Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/AYLOoDpOdXuvP-yzHu8d8tgUfzU.roa
File: AYLOoDpOdXuvP-yzHu8d8tgUfzU.roa (raw, json)
Hash identifier: PikVafKp0w7SaD07XuLFOVvZASVDfGxR6zT0/QJjnEA=
Subject key identifier: 01:82:CE:A0:3A:4E:75:7B:AF:3F:EC:B3:1E:EF:1D:F2:D8:14:7F:35
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 01856B9C81E13EB95BCEB6D3BE927B0CC040
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/AYLOoDpOdXuvP-yzHu8d8tgUfzU.roa
Signing time: Sun 01 Jan 2023 04:34:56 +0000
ROA not before: Sun 01 Jan 2023 04:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 22
194.61.20.0/22 maxlen: 22
2a09:7001::/32 maxlen: 32
2a09:7000::/29 maxlen: 32
2a09:7000::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:81:e1:3e:b9:5b:ce:b6:d3:be:92:7b:0c:c0:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Jan 1 04:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0182cea03a4e757baf3fecb31eef1df2d8147f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:9c:7a:39:01:a9:59:81:0c:9b:1b:85:da:
d2:31:ef:05:54:77:40:dc:a9:39:54:5e:51:4f:81:
fa:5d:55:13:45:5d:54:e1:b2:61:09:b6:24:52:b2:
4a:7d:ec:c7:09:e2:1d:a9:ba:6f:dd:f3:ea:b7:eb:
16:db:3f:4d:d1:bb:63:d0:83:c4:f0:c4:48:49:2e:
ae:7f:a3:94:e3:ac:bb:cd:f1:92:e1:7a:1c:64:b2:
ea:f9:85:19:c5:bd:fe:96:2a:7c:f6:c1:e7:e4:7f:
8b:5f:71:e4:e1:79:58:56:45:b4:08:8e:7e:35:4e:
95:ba:b0:89:b0:10:77:0f:e0:21:5e:b5:98:14:de:
59:5a:cd:96:28:5b:d5:3a:d6:51:6a:b5:04:35:4f:
fd:97:de:2a:d0:39:8b:2d:73:01:35:5f:2c:88:fb:
60:7e:74:eb:5f:89:2c:b1:5d:5f:13:0d:9a:15:02:
1b:b2:e8:52:5b:ca:d6:c3:bb:8e:36:f3:5e:ba:76:
72:eb:f3:0d:7b:6c:aa:54:e1:19:60:28:44:b2:29:
70:92:6e:d0:c1:bb:21:d8:0b:10:0e:1b:17:37:24:
ab:a3:c6:03:3c:fc:81:ef:9a:f9:66:d5:d5:77:a1:
88:65:54:53:8e:cc:69:13:e3:71:3a:ad:8f:74:78:
8b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:82:CE:A0:3A:4E:75:7B:AF:3F:EC:B3:1E:EF:1D:F2:D8:14:7F:35
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/AYLOoDpOdXuvP-yzHu8d8tgUfzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
03:90:7a:d4:b9:77:32:b5:fa:ff:49:e7:e3:cc:23:82:40:bf:
d5:2a:37:b7:39:63:64:ee:73:57:7a:1c:80:4d:2c:60:83:24:
ae:fb:bf:c9:7c:51:ef:37:94:e6:92:7c:de:76:b1:45:d4:1d:
d1:bb:4b:c6:3e:be:3a:57:83:18:7b:71:d1:36:11:d2:1b:21:
28:0a:eb:8b:cb:b6:56:de:0b:12:12:f3:8f:1d:04:64:07:85:
fc:8d:66:98:5f:6a:7e:9b:53:aa:f3:7c:fc:d9:24:43:e7:e8:
b6:51:5c:ba:23:1e:66:10:7e:f3:9a:1c:26:83:b6:a4:9b:0b:
c7:0b:3d:f7:ac:2a:04:14:3a:16:14:77:4e:da:ae:fc:5f:8a:
08:8f:eb:83:7a:80:c4:73:ee:24:2c:7d:43:b8:f2:fb:a0:c7:
32:ec:3d:37:de:af:fa:1a:69:46:96:1f:20:ac:78:29:18:4f:
64:5d:44:33:29:f3:43:62:75:03:00:64:41:b4:57:42:9d:c8:
24:25:a5:91:59:bc:51:85:23:6a:31:0a:d7:ab:04:6a:41:2f:
c4:52:01:87:fe:c9:e6:b9:01:1a:8b:8d:3c:e6:37:6a:2e:37:
ac:80:33:02:e8:1e:db:25:7b:b1:41:0d:ed:4c:04:b6:3d:14:
70:56:77:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrnIHhPrlbzrbTvpJ7DMBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjMwMTAxMDQzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgyY2VhMDNhNGU3NTdiYWYzZmVjYjMxZWVmMWRmMmQ4MTQ3ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDicejkBqVmBDJsbhdrSMe8FVHdA
3Kk5VF5RT4H6XVUTRV1U4bJhCbYkUrJKfezHCeIdqbpv3fPqt+sW2z9N0btj0IPE
8MRISS6uf6OU46y7zfGS4XocZLLq+YUZxb3+lip89sHn5H+LX3Hk4XlYVkW0CI5+
NU6VurCJsBB3D+AhXrWYFN5ZWs2WKFvVOtZRarUENU/9l94q0DmLLXMBNV8siPtg
fnTrX4kssV1fEw2aFQIbsuhSW8rWw7uONvNeunZy6/MNe2yqVOEZYChEsilwkm7Q
wbsh2AsQDhsXNySro8YDPPyB75r5ZtXVd6GIZVRTjsxpE+NxOq2PdHiLPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAGCzqA6TnV7rz/ssx7vHfLYFH81MB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvQVlMT29EcE9kWHV2UC15ekh1OGQ4dGdVZnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQADkHrUuXcytfr/
SefjzCOCQL/VKje3OWNk7nNXehyATSxggySu+7/JfFHvN5TmknzedrFF1B3Ru0vG
Pr46V4MYe3HRNhHSGyEoCuuLy7ZW3gsSEvOPHQRkB4X8jWaYX2p+m1Oq83z82SRD
5+i2UVy6Ix5mEH7zmhwmg7akmwvHCz33rCoEFDoWFHdO2q78X4oIj+uDeoDEc+4k
LH1DuPL7oMcy7D033q/6GmlGlh8grHgpGE9kXUQzKfNDYnUDAGRBtFdCncgkJaWR
WbxRhSNqMQrXqwRqQS/EUgGH/snmuQEai4085jdqLjesgDMC6B7bJXuxQQ3tTAS2
PRRwVnfh
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:26 2023 by rpki-client on console.sobornost.net