDwUcDDrKnS5oFMx0160mv8SIrM6MapZS410KfJTO9XI4rmr7zG8T
oG3jyP60gD3deI5NmOgSOjJ3aQepoyUjMTFP8/Rzfmc6XumCSJ2kbim62SQGiXa8
hq6Ft9QcQW2L1xEJOqd28RBI6VSdz8G5SdfMqKpWvWe+iNMDqkt4r514b1UxUAim
cj5zc56HoEO9w6pwmVQbL3fLCHuHWYiGRyCU79KcAlp0JJktfZM0cOemXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFErDcZ1L5MZI6t1gwrvfmj73oP1tMB8GA1UdIwQY
MBaAFFK/Ie6zZBSzKA5sM7C1cpa49rZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUt
YWM5NmY2YWFiNDk0LzEvU3NOeG5Vdmt4a2pxM1dEQ3U5LWFQdmVnX1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUtYWM5NmY2YWFiNDk0
LzEvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8U4MA8E
AgACMAkDBwAgAQZ4BBwwDQYJKoZIhvcNAQELBQADggEBAHmpbfS18A0v0Na3GRWR
ZwUaurmN0kpsTFMnpyPeFl4b4Cu2hTKaV3oVxrx9kX88NAt0FU1ggUCYrYHLxkQE
+RmaQ/3EWhcTrlbWbgazVx01jeWNw9StyT+HsxsWH3Jacqh/qvgsHPIpnj+K2nwE
KOES/XbM+tWWx3FmIwVf2BU3dwDn0Nnal5VhQhKyayPIZ0IAeFYLTIyERhOCsigb
wTP833gxFIueys1YPcyIH2L3muXLBuHsIvh+bp+yqBlLT6zO36zFkIaOMDCUx0QF
2hOII/lyJWlyOJRZTFYjWV7N0Kxd8tJv/eUuZ48JcSdY8K9UfOZ5dfeP/Z8/qUXY
OWo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:21 2024 by rpki-client on console.sobornost.net