Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/og2D6dShpQaxfg2EBPOD-ixPqfw.roa
File: og2D6dShpQaxfg2EBPOD-ixPqfw.roa (raw, json)
Hash identifier: 41M+vZwwszH0WKSlwUqdM91UFmaudGlEqBoQc/wvxtQ=
Subject key identifier: A2:0D:83:E9:D4:A1:A5:06:B1:7E:0D:84:04:F3:83:FA:2C:4F:A9:FC
Certificate issuer: /CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Certificate serial: 0186A873B4CE1FA2A248F7639429CA34CBE4
Authority key identifier: BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/og2D6dShpQaxfg2EBPOD-ixPqfw.roa
Signing time: Fri 03 Mar 2023 17:10:00 +0000
ROA not before: Fri 03 Mar 2023 17:10:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199697
IP address blocks: 193.37.158.0/24 maxlen: 24
2a12:6040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:73:b4:ce:1f:a2:a2:48:f7:63:94:29:ca:34:cb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Validity
Not Before: Mar 3 17:10:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a20d83e9d4a1a506b17e0d8404f383fa2c4fa9fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:50:13:c0:3b:fd:ad:96:26:a5:f2:a7:f0:59:
96:08:fb:fd:4c:f7:66:fb:eb:de:70:ab:5d:1a:d7:
99:c8:16:31:1b:f5:ec:c6:3e:21:fa:cc:aa:5a:12:
f6:ce:9c:9c:95:f5:bd:ed:97:6a:ce:0f:f8:87:94:
8b:78:03:26:aa:30:a3:ce:4b:a2:ca:87:f8:68:b5:
13:4c:f6:7e:6e:73:b8:c9:63:d1:16:3a:df:34:22:
a9:ca:96:86:76:01:4c:51:33:6e:f8:ee:30:5d:4d:
17:a0:97:4f:23:01:4f:8a:9a:a6:7c:07:ad:b4:f4:
bf:15:c1:b2:ca:4a:b0:51:54:cf:90:e2:d5:95:c0:
db:87:80:1b:0e:6d:bc:e0:54:00:2f:4d:63:29:6d:
e8:b8:2f:c5:14:04:50:c9:5b:c8:ed:cd:e1:4e:f8:
3d:5b:1e:3c:60:1c:5f:2a:a9:3c:52:51:6a:7d:2e:
76:95:26:19:00:e0:00:ce:37:3b:f1:07:7a:38:03:
28:72:8d:67:71:97:68:f1:7e:b2:e5:72:c6:ab:3a:
40:c1:94:4a:85:da:88:7f:d9:73:1a:5c:dd:fa:85:
a7:e5:19:d7:2d:93:99:5d:a3:f1:3a:b3:05:78:bd:
71:73:7d:77:e4:06:df:b5:ca:3b:84:34:49:f4:0f:
10:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0D:83:E9:D4:A1:A5:06:B1:7E:0D:84:04:F3:83:FA:2C:4F:A9:FC
X509v3 Authority Key Identifier:
keyid:BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/og2D6dShpQaxfg2EBPOD-ixPqfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.158.0/24
IPv6:
2a12:6040::/29
Signature Algorithm: sha256WithRSAEncryption
89:ee:28:cb:eb:f3:f5:fa:be:63:9d:02:eb:70:3a:09:bc:1d:
1f:7f:58:fb:d4:ec:17:29:7e:77:53:c5:b3:c5:b4:6f:4d:9d:
39:41:f5:84:30:12:18:59:59:8a:7f:c7:0c:b2:96:ab:de:31:
45:5f:2e:43:0f:db:4a:cc:24:96:83:f0:08:82:64:ed:d9:57:
3f:1d:d6:d1:e8:b0:3c:a9:5e:9d:c8:db:c6:59:62:48:5f:d2:
d2:f8:3a:a5:90:bb:f7:0c:2b:ac:e2:9b:a2:a1:28:76:e8:e0:
5e:e0:96:c7:c9:c6:10:7e:c3:ec:f8:1d:82:f0:29:0d:9f:c1:
d6:49:62:be:22:f3:15:f0:f7:db:2b:c7:79:46:3b:4c:12:ee:
20:ca:82:27:92:67:c5:12:40:4e:f7:e2:32:8f:eb:88:b9:db:
80:76:b3:0b:6f:64:42:03:c9:e9:79:96:d6:a4:d9:6d:05:0e:
c4:a7:ae:4a:58:d2:09:a0:60:b2:3c:a7:d7:04:84:f5:4c:56:
3c:26:b2:7b:ba:63:b1:48:b6:13:9a:da:6d:7a:f3:a4:b2:a7:
6e:fc:d0:f3:5e:19:d5:d9:95:e0:9c:fb:64:ad:51:28:0b:81:
03:fb:7c:03:a1:cf:6b:ee:77:40:58:31:6d:08:91:cc:be:63:
5b:b3:ff:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaoc7TOH6KiSPdjlCnKNMvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmMxZWNjMTdmNjYwZDViZDg5ZTE2MTY3YjlkNTAzMWJm
NmEwY2IwHhcNMjMwMzAzMTcxMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBkODNlOWQ0YTFhNTA2YjE3ZTBkODQwNGYzODNmYTJjNGZhOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ATwDv9rZYmpfKn8FmWCPv9TPdm
++vecKtdGteZyBYxG/Xsxj4h+syqWhL2zpyclfW97Zdqzg/4h5SLeAMmqjCjzkui
yof4aLUTTPZ+bnO4yWPRFjrfNCKpypaGdgFMUTNu+O4wXU0XoJdPIwFPipqmfAet
tPS/FcGyykqwUVTPkOLVlcDbh4AbDm284FQAL01jKW3ouC/FFARQyVvI7c3hTvg9
Wx48YBxfKqk8UlFqfS52lSYZAOAAzjc78Qd6OAMoco1ncZdo8X6y5XLGqzpAwZRK
hdqIf9lzGlzd+oWn5RnXLZOZXaPxOrMFeL1xc3135Abftco7hDRJ9A8QSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKINg+nUoaUGsX4NhATzg/osT6n8MB8GA1UdIwQY
MBaAFLq8HswX9mDVvYnhYWe51QMb9qDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWIt
MTc5MTE1OTRhZTUxLzEvb2cyRDZkU2hwUWF4ZmcyRUJQT0QtaXhQcWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWItMTc5MTE1OTRhZTUx
LzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSWeMA0E
AgACMAcDBQMqEmBAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ7ijL6/P1+r5jnQLrcDoJ
vB0ff1j71OwXKX53U8WzxbRvTZ05QfWEMBIYWVmKf8cMspar3jFFXy5DD9tKzCSW
g/AIgmTt2Vc/HdbR6LA8qV6dyNvGWWJIX9LS+DqlkLv3DCus4puioSh26OBe4JbH
ycYQfsPs+B2C8CkNn8HWSWK+IvMV8PfbK8d5RjtMEu4gyoInkmfFEkBO9+Iyj+uI
uduAdrMLb2RCA8npeZbWpNltBQ7Ep65KWNIJoGCyPKfXBIT1TFY8JrJ7umOxSLYT
mtptevOksqdu/NDzXhnV2ZXgnPtkrVEoC4ED+3wDoc9r7ndAWDFtCJHMvmNbs/+x
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net