Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/ohBSKJM7tw-QEtvvmwGp98IkzgQ.roa
File: ohBSKJM7tw-QEtvvmwGp98IkzgQ.roa (raw, json)
Hash identifier: ycmjVZagCFggaFY3Gagz85LHOlWELYUBcoiHNsL9fAw=
Subject key identifier: A2:10:52:28:93:3B:B7:0F:90:12:DB:EF:9B:01:A9:F7:C2:24:CE:04
Certificate issuer: /CN=bc1d20936626b55743c6594512de42ef9f8e905f
Certificate serial: 01857383978B739DC3F246BE5D4B2D977EAA
Authority key identifier: BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/ohBSKJM7tw-QEtvvmwGp98IkzgQ.roa
Signing time: Mon 02 Jan 2023 17:24:41 +0000
ROA not before: Mon 02 Jan 2023 17:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206610
IP address blocks: 2.56.104.0/22 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:83:97:8b:73:9d:c3:f2:46:be:5d:4b:2d:97:7e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc1d20936626b55743c6594512de42ef9f8e905f
Validity
Not Before: Jan 2 17:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2105228933bb70f9012dbef9b01a9f7c224ce04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2e:89:0c:6d:e8:4f:13:46:37:37:99:2b:60:
89:cf:d0:2f:6d:1d:b7:9c:e0:a7:0c:8b:b2:ad:81:
ea:44:dd:9c:27:65:73:a5:e8:3b:4a:07:18:8c:4f:
82:d1:fa:d9:33:ad:33:8f:0c:21:59:64:7e:66:14:
1f:e1:f6:00:2b:f5:c8:af:af:92:b7:16:07:9c:5c:
36:b0:4a:39:67:54:a6:e1:f5:a7:75:f1:10:bc:de:
8c:a6:a4:f4:12:61:dc:34:6e:b7:e2:19:9c:5f:53:
ee:e1:5b:a6:93:c0:8b:17:cc:e3:f4:34:a0:90:08:
8c:0f:bc:b2:cb:2d:56:16:4d:c8:4f:7f:17:02:e5:
2b:66:44:26:51:b9:26:d6:9e:61:cb:06:5c:ad:51:
dd:e0:09:92:0c:3c:57:2b:88:22:46:9f:c2:b0:6a:
1e:f8:ad:e3:79:e1:70:db:8e:a2:33:50:fc:aa:4f:
cc:0b:3a:26:95:f7:82:62:34:49:8a:44:ac:b5:ab:
28:93:3d:9b:25:e3:d4:05:9d:1a:ae:dc:d7:20:1d:
b1:c1:fa:b5:5b:38:4b:df:e8:9f:14:21:65:4a:1a:
69:7a:6c:54:79:14:8a:f4:2d:49:3b:d5:6f:a4:48:
04:4a:03:9d:96:53:bc:ac:09:b0:78:82:87:4f:8c:
f7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:10:52:28:93:3B:B7:0F:90:12:DB:EF:9B:01:A9:F7:C2:24:CE:04
X509v3 Authority Key Identifier:
keyid:BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/ohBSKJM7tw-QEtvvmwGp98IkzgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:26:8b:d1:ab:5e:a6:1f:7a:f7:89:6b:e6:16:d1:bb:fb:ce:
c7:44:71:36:e0:15:ac:84:f2:9b:77:57:7b:22:06:f7:84:6e:
d7:57:66:9a:27:2c:78:34:61:98:a6:7b:0c:4b:fb:a6:65:4b:
40:c0:db:64:b2:a6:d2:f7:62:b8:9e:c8:16:1b:b1:96:85:8a:
28:aa:eb:27:b5:f4:c1:4e:f4:c4:58:6b:ce:f5:38:f5:71:a3:
4b:3e:80:6b:be:c3:b3:8f:08:85:08:67:01:a7:48:cb:5b:22:
bf:4f:7c:89:1b:b2:1f:25:bc:d8:4e:15:0a:04:73:7f:02:ef:
da:bb:d2:73:c2:04:33:80:d8:a9:1f:d4:f9:b9:97:bf:b8:91:
47:f3:d7:6c:32:be:49:26:21:55:f3:8a:aa:5e:51:35:3b:e0:
b6:aa:48:4b:0e:35:7b:7e:42:76:dd:68:97:ab:56:0c:39:02:
6c:eb:b4:00:37:f9:97:e5:15:fe:f7:f8:cf:62:2c:f7:f3:65:
a6:54:cf:eb:3d:26:80:5c:99:5c:b6:44:67:ea:83:f1:88:cc:
a9:8c:6b:80:06:fd:10:7b:08:95:ad:2d:ac:8e:e1:89:76:55:
8b:83:6b:e9:5d:33:c4:94:6d:e0:ac:15:bf:97:a6:9f:21:34:
84:94:32:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzg5eLc53D8ka+XUstl36qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMWQyMDkzNjYyNmI1NTc0M2M2NTk0NTEyZGU0MmVmOWY4
ZTkwNWYwHhcNMjMwMTAyMTcyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEwNTIyODkzM2JiNzBmOTAxMmRiZWY5YjAxYTlmN2MyMjRjZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi6JDG3oTxNGNzeZK2CJz9AvbR23
nOCnDIuyrYHqRN2cJ2Vzpeg7SgcYjE+C0frZM60zjwwhWWR+ZhQf4fYAK/XIr6+S
txYHnFw2sEo5Z1Sm4fWndfEQvN6MpqT0EmHcNG634hmcX1Pu4Vumk8CLF8zj9DSg
kAiMD7yyyy1WFk3IT38XAuUrZkQmUbkm1p5hywZcrVHd4AmSDDxXK4giRp/CsGoe
+K3jeeFw246iM1D8qk/MCzomlfeCYjRJikSstasokz2bJePUBZ0artzXIB2xwfq1
WzhL3+ifFCFlShppemxUeRSK9C1JO9VvpEgESgOdllO8rAmweIKHT4z3OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIQUiiTO7cPkBLb75sBqffCJM4EMB8GA1UdIwQY
MBaAFLwdIJNmJrVXQ8ZZRRLeQu+fjpBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgt
MWYxZGM1MmJiYjk4LzEvb2hCU0tKTTd0dy1RRXR2dm13R3A5OElremdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgtMWYxZGM1MmJiYjk4
LzEvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjhoMA0G
CSqGSIb3DQEBCwUAA4IBAQBsJovRq16mH3r3iWvmFtG7+87HRHE24BWshPKbd1d7
Igb3hG7XV2aaJyx4NGGYpnsMS/umZUtAwNtksqbS92K4nsgWG7GWhYooqusntfTB
TvTEWGvO9Tj1caNLPoBrvsOzjwiFCGcBp0jLWyK/T3yJG7IfJbzYThUKBHN/Au/a
u9JzwgQzgNipH9T5uZe/uJFH89dsMr5JJiFV84qqXlE1O+C2qkhLDjV7fkJ23WiX
q1YMOQJs67QAN/mX5RX+9/jPYiz382WmVM/rPSaAXJlctkRn6oPxiMypjGuABv0Q
ewiVrS2sjuGJdlWLg2vpXTPElG3grBW/l6afITSElDIP
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:14 2024 by rpki-client on console.sobornost.net