Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/hSPKJHXS0Hq3frqlfTDOCtsSFfc.roa
File: hSPKJHXS0Hq3frqlfTDOCtsSFfc.roa (raw, json)
Hash identifier: fq838DqFuWg01DHNyPvAasKSrbp038RlXnDL3z5hI38=
Subject key identifier: 85:23:CA:24:75:D2:D0:7A:B7:7E:BA:A5:7D:30:CE:0A:DB:12:15:F7
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 01856F5DEBCB36DE3DC0580566D840FEA6F5
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/hSPKJHXS0Hq3frqlfTDOCtsSFfc.roa
Signing time: Sun 01 Jan 2023 22:05:04 +0000
ROA not before: Sun 01 Jan 2023 22:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 91.220.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:eb:cb:36:de:3d:c0:58:05:66:d8:40:fe:a6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Jan 1 22:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8523ca2475d2d07ab77ebaa57d30ce0adb1215f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:e4:00:ae:e9:78:b1:54:e8:ef:42:73:fa:
a3:1e:a0:5d:b2:f1:e3:be:91:96:4c:a3:99:10:ea:
8b:d8:4a:65:e1:2e:34:21:8a:ae:33:58:f4:4f:57:
20:5a:4d:a5:98:e3:c0:b9:fa:e4:8f:57:b1:cb:1d:
de:ce:45:83:0f:81:d3:91:eb:5c:72:bd:dd:3d:64:
e1:5a:0c:b1:fb:77:b4:d7:f5:74:42:9f:a0:8b:33:
e3:cb:e1:80:29:30:44:e9:91:c9:06:35:ae:af:45:
d8:47:a8:10:db:86:41:d0:e6:27:e7:11:5f:a5:2c:
74:d0:24:eb:8c:2e:ec:2f:ec:f3:fc:b5:e4:e9:f4:
ad:cc:f8:a1:40:a4:08:e4:ea:95:34:ca:af:12:c4:
43:dd:a6:16:04:d1:56:f3:1b:a7:2c:65:6a:a4:4c:
98:0e:4b:7a:b5:db:06:86:65:1a:45:23:a1:e3:31:
7c:b4:3b:97:8d:be:9e:c7:02:c2:c5:ab:8d:60:9f:
61:32:25:9b:4e:4b:9d:b6:a9:fc:1d:dd:fe:35:cc:
42:5e:59:b5:58:61:58:e1:0d:ff:96:83:61:65:1f:
d3:b2:00:69:51:b0:fc:af:02:11:7b:5a:d6:bf:04:
11:ba:60:e7:ed:5b:e9:7d:17:b2:f3:6c:96:92:65:
d3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:23:CA:24:75:D2:D0:7A:B7:7E:BA:A5:7D:30:CE:0A:DB:12:15:F7
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/hSPKJHXS0Hq3frqlfTDOCtsSFfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ba:7b:ba:2b:4c:d1:d7:5e:01:1b:dd:30:d8:b8:ae:b0:50:
b5:e3:e5:03:3f:8d:a7:1f:b9:08:87:44:74:42:90:71:16:f8:
d6:fc:47:32:9f:c2:ff:87:dc:4b:e9:65:af:64:93:62:56:6a:
68:9b:0a:02:93:59:d0:e3:3e:78:88:46:25:1b:3e:1f:24:a2:
94:ac:de:25:37:e2:ff:12:48:03:58:03:d0:73:2d:11:79:13:
b2:83:c8:73:4e:11:40:c4:52:65:58:64:95:53:5d:e0:1f:1c:
6c:d2:76:a2:8f:24:00:b9:1d:2b:df:33:bc:c3:56:3e:73:87:
5f:7a:31:35:b7:1d:21:78:e2:9d:ff:8b:8f:aa:e1:5f:90:1b:
c2:93:bb:b6:0e:3a:30:20:0b:f4:2c:54:72:ce:7a:ea:c2:36:
71:a7:88:d9:a8:c6:e3:eb:77:df:36:3f:ee:25:ae:60:f8:10:
e6:70:70:01:81:c3:02:9b:6c:f4:c7:3a:f9:ec:2f:f9:e5:1c:
37:8a:e2:61:97:1a:1a:95:1d:36:ae:b9:0a:5b:dc:05:65:08:
8d:a3:9b:a8:21:15:4f:b4:64:08:c1:b7:a7:2d:9d:8e:53:39:
7b:f8:41:5a:0a:d1:a0:ef:ab:42:a3:c3:33:52:35:94:08:38:
6b:68:64:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXevLNt49wFgFZthA/qb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjMwMTAxMjIwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIzY2EyNDc1ZDJkMDdhYjc3ZWJhYTU3ZDMwY2UwYWRiMTIxNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ3kAK7peLFU6O9Cc/qjHqBdsvHj
vpGWTKOZEOqL2Epl4S40IYquM1j0T1cgWk2lmOPAufrkj1exyx3ezkWDD4HTketc
cr3dPWThWgyx+3e01/V0Qp+gizPjy+GAKTBE6ZHJBjWur0XYR6gQ24ZB0OYn5xFf
pSx00CTrjC7sL+zz/LXk6fStzPihQKQI5OqVNMqvEsRD3aYWBNFW8xunLGVqpEyY
Dkt6tdsGhmUaRSOh4zF8tDuXjb6exwLCxauNYJ9hMiWbTkudtqn8Hd3+NcxCXlm1
WGFY4Q3/loNhZR/TsgBpUbD8rwIRe1rWvwQRumDn7VvpfRey82yWkmXTFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUjyiR10tB6t366pX0wzgrbEhX3MB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvaFNQS0pIWFMwSHEzZnJxbGZURE9DdHNTRmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ysMA0G
CSqGSIb3DQEBCwUAA4IBAQB1unu6K0zR114BG90w2LiusFC14+UDP42nH7kIh0R0
QpBxFvjW/Ecyn8L/h9xL6WWvZJNiVmpomwoCk1nQ4z54iEYlGz4fJKKUrN4lN+L/
EkgDWAPQcy0ReROyg8hzThFAxFJlWGSVU13gHxxs0naijyQAuR0r3zO8w1Y+c4df
ejE1tx0heOKd/4uPquFfkBvCk7u2DjowIAv0LFRyznrqwjZxp4jZqMbj63ffNj/u
Ja5g+BDmcHABgcMCm2z0xzr57C/55Rw3iuJhlxoalR02rrkKW9wFZQiNo5uoIRVP
tGQIwbenLZ2OUzl7+EFaCtGg76tCo8MzUjWUCDhraGRQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:22 2024 by rpki-client on console.sobornost.net