Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/2EBhqMxLS4fpPKTf1IcqmOKSFII.roa
File: 2EBhqMxLS4fpPKTf1IcqmOKSFII.roa (raw, json)
Hash identifier: NI/kb5a6KgLS23YBqoe/BczQWTOLjzWbBOsopLBGGS0=
Subject key identifier: D8:40:61:A8:CC:4B:4B:87:E9:3C:A4:DF:D4:87:2A:98:E2:92:14:82
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8A78F8281738FFB8203B851981E4776
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/2EBhqMxLS4fpPKTf1IcqmOKSFII.roa
Signing time: Thu 16 Nov 2023 15:02:21 +0000
ROA not before: Thu 16 Nov 2023 15:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:a7:8f:82:81:73:8f:fb:82:03:b8:51:98:1e:47:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 15:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d84061a8cc4b4b87e93ca4dfd4872a98e2921482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:d7:0a:d1:b1:49:02:7f:28:82:41:3c:b6:
4a:ef:13:d1:78:80:d2:8a:6d:d7:db:27:f9:0d:29:
7f:09:85:f1:2f:4e:99:80:2c:4b:46:ec:11:1e:f1:
94:0e:d2:e7:bc:a5:29:b2:99:87:e8:82:85:82:1f:
c2:63:56:0b:e4:b5:a5:29:ff:72:d4:f2:df:e2:e7:
b2:b8:24:c4:4b:2e:63:05:ae:7d:ab:8d:99:03:5d:
ec:e2:bb:7d:d3:87:e7:0c:0f:7e:00:7f:0c:4b:c6:
c0:9b:3e:54:73:0c:3d:7b:dd:4b:be:91:07:4a:4e:
d9:74:c0:4f:4d:93:ca:7e:66:16:20:04:64:d8:e0:
d5:03:d8:44:26:c9:54:93:d7:2b:86:e3:06:fb:35:
f5:96:93:7f:31:77:ba:44:ba:93:c9:1f:e8:98:4b:
86:fb:1b:cb:77:fe:84:ea:47:4e:cc:8e:b8:b1:83:
c4:5d:44:46:5e:b9:bf:94:34:bc:78:28:65:2a:95:
db:60:4c:12:63:75:c4:c4:12:58:93:11:c1:82:af:
02:ef:c5:72:68:13:68:da:28:a3:a3:f3:c4:2d:f2:
5a:8d:44:57:e8:7d:a3:27:c0:3c:a8:b2:6d:4e:83:
97:67:25:36:ff:f4:ad:f8:20:40:e0:ea:09:9d:6d:
5f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:40:61:A8:CC:4B:4B:87:E9:3C:A4:DF:D4:87:2A:98:E2:92:14:82
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/2EBhqMxLS4fpPKTf1IcqmOKSFII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
a1:01:af:c4:46:8a:62:0c:81:8f:40:1e:f3:02:a5:2b:1d:0e:
1d:12:d5:3c:1e:2d:6c:4f:9c:dc:7e:68:f6:06:42:22:d9:a1:
e5:06:93:5e:eb:41:d7:57:d3:66:c9:fa:2c:db:69:a9:54:cd:
ef:32:8d:27:fe:d7:55:e3:a3:26:00:d7:84:56:58:bb:ca:13:
c4:bc:7c:6d:83:1c:57:ac:3b:21:9f:b9:c1:ee:e0:e4:59:cc:
69:84:c9:83:57:b3:06:a3:1d:00:ee:80:3c:0e:49:c7:c3:c5:
fb:72:f8:d4:0d:05:7d:7d:2f:75:ba:33:66:bd:a9:0b:ef:0e:
89:1a:fa:cc:81:5a:5a:8a:fb:90:59:ed:a9:4c:00:6c:a5:ed:
0d:ac:ce:58:01:95:e1:d4:b4:8e:02:c2:31:4b:ff:f7:1b:f0:
a0:fa:bf:33:da:2f:11:f0:ec:a2:03:97:86:3d:92:7c:04:4e:
b1:0a:5a:8e:45:92:0a:f0:3a:69:b3:8d:8b:e6:1b:ce:71:26:
1a:62:50:b0:c2:ff:96:1b:35:a0:64:66:09:e3:8e:47:a9:42:
b1:e5:fd:1f:2d:fd:ae:9b:a2:82:a2:31:03:8c:b5:6d:11:f1:
78:dd:59:3b:7b:99:c0:8c:f9:07:9e:93:ca:b9:bf:16:8e:5a:
e5:7f:e3:9f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYvYp4+CgXOP+4IDuFGYHkd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTUwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQwNjFhOGNjNGI0Yjg3ZTkzY2E0ZGZkNDg3MmE5OGUyOTIxNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQXXCtGxSQJ/KIJBPLZK7xPReIDS
im3X2yf5DSl/CYXxL06ZgCxLRuwRHvGUDtLnvKUpspmH6IKFgh/CY1YL5LWlKf9y
1PLf4ueyuCTESy5jBa59q42ZA13s4rt904fnDA9+AH8MS8bAmz5Ucww9e91LvpEH
Sk7ZdMBPTZPKfmYWIARk2ODVA9hEJslUk9crhuMG+zX1lpN/MXe6RLqTyR/omEuG
+xvLd/6E6kdOzI64sYPEXURGXrm/lDS8eChlKpXbYEwSY3XExBJYkxHBgq8C78Vy
aBNo2iijo/PELfJajURX6H2jJ8A8qLJtToOXZyU2//St+CBA4OoJnW1f5QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFNhAYajMS0uH6Tyk39SHKpjikhSCMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvMkVCaHFNeExTNGZwUEtUZjFJY3FtT0tTRklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAfD6IAD
AwHD6DANBgkqhkiG9w0BAQsFAAOCAQEAoQGvxEaKYgyBj0Ae8wKlKx0OHRLVPB4t
bE+c3H5o9gZCItmh5QaTXutB11fTZsn6LNtpqVTN7zKNJ/7XVeOjJgDXhFZYu8oT
xLx8bYMcV6w7IZ+5we7g5FnMaYTJg1ezBqMdAO6APA5Jx8PF+3L41A0FfX0vdboz
Zr2pC+8OiRr6zIFaWor7kFntqUwAbKXtDazOWAGV4dS0jgLCMUv/9xvwoPq/M9ov
EfDsogOXhj2SfAROsQpajkWSCvA6abONi+YbznEmGmJQsML/lhs1oGRmCeOOR6lC
seX9Hy39rpuigqIxA4y1bRHxeN1ZO3uZwIz5B56Tyrm/Fo5a5X/jnw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:38 2023 by rpki-client on console.sobornost.net