Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/pu9nCJe_0tb66Ohy2RGfTKgWfpk.roa
File: pu9nCJe_0tb66Ohy2RGfTKgWfpk.roa (raw, json)
Hash identifier: 2csBiGnoCT0h6FI+VGrTJoF/AXZZm3AnIMwGsmeqIF4=
Subject key identifier: A6:EF:67:08:97:BF:D2:D6:FA:E8:E8:72:D9:11:9F:4C:A8:16:7E:99
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8A78F171B1DC9833E202755CA9D79ED
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/pu9nCJe_0tb66Ohy2RGfTKgWfpk.roa
Signing time: Thu 16 Nov 2023 15:02:21 +0000
ROA not before: Thu 16 Nov 2023 15:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 46.190.137.0/24 maxlen: 24
46.190.254.0/24 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:a7:8f:17:1b:1d:c9:83:3e:20:27:55:ca:9d:79:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 15:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6ef670897bfd2d6fae8e872d9119f4ca8167e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a8:58:0f:c1:5f:84:a8:d8:8f:9f:ee:9e:ed:
b5:7f:49:36:f0:9e:8b:2e:a7:19:1f:5b:b2:1a:64:
33:d1:6f:57:01:39:aa:1c:4e:23:58:14:b7:0f:48:
50:a2:4b:d6:6a:24:be:b9:0d:83:9d:d5:3d:cf:2e:
71:4a:2a:50:f8:79:d7:43:f2:fe:1e:b9:f6:32:34:
c2:30:3a:28:fa:a8:10:01:d1:9a:6b:90:d3:b5:c4:
8e:86:d0:78:86:56:8b:cb:fc:6f:ff:77:8b:ef:f4:
a0:2c:f9:36:47:be:5e:6e:a6:fa:3f:ba:9e:88:1d:
62:de:b6:43:17:10:73:f2:90:27:cb:ca:a4:ca:1e:
6e:23:9b:4a:52:eb:0f:c3:5c:ae:3a:84:50:7f:f9:
1e:30:39:15:85:16:a1:61:c6:f0:81:c6:ac:58:2a:
f4:9c:7f:46:0a:b1:68:c1:63:e6:f3:ef:72:fa:56:
0d:fb:ab:5b:0d:91:52:aa:9c:a5:76:35:d0:29:a6:
47:14:31:92:2c:3c:f6:15:3d:5f:4f:c3:fe:99:9c:
54:c1:06:37:b1:26:fc:36:05:2f:a7:0c:5f:ce:1a:
b2:02:48:e5:3c:e8:dd:d2:02:f5:b3:7b:c6:b0:44:
14:ce:41:04:05:58:41:e0:a3:9a:5b:18:fe:60:3d:
00:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EF:67:08:97:BF:D2:D6:FA:E8:E8:72:D9:11:9F:4C:A8:16:7E:99
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/pu9nCJe_0tb66Ohy2RGfTKgWfpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.190.137.0/24
46.190.254.0/24
195.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:46:31:c7:6a:63:ab:40:1d:00:07:61:e3:3d:c0:af:11:3e:
6d:81:b2:da:ee:cf:8f:51:a0:96:24:86:0d:b8:12:49:24:9e:
aa:9d:96:bc:70:ef:99:bb:63:b9:4b:49:b6:65:10:b4:b5:4c:
3c:af:4b:d0:70:57:12:ba:78:a5:95:bf:5a:fa:b9:22:32:4e:
42:1b:d5:e6:0e:2f:5f:a5:a7:66:e4:5d:39:46:0a:9a:8f:27:
f1:29:31:57:45:3a:6a:2c:7c:3d:c7:5b:56:85:12:5f:41:4c:
33:2d:f1:72:ba:ca:ba:dd:41:a9:34:04:e9:b1:97:19:be:cb:
47:41:9e:9c:8a:ab:9e:3d:32:5a:4b:70:e5:23:69:12:b2:91:
c0:03:a7:ea:ec:32:13:e2:22:7c:81:e0:24:be:5d:fa:fe:e9:
76:69:0e:0c:9c:5a:a0:e1:b3:db:f4:dd:d0:7a:cd:52:00:72:
19:ee:65:41:35:bd:13:d1:0f:7f:66:ea:79:c7:6d:aa:48:fd:
2e:18:d5:6b:e9:a9:c7:f9:ba:22:db:9e:05:c4:f2:55:56:35:
74:78:4a:2a:2e:ac:54:6e:27:c5:c9:36:55:dd:f0:b6:1a:e9:
a3:cc:e9:38:af:19:53:7b:d3:bd:1c:04:e1:14:a9:0f:3e:a7:
22:0d:aa:80
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYvYp48XGx3Jgz4gJ1XKnXntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTUwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVmNjcwODk3YmZkMmQ2ZmFlOGU4NzJkOTExOWY0Y2E4MTY3ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6hYD8FfhKjYj5/unu21f0k28J6L
LqcZH1uyGmQz0W9XATmqHE4jWBS3D0hQokvWaiS+uQ2DndU9zy5xSipQ+HnXQ/L+
Hrn2MjTCMDoo+qgQAdGaa5DTtcSOhtB4hlaLy/xv/3eL7/SgLPk2R75ebqb6P7qe
iB1i3rZDFxBz8pAny8qkyh5uI5tKUusPw1yuOoRQf/keMDkVhRahYcbwgcasWCr0
nH9GCrFowWPm8+9y+lYN+6tbDZFSqpyldjXQKaZHFDGSLDz2FT1fT8P+mZxUwQY3
sSb8NgUvpwxfzhqyAkjlPOjd0gL1s3vGsEQUzkEEBVhB4KOaWxj+YD0AaQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKbvZwiXv9LW+ujoctkRn0yoFn6ZMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvcHU5bkNKZV8wdGI2Nk9oeTJSR2ZUS2dXZnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQALr6JAwQA
Lr7+AwMAw+kwDQYJKoZIhvcNAQELBQADggEBAK9GMcdqY6tAHQAHYeM9wK8RPm2B
struz49RoJYkhg24Ekkknqqdlrxw75m7Y7lLSbZlELS1TDyvS9BwVxK6eKWVv1r6
uSIyTkIb1eYOL1+lp2bkXTlGCpqPJ/EpMVdFOmosfD3HW1aFEl9BTDMt8XK6yrrd
Qak0BOmxlxm+y0dBnpyKq549MlpLcOUjaRKykcADp+rsMhPiInyB4CS+Xfr+6XZp
DgycWqDhs9v03dB6zVIAchnuZUE1vRPRD39m6nnHbapI/S4Y1Wvpqcf5uiLbngXE
8lVWNXR4SiourFRuJ8XJNlXd8LYa6aPM6TivGVN7070cBOEUqQ8+pyINqoA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:38 2023 by rpki-client on console.sobornost.net