Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/Y--bCNhXzET1R3e6OMuH0hRx03s.roa
File: Y--bCNhXzET1R3e6OMuH0hRx03s.roa (raw, json)
Hash identifier: u0rEudm2vZkCr4TdBUE0oOS5eJiKhBpVMAIalOdaT8s=
Subject key identifier: 63:EF:9B:08:D8:57:CC:44:F5:47:77:BA:38:CB:87:D2:14:71:D3:7B
Certificate issuer: /CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Certificate serial: 0185729F096575F71964C865B64A8A27FA4E
Authority key identifier: 8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/Y--bCNhXzET1R3e6OMuH0hRx03s.roa
Signing time: Mon 02 Jan 2023 13:15:03 +0000
ROA not before: Mon 02 Jan 2023 13:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206356
IP address blocks: 194.48.228.0/22 maxlen: 24
2a0c:efc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9f:09:65:75:f7:19:64:c8:65:b6:4a:8a:27:fa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Validity
Not Before: Jan 2 13:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63ef9b08d857cc44f54777ba38cb87d21471d37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4d:08:3c:91:23:9f:1f:5a:2c:5a:c3:08:5c:
f5:b9:a1:2c:f7:7f:f7:6b:01:3a:03:09:72:d3:53:
cd:56:b4:71:bc:58:29:7c:b8:b6:3f:35:e5:69:0f:
dd:84:c4:c0:11:af:b4:ef:d0:aa:f9:02:b5:73:ff:
da:9e:02:7f:1a:4f:f9:a4:2a:19:93:17:e5:03:d1:
7c:d5:fe:57:0d:ed:c4:38:a6:32:81:ae:24:ea:be:
1a:2c:dc:f6:33:63:73:f0:fa:3e:c9:f5:13:57:5f:
25:a4:6e:72:ee:b2:a3:7c:38:02:22:ed:85:51:54:
87:bb:b0:ff:f7:46:e5:02:16:ed:5d:d9:c2:37:df:
a5:6c:03:47:f4:b5:13:d5:68:a7:8e:bd:1e:59:a2:
f5:d4:af:f6:da:fd:72:58:63:fd:0e:3c:1f:e2:67:
a2:bf:c3:da:32:6a:d6:85:73:00:4c:6b:cf:a1:00:
13:3a:65:5c:15:df:83:b1:77:37:11:2c:8a:6d:4b:
40:1c:f3:b6:20:98:ee:82:c2:2c:2e:15:f8:7e:ca:
f1:81:69:9e:4b:93:38:3e:65:30:32:89:0c:20:d8:
2f:12:10:d1:ac:51:63:e7:7d:27:ae:8f:72:53:eb:
df:30:b6:12:a3:62:c2:41:26:fc:7b:3f:49:c9:d6:
b6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:EF:9B:08:D8:57:CC:44:F5:47:77:BA:38:CB:87:D2:14:71:D3:7B
X509v3 Authority Key Identifier:
keyid:8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/Y--bCNhXzET1R3e6OMuH0hRx03s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.228.0/22
IPv6:
2a0c:efc0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:14:df:fd:99:47:f4:84:ff:01:63:6e:c0:ab:68:ac:2c:2c:
0f:99:ba:11:8a:c1:4a:30:a2:32:1e:67:f0:9a:dc:4c:48:4a:
33:98:eb:ab:27:37:cc:ea:1b:84:40:f1:d9:a9:e8:05:27:da:
e0:e3:74:6b:5f:79:c0:3d:ac:9e:ec:ea:14:9e:ce:59:30:36:
9b:38:b7:90:23:41:f1:6d:6a:42:4b:53:21:57:51:79:5b:ac:
30:3d:a4:c7:d8:26:2e:e0:9b:28:25:a5:b7:7a:a2:32:90:21:
e9:fd:76:9a:0b:c8:b8:55:29:05:f3:ef:d4:ba:65:9f:82:7e:
2c:27:18:93:f4:c6:82:06:f7:a9:27:3a:b4:84:68:1c:a2:77:
86:4c:53:92:c4:88:95:2c:7b:ab:9b:49:1d:60:04:3d:a7:96:
18:d1:fc:66:f8:e3:2b:4a:7d:63:f9:c3:63:34:cb:fc:f3:79:
f1:6c:e5:59:93:5e:ba:6e:0d:5d:f0:eb:c7:90:4d:f5:72:15:
df:dd:a2:a8:5e:c8:ef:c8:f0:6a:d7:01:ab:df:f0:8e:00:d2:
ee:46:92:08:e3:70:ba:75:4e:de:57:32:9b:de:bf:ff:9e:c0:
6a:7f:4d:4b:27:45:5f:d6:7d:52:6b:18:be:07:33:5f:cd:91:
16:5c:fe:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVynwlldfcZZMhltkqKJ/pOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDUyNDM5Y2FjMjcxOWI2NGU4NWIyNmZmMGVhODQ2OGQ1
Nzk2MGUwHhcNMjMwMTAyMTMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2VmOWIwOGQ4NTdjYzQ0ZjU0Nzc3YmEzOGNiODdkMjE0NzFkMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU0IPJEjnx9aLFrDCFz1uaEs93/3
awE6Awly01PNVrRxvFgpfLi2PzXlaQ/dhMTAEa+079Cq+QK1c//angJ/Gk/5pCoZ
kxflA9F81f5XDe3EOKYyga4k6r4aLNz2M2Nz8Po+yfUTV18lpG5y7rKjfDgCIu2F
UVSHu7D/90blAhbtXdnCN9+lbANH9LUT1Winjr0eWaL11K/22v1yWGP9Djwf4mei
v8PaMmrWhXMATGvPoQATOmVcFd+DsXc3ESyKbUtAHPO2IJjugsIsLhX4fsrxgWme
S5M4PmUwMokMINgvEhDRrFFj530nro9yU+vfMLYSo2LCQSb8ez9Jyda2JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGPvmwjYV8xE9Ud3ujjLh9IUcdN7MB8GA1UdIwQY
MBaAFIzVJDnKwnGbZOhbJv8OqEaNV5YOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUt
M2U0YTAyNmRmMDAwLzEvWS0tYkNOaFh6RVQxUjNlNk9NdUgwaFJ4MDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUtM2U0YTAyNmRmMDAw
LzEvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwjDkMA0E
AgACMAcDBQMqDO/AMA0GCSqGSIb3DQEBCwUAA4IBAQC0FN/9mUf0hP8BY27Aq2is
LCwPmboRisFKMKIyHmfwmtxMSEozmOurJzfM6huEQPHZqegFJ9rg43RrX3nAPaye
7OoUns5ZMDabOLeQI0HxbWpCS1MhV1F5W6wwPaTH2CYu4JsoJaW3eqIykCHp/Xaa
C8i4VSkF8+/UumWfgn4sJxiT9MaCBvepJzq0hGgconeGTFOSxIiVLHurm0kdYAQ9
p5YY0fxm+OMrSn1j+cNjNMv883nxbOVZk166bg1d8OvHkE31chXf3aKoXsjvyPBq
1wGr3/COANLuRpII43C6dU7eVzKb3r//nsBqf01LJ0Vf1n1Saxi+BzNfzZEWXP5Y
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:37 2024 by rpki-client on console.sobornost.net