Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/6a301c-8532-46f0-a33e-eb65f1f46e0b/1/OQKrM1fwCmVKhXKniK4pCTMYn5o.roa
File: OQKrM1fwCmVKhXKniK4pCTMYn5o.roa (raw, json)
Hash identifier: qbeZe8SYTRWemniKUth3fZcAnHj1SlPwEectyEotmCI=
Subject key identifier: 39:02:AB:33:57:F0:0A:65:4A:85:72:A7:88:AE:29:09:33:18:9F:9A
Certificate issuer: /CN=7d25be70406d381e725d3e2bef12f6a8f3dd8257
Certificate serial: 0185738FFBE9579462301D7D814BF1495DA8
Authority key identifier: 7D:25:BE:70:40:6D:38:1E:72:5D:3E:2B:EF:12:F6:A8:F3:DD:82:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fSW-cEBtOB5yXT4r7xL2qPPdglc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/6a301c-8532-46f0-a33e-eb65f1f46e0b/1/OQKrM1fwCmVKhXKniK4pCTMYn5o.roa
Signing time: Mon 02 Jan 2023 17:38:14 +0000
ROA not before: Mon 02 Jan 2023 17:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50293
IP address blocks: 193.39.195.0/24 maxlen: 24
2a10:e440::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:fb:e9:57:94:62:30:1d:7d:81:4b:f1:49:5d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d25be70406d381e725d3e2bef12f6a8f3dd8257
Validity
Not Before: Jan 2 17:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3902ab3357f00a654a8572a788ae290933189f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:78:f1:c7:19:72:e9:8a:88:ba:cf:18:13:
c2:e2:3e:09:e3:69:03:95:8b:db:b0:f8:f2:f1:ee:
e9:f5:3d:52:49:de:f2:95:0e:27:6d:4d:db:d9:28:
ae:4f:78:61:20:e9:50:f7:4e:20:34:3b:35:4b:ca:
3d:99:d5:1e:c9:f3:2c:7e:78:db:86:8a:d7:79:05:
10:19:c7:cb:9e:a1:26:bf:89:4d:12:df:80:f9:5f:
f5:46:92:49:67:9b:3c:ca:ad:c0:f1:31:2a:6f:5e:
66:9c:3e:12:cf:ff:4d:51:e2:d9:7f:c6:93:f3:6a:
cc:7b:87:a7:55:df:08:d5:86:78:d8:49:3c:46:63:
29:71:d0:59:3f:1a:41:fc:02:27:2a:b7:d7:a0:d3:
d5:cf:39:ef:d4:51:f6:d8:32:03:c4:0c:c5:1b:b5:
5f:e0:56:2d:15:f5:64:31:fc:f5:c6:d6:78:ad:2d:
5c:1e:e3:7e:a6:c7:a9:19:03:5b:58:5f:4f:86:03:
3f:ee:ef:cf:17:4d:29:41:cf:ce:ab:0c:4c:27:18:
1d:8c:02:95:c0:3f:11:8e:f7:95:15:38:20:b7:8f:
10:79:44:de:c6:27:5e:13:5c:18:11:32:96:e9:5e:
cd:21:ad:6e:ee:b7:ab:4b:d8:c0:9e:9c:4d:01:18:
8f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:AB:33:57:F0:0A:65:4A:85:72:A7:88:AE:29:09:33:18:9F:9A
X509v3 Authority Key Identifier:
keyid:7D:25:BE:70:40:6D:38:1E:72:5D:3E:2B:EF:12:F6:A8:F3:DD:82:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fSW-cEBtOB5yXT4r7xL2qPPdglc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6a301c-8532-46f0-a33e-eb65f1f46e0b/1/OQKrM1fwCmVKhXKniK4pCTMYn5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6a301c-8532-46f0-a33e-eb65f1f46e0b/1/fSW-cEBtOB5yXT4r7xL2qPPdglc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.195.0/24
IPv6:
2a10:e440::/32
Signature Algorithm: sha256WithRSAEncryption
16:12:e9:fc:20:ee:a4:f2:b4:49:82:03:9d:b7:0d:55:db:72:
26:23:4f:2b:76:9f:ae:1b:2e:d8:3f:ee:9e:cb:8b:90:bf:43:
7b:bb:00:fd:e5:09:ae:36:a0:74:8d:2f:e1:1d:db:70:3f:05:
c8:91:26:6c:cf:ef:88:75:30:9e:f2:ec:bf:c0:19:a2:06:04:
99:a6:d3:42:e1:4e:9c:aa:db:77:1a:51:43:d8:82:10:fe:b9:
59:d7:e4:37:5a:f3:be:4f:c4:2d:85:27:53:84:ce:ea:8b:84:
ea:9e:e1:ef:ad:8a:cc:87:b5:35:93:89:b2:46:ec:0b:49:de:
44:ea:2d:4c:ea:6f:8b:55:e1:e3:f2:95:42:46:64:57:3c:2b:
ae:99:6a:55:0a:b9:70:0f:c9:73:99:ca:07:ae:f1:a4:b4:18:
4e:1a:f0:81:20:24:74:61:6f:d7:44:e5:b0:15:10:f5:e2:60:
1d:6f:70:94:2d:e6:9b:d1:d8:b3:24:27:1b:d3:d5:f1:de:86:
f8:37:53:f7:09:6d:74:7e:29:62:f3:6e:4b:9b:2d:06:dc:4b:
ff:c8:05:6a:01:c0:08:fd:89:e4:23:6a:77:bc:1c:31:15:df:
7e:27:94:1b:ed:c2:4b:85:34:86:9a:95:20:a4:b6:7a:08:36:
16:84:b6:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzj/vpV5RiMB19gUvxSV2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMjViZTcwNDA2ZDM4MWU3MjVkM2UyYmVmMTJmNmE4ZjNk
ZDgyNTcwHhcNMjMwMTAyMTczODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAyYWIzMzU3ZjAwYTY1NGE4NTcyYTc4OGFlMjkwOTMzMTg5ZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ148ccZcumKiLrPGBPC4j4J42kD
lYvbsPjy8e7p9T1SSd7ylQ4nbU3b2SiuT3hhIOlQ904gNDs1S8o9mdUeyfMsfnjb
horXeQUQGcfLnqEmv4lNEt+A+V/1RpJJZ5s8yq3A8TEqb15mnD4Sz/9NUeLZf8aT
82rMe4enVd8I1YZ42Ek8RmMpcdBZPxpB/AInKrfXoNPVzznv1FH22DIDxAzFG7Vf
4FYtFfVkMfz1xtZ4rS1cHuN+psepGQNbWF9PhgM/7u/PF00pQc/OqwxMJxgdjAKV
wD8RjveVFTggt48QeUTexideE1wYETKW6V7NIa1u7rerS9jAnpxNARiPfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDkCqzNX8AplSoVyp4iuKQkzGJ+aMB8GA1UdIwQY
MBaAFH0lvnBAbTgecl0+K+8S9qjz3YJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlNXLWNFQnRPQjV5WFQ0cjd4TDJxUFBkZ2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82YTMwMWMtODUzMi00NmYwLWEzM2Ut
ZWI2NWYxZjQ2ZTBiLzEvT1FLck0xZndDbVZLaFhLbmlLNHBDVE1ZbjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82YTMwMWMtODUzMi00NmYwLWEzM2UtZWI2NWYxZjQ2ZTBi
LzEvZlNXLWNFQnRPQjV5WFQ0cjd4TDJxUFBkZ2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSfDMA0E
AgACMAcDBQAqEORAMA0GCSqGSIb3DQEBCwUAA4IBAQAWEun8IO6k8rRJggOdtw1V
23ImI08rdp+uGy7YP+6ey4uQv0N7uwD95QmuNqB0jS/hHdtwPwXIkSZsz++IdTCe
8uy/wBmiBgSZptNC4U6cqtt3GlFD2IIQ/rlZ1+Q3WvO+T8QthSdThM7qi4TqnuHv
rYrMh7U1k4myRuwLSd5E6i1M6m+LVeHj8pVCRmRXPCuumWpVCrlwD8lzmcoHrvGk
tBhOGvCBICR0YW/XROWwFRD14mAdb3CULeab0dizJCcb09Xx3ob4N1P3CW10fili
825Lmy0G3Ev/yAVqAcAI/YnkI2p3vBwxFd9+J5Qb7cJLhTSGmpUgpLZ6CDYWhLYY
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:10 2024 by rpki-client on console.sobornost.net