Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e20938-433c-4a26-8745-9d747d9a250a/1/qIHQWUWQEVWdZrSqK-hTuaAiesQ.roa
File: qIHQWUWQEVWdZrSqK-hTuaAiesQ.roa (raw, json)
Hash identifier: OHv3hJCjybSv9J0wPB3l/FW5NyK1+yUOS9/BSBqu2fs=
Subject key identifier: A8:81:D0:59:45:90:11:55:9D:66:B4:AA:2B:E8:53:B9:A0:22:7A:C4
Certificate issuer: /CN=be448c67a3ab0ea375fba848c9fe8c8eb1e84d6f
Certificate serial: 01856ED4BE0E0EBDE25EB26D46A56408A01E
Authority key identifier: BE:44:8C:67:A3:AB:0E:A3:75:FB:A8:48:C9:FE:8C:8E:B1:E8:4D:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkSMZ6OrDqN1-6hIyf6MjrHoTW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e20938-433c-4a26-8745-9d747d9a250a/1/qIHQWUWQEVWdZrSqK-hTuaAiesQ.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48352
IP address blocks: 195.16.75.0/24 maxlen: 24
2a11:c600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:be:0e:0e:bd:e2:5e:b2:6d:46:a5:64:08:a0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be448c67a3ab0ea375fba848c9fe8c8eb1e84d6f
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a881d059459011559d66b4aa2be853b9a0227ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b3:1c:aa:b8:2c:0e:42:66:82:3b:62:3a:56:
6c:b1:01:25:47:c9:85:2a:88:52:48:b2:d5:b2:36:
8b:6a:cf:ff:7b:44:a4:83:77:df:dc:57:79:27:6e:
92:66:86:46:99:2a:98:3c:9c:9b:31:f3:f0:67:ac:
c2:5c:69:7f:59:75:cf:ae:b1:38:ad:09:25:e5:25:
3e:c3:06:92:38:03:9a:ef:1c:26:34:b6:46:27:fc:
56:a7:0e:a0:33:ff:f3:1e:b5:d3:ea:ab:83:86:4b:
8d:f9:1b:18:a0:b2:fb:55:ff:a2:c9:6e:67:96:79:
0b:f8:7b:0a:2e:60:ae:88:55:3d:c7:49:d7:f8:ec:
fb:75:c7:0b:49:52:9a:6f:23:f8:67:3e:a3:12:eb:
ae:52:6d:da:9c:dc:eb:e0:ae:fb:99:31:e0:be:44:
5f:9e:a1:1d:11:d8:c2:86:e2:8f:10:cc:01:45:00:
25:44:9f:4f:37:94:12:00:56:e8:2c:89:c5:f0:51:
0d:08:f2:18:15:fc:3f:b8:71:b9:5e:01:5c:42:42:
d4:7b:0e:de:2c:8b:41:fe:9b:a8:d8:dc:e1:74:3c:
20:83:94:86:f5:91:70:cf:86:bc:3e:b0:c1:ae:61:
d3:f4:65:f2:a1:bb:10:81:81:9b:22:46:ff:b6:ed:
57:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:81:D0:59:45:90:11:55:9D:66:B4:AA:2B:E8:53:B9:A0:22:7A:C4
X509v3 Authority Key Identifier:
keyid:BE:44:8C:67:A3:AB:0E:A3:75:FB:A8:48:C9:FE:8C:8E:B1:E8:4D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkSMZ6OrDqN1-6hIyf6MjrHoTW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e20938-433c-4a26-8745-9d747d9a250a/1/qIHQWUWQEVWdZrSqK-hTuaAiesQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e20938-433c-4a26-8745-9d747d9a250a/1/vkSMZ6OrDqN1-6hIyf6MjrHoTW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.75.0/24
IPv6:
2a11:c600::/29
Signature Algorithm: sha256WithRSAEncryption
96:89:79:d0:e5:0b:48:64:8c:26:cf:37:86:88:32:77:b6:06:
00:68:6f:29:62:e1:81:d2:1f:08:ff:fa:6d:08:16:74:15:46:
a3:7c:34:a5:76:0f:00:16:65:c6:e9:b2:fb:4b:08:23:c3:c9:
c8:d7:52:83:e8:d3:90:c3:fe:0c:3b:b3:75:7c:97:84:27:e3:
9a:e4:f9:c9:98:b2:70:2d:c9:88:74:82:86:28:e0:81:f8:43:
a5:38:8c:a3:3d:aa:79:cb:42:d3:fe:5d:d0:8c:11:98:a0:c3:
96:11:f2:d7:37:1e:55:44:2c:7a:8e:4e:0b:da:9a:94:11:d5:
f5:93:b5:f1:4a:b3:50:79:1a:f9:ad:73:8a:dc:b2:d1:a1:82:
85:29:d6:a4:75:2b:ac:d6:78:72:99:2c:14:af:bb:2b:2a:9a:
6a:49:ed:22:7a:d6:38:5a:b9:1a:e3:75:97:c7:28:fc:f8:53:
a8:94:76:1e:f7:80:30:31:e2:9e:b6:0a:12:80:31:09:ca:9b:
fb:72:44:a0:03:e9:df:fa:94:ac:83:fd:91:68:1e:35:33:a3:
c9:51:50:bd:ef:d3:d8:88:6e:c9:a9:71:e1:cb:9b:fe:25:99:
14:d4:61:b8:b5:66:9a:21:bc:18:29:ad:16:0a:b2:50:11:13:
01:bb:b0:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1L4ODr3iXrJtRqVkCKAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDQ4YzY3YTNhYjBlYTM3NWZiYTg0OGM5ZmU4YzhlYjFl
ODRkNmYwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgxZDA1OTQ1OTAxMTU1OWQ2NmI0YWEyYmU4NTNiOWEwMjI3YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrMcqrgsDkJmgjtiOlZssQElR8mF
KohSSLLVsjaLas//e0Skg3ff3Fd5J26SZoZGmSqYPJybMfPwZ6zCXGl/WXXPrrE4
rQkl5SU+wwaSOAOa7xwmNLZGJ/xWpw6gM//zHrXT6quDhkuN+RsYoLL7Vf+iyW5n
lnkL+HsKLmCuiFU9x0nX+Oz7dccLSVKabyP4Zz6jEuuuUm3anNzr4K77mTHgvkRf
nqEdEdjChuKPEMwBRQAlRJ9PN5QSAFboLInF8FENCPIYFfw/uHG5XgFcQkLUew7e
LItB/puo2NzhdDwgg5SG9ZFwz4a8PrDBrmHT9GXyobsQgYGbIkb/tu1XHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKiB0FlFkBFVnWa0qivoU7mgInrEMB8GA1UdIwQY
MBaAFL5EjGejqw6jdfuoSMn+jI6x6E1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtTTVo2T3JEcU4xLTZoSXlmNk1qckhvVFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lMjA5MzgtNDMzYy00YTI2LTg3NDUt
OWQ3NDdkOWEyNTBhLzEvcUlIUVdVV1FFVldkWnJTcUstaFR1YUFpZXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lMjA5MzgtNDMzYy00YTI2LTg3NDUtOWQ3NDdkOWEyNTBh
LzEvdmtTTVo2T3JEcU4xLTZoSXlmNk1qckhvVFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwxBLMA0E
AgACMAcDBQMqEcYAMA0GCSqGSIb3DQEBCwUAA4IBAQCWiXnQ5QtIZIwmzzeGiDJ3
tgYAaG8pYuGB0h8I//ptCBZ0FUajfDSldg8AFmXG6bL7Swgjw8nI11KD6NOQw/4M
O7N1fJeEJ+Oa5PnJmLJwLcmIdIKGKOCB+EOlOIyjPap5y0LT/l3QjBGYoMOWEfLX
Nx5VRCx6jk4L2pqUEdX1k7XxSrNQeRr5rXOK3LLRoYKFKdakdSus1nhymSwUr7sr
KppqSe0ietY4Wrka43WXxyj8+FOolHYe94AwMeKetgoSgDEJypv7ckSgA+nf+pSs
g/2RaB41M6PJUVC979PYiG7JqXHhy5v+JZkU1GG4tWaaIbwYKa0WCrJQERMBu7BT
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:43 2024 by rpki-client on console.sobornost.net