Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/RJOZ8p8oWP8IodI041_OBkl3Qb8.roa
File: RJOZ8p8oWP8IodI041_OBkl3Qb8.roa (raw, json)
Hash identifier: 5v83m3w3gK9nPxMfNmWyky3TCWOwM5UQNFlQ5RmaXKA=
Subject key identifier: 44:93:99:F2:9F:28:58:FF:08:A1:D2:34:E3:5F:CE:06:49:77:41:BF
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018CC9BA70EF0FB7095D4B93EE3F1F4D5048
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/RJOZ8p8oWP8IodI041_OBkl3Qb8.roa
Signing time: Tue 02 Jan 2024 10:31:28 +0000
ROA not before: Tue 02 Jan 2024 10:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31486
IP address blocks: 185.96.170.0/24 maxlen: 24
2a06:9140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Feb 2024 07:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:70:ef:0f:b7:09:5d:4b:93:ee:3f:1f:4d:50:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 10:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=449399f29f2858ff08a1d234e35fce06497741bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:47:73:76:dd:dd:32:34:88:4c:08:9d:90:
f8:b2:b5:64:b4:84:a7:0f:bc:fd:36:73:e9:50:08:
c7:09:fb:f2:eb:f9:1c:e0:fd:11:14:f8:3b:ed:35:
b1:ba:91:73:3d:9f:ee:6d:d1:b5:4e:b6:59:65:84:
c6:9b:a2:5d:d9:44:d6:8d:a9:8e:3d:91:61:7a:17:
83:03:9f:7e:89:80:70:f2:1d:e7:db:5a:c5:3b:be:
01:fe:83:75:98:51:ce:ed:15:ca:49:a7:ec:a3:ac:
62:d5:07:74:49:7a:83:5f:18:e0:58:e1:9b:ca:64:
51:a6:7c:8b:63:15:89:3e:f1:e0:92:e6:c6:55:1a:
62:7d:14:38:d1:ae:81:7c:7e:47:67:86:0f:cf:e7:
70:77:4f:ac:2f:d6:8f:8e:28:e4:7f:e4:26:fa:9a:
ed:9e:01:10:80:59:1f:12:4d:60:ac:ec:43:5a:1b:
a4:48:ed:6e:af:e7:8e:cb:66:7b:7a:bb:0c:6b:83:
c2:d9:fa:8d:f3:b9:ee:e9:4d:cc:dd:7e:dc:91:95:
41:cf:78:c2:f4:cf:3e:32:ab:13:20:5c:aa:6d:b8:
47:6f:8c:4f:49:d9:6d:2e:42:9a:71:7e:38:e5:20:
c1:4e:8e:92:bf:1e:5d:cc:53:d8:46:7c:92:40:d2:
3b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:93:99:F2:9F:28:58:FF:08:A1:D2:34:E3:5F:CE:06:49:77:41:BF
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/RJOZ8p8oWP8IodI041_OBkl3Qb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.170.0/24
IPv6:
2a06:9140::/29
Signature Algorithm: sha256WithRSAEncryption
50:0d:67:79:a8:2d:22:c4:5e:d5:5f:d7:52:54:ff:39:32:65:
25:c2:77:15:3d:13:8e:ce:5d:81:13:24:97:45:6b:24:02:33:
9b:00:b0:72:f3:b9:aa:7f:9b:7b:51:b8:d1:7e:b0:49:db:4d:
7f:4a:eb:25:7a:7d:4d:09:98:35:81:7f:71:87:5c:b0:ad:25:
f4:0a:62:19:94:52:85:06:20:54:8d:9d:2c:eb:f0:b3:f2:75:
18:7e:e8:28:7e:56:0b:80:bc:51:28:22:1b:27:2b:e2:17:36:
27:eb:80:cd:89:c2:10:7b:a6:e4:91:30:66:85:98:94:21:5c:
d7:73:bd:2b:e2:e0:ed:d4:ff:ac:d0:58:d0:b2:c9:31:63:53:
95:95:e5:4c:1c:65:22:65:53:85:e3:14:da:eb:de:44:a5:70:
ec:26:d9:a6:ce:72:09:f0:b8:eb:8a:be:d5:09:ad:ca:38:50:
e3:02:1e:c2:35:5d:46:2b:84:83:e9:d0:97:46:73:0d:86:1e:
3b:47:5d:3a:c0:5e:b6:c3:5a:5e:de:6c:67:69:00:54:4e:46:
e9:88:46:84:1a:dd:32:13:2a:ed:8e:9f:bd:a1:60:e7:95:ec:
f7:1b:cf:fa:74:53:88:b5:1a:04:10:df:f8:62:45:e3:02:ca:
76:be:ae:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJunDvD7cJXUuT7j8fTVBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjQwMTAyMTAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDkzOTlmMjlmMjg1OGZmMDhhMWQyMzRlMzVmY2UwNjQ5Nzc0MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiFHc3bd3TI0iEwInZD4srVktISn
D7z9NnPpUAjHCfvy6/kc4P0RFPg77TWxupFzPZ/ubdG1TrZZZYTGm6Jd2UTWjamO
PZFheheDA59+iYBw8h3n21rFO74B/oN1mFHO7RXKSafso6xi1Qd0SXqDXxjgWOGb
ymRRpnyLYxWJPvHgkubGVRpifRQ40a6BfH5HZ4YPz+dwd0+sL9aPjijkf+Qm+prt
ngEQgFkfEk1grOxDWhukSO1ur+eOy2Z7ersMa4PC2fqN87nu6U3M3X7ckZVBz3jC
9M8+MqsTIFyqbbhHb4xPSdltLkKacX445SDBTo6Svx5dzFPYRnySQNI7rwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFESTmfKfKFj/CKHSNONfzgZJd0G/MB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvUkpPWjhwOG9XUDhJb2RJMDQxX09Ca2wzUWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWCqMA0E
AgACMAcDBQMqBpFAMA0GCSqGSIb3DQEBCwUAA4IBAQBQDWd5qC0ixF7VX9dSVP85
MmUlwncVPROOzl2BEySXRWskAjObALBy87mqf5t7UbjRfrBJ201/Suslen1NCZg1
gX9xh1ywrSX0CmIZlFKFBiBUjZ0s6/Cz8nUYfugoflYLgLxRKCIbJyviFzYn64DN
icIQe6bkkTBmhZiUIVzXc70r4uDt1P+s0FjQsskxY1OVleVMHGUiZVOF4xTa695E
pXDsJtmmznIJ8Ljrir7VCa3KOFDjAh7CNV1GK4SD6dCXRnMNhh47R106wF62w1pe
3mxnaQBUTkbpiEaEGt0yEyrtjp+9oWDnlez3G8/6dFOItRoEEN/4YkXjAsp2vq40
-----END CERTIFICATE-----
Generated at Wed Feb 28 13:24:35 2024 by rpki-client on console.sobornost.net