Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/AMqlWYwHK41FnHGG3AdP3qfRRmE.roa
File: AMqlWYwHK41FnHGG3AdP3qfRRmE.roa (raw, json)
Hash identifier: uqYsqqZSv8UGIjZA275NtWtSivnpoylFxlPvb/7IicE=
Subject key identifier: 00:CA:A5:59:8C:07:2B:8D:45:9C:71:86:DC:07:4F:DE:A7:D1:46:61
Certificate issuer: /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial: 01856DB887CF9A5CB92174FE57843F6C107D
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/AMqlWYwHK41FnHGG3AdP3qfRRmE.roa
Signing time: Sun 01 Jan 2023 14:24:47 +0000
ROA not before: Sun 01 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34253
IP address blocks: 193.242.110.0/24 maxlen: 24
195.242.71.0/24 maxlen: 24
195.242.70.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:87:cf:9a:5c:b9:21:74:fe:57:84:3f:6c:10:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Validity
Not Before: Jan 1 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00caa5598c072b8d459c7186dc074fdea7d14661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3e:dd:6d:f4:61:6f:bd:4e:dd:ac:94:ed:73:
cb:0e:08:a1:f8:70:c6:0a:ad:a7:a5:e8:f5:86:2a:
28:5c:58:50:ac:50:1e:81:d6:d0:cc:5c:8a:20:b1:
38:d9:8c:ff:33:a5:28:f3:43:83:a3:bc:fc:6a:52:
16:fe:e6:93:c2:2f:84:13:1b:6f:e7:11:98:96:59:
15:11:fe:52:68:d3:b9:0a:00:05:53:90:e1:5a:82:
c9:be:dc:b0:ec:f8:ca:b6:97:b3:a0:e7:f9:91:08:
40:96:9b:d2:66:f0:d2:1b:e3:f3:b2:80:ce:03:0b:
65:9e:22:14:91:31:93:c9:9e:8f:eb:31:9a:0d:f0:
cc:5e:36:cc:d5:7c:d9:b1:0d:a5:ab:77:a9:13:48:
2c:dd:84:5a:e8:66:3e:88:1e:84:26:ac:ed:28:dc:
21:86:99:03:dd:ea:64:3b:64:8f:fe:2b:7a:3c:14:
7c:00:1b:40:3e:aa:87:bf:13:b5:36:d7:9d:84:60:
da:a2:8a:09:80:0f:26:e1:97:a6:6e:4e:10:d2:a5:
be:5e:ff:a9:20:eb:c9:a5:41:ba:c8:b4:07:93:ce:
77:e9:5c:30:30:3b:b4:41:59:ad:8f:9f:b4:89:c9:
55:ea:20:b6:66:ba:bc:44:a1:8f:22:a6:5d:f3:8d:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CA:A5:59:8C:07:2B:8D:45:9C:71:86:DC:07:4F:DE:A7:D1:46:61
X509v3 Authority Key Identifier:
keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/AMqlWYwHK41FnHGG3AdP3qfRRmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.110.0/24
195.242.70.0/23
Signature Algorithm: sha256WithRSAEncryption
55:84:d4:b9:96:4e:32:86:3f:0c:c9:5a:68:0d:e2:44:73:0a:
04:a8:3d:aa:06:08:12:66:23:6d:70:4d:f7:9d:13:af:4f:2e:
7e:c5:ca:66:c7:c1:fb:fc:4b:ae:54:94:6b:ef:37:49:00:d4:
4d:e1:b1:ec:18:3f:85:d9:d3:5a:88:e6:a8:bb:51:ee:3b:9d:
cc:fd:d4:b3:df:84:8d:ba:d6:d6:cf:d3:96:b0:1f:c6:1d:1f:
94:d3:df:43:8b:cc:52:66:d0:fb:ca:94:5f:80:50:a7:77:2d:
0c:db:7e:bc:c9:67:a4:0f:3c:fc:e9:d5:9d:f4:62:bf:1f:f6:
fa:8a:3d:6a:1d:7d:83:01:30:9a:b6:4d:ca:8d:74:2b:40:9e:
e9:23:69:96:da:44:09:1f:00:a7:df:49:ac:5f:78:c9:f4:a7:
64:1c:8b:6f:a5:3b:3f:75:9a:b8:8b:b0:08:cb:d8:a5:04:4f:
04:8d:d1:19:5d:b0:1b:ed:42:26:3a:96:8c:84:ad:ee:d9:39:
15:e8:e0:e1:b0:a5:b4:23:8f:b9:cb:01:11:df:12:b8:56:a3:
40:5a:d3:d4:9d:73:08:85:c8:41:14:9b:2f:f7:68:0c:19:02:
8c:4f:69:4e:43:f9:28:a0:e5:30:38:0a:93:5a:45:52:76:1f:
77:b1:8e:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtuIfPmly5IXT+V4Q/bBB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOWI1MTNlNjU3MDZmY2FhNTQzYTExYTBlNDJkMjhiMTA5
ZGYzYjYwHhcNMjMwMTAxMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNhYTU1OThjMDcyYjhkNDU5YzcxODZkYzA3NGZkZWE3ZDE0NjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D7dbfRhb71O3ayU7XPLDgih+HDG
Cq2npej1hiooXFhQrFAegdbQzFyKILE42Yz/M6Uo80ODo7z8alIW/uaTwi+EExtv
5xGYllkVEf5SaNO5CgAFU5DhWoLJvtyw7PjKtpezoOf5kQhAlpvSZvDSG+PzsoDO
AwtlniIUkTGTyZ6P6zGaDfDMXjbM1XzZsQ2lq3epE0gs3YRa6GY+iB6EJqztKNwh
hpkD3epkO2SP/it6PBR8ABtAPqqHvxO1NtedhGDaoooJgA8m4Zembk4Q0qW+Xv+p
IOvJpUG6yLQHk8536VwwMDu0QVmtj5+0iclV6iC2Zrq8RKGPIqZd842TDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADKpVmMByuNRZxxhtwHT96n0UZhMB8GA1UdIwQY
MBaAFDKbUT5lcG/KpUOhGg5C0osQnfO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYt
ODE0YTYxMWVjYTYwLzEvQU1xbFdZd0hLNDFGbkhHRzNBZFAzcWZSUm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYtODE0YTYxMWVjYTYw
LzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwfJuAwQB
w/JGMA0GCSqGSIb3DQEBCwUAA4IBAQBVhNS5lk4yhj8MyVpoDeJEcwoEqD2qBggS
ZiNtcE33nROvTy5+xcpmx8H7/EuuVJRr7zdJANRN4bHsGD+F2dNaiOaou1HuO53M
/dSz34SNutbWz9OWsB/GHR+U099Di8xSZtD7ypRfgFCndy0M2368yWekDzz86dWd
9GK/H/b6ij1qHX2DATCatk3KjXQrQJ7pI2mW2kQJHwCn30msX3jJ9KdkHItvpTs/
dZq4i7AIy9ilBE8EjdEZXbAb7UImOpaMhK3u2TkV6ODhsKW0I4+5ywER3xK4VqNA
WtPUnXMIhchBFJsv92gMGQKMT2lOQ/kooOUwOAqTWkVSdh93sY4U
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:24 2024 by rpki-client on console.sobornost.net