Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/BHrlmgQKm76CtP8mKPepWIjr7QA.roa
File: BHrlmgQKm76CtP8mKPepWIjr7QA.roa (raw, json)
Hash identifier: wI8RF6xk/h0NURrbZ4QrxIuwUSuJHQbDeuAjjQpm9Qc=
Subject key identifier: 04:7A:E5:9A:04:0A:9B:BE:82:B4:FF:26:28:F7:A9:58:88:EB:ED:00
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 01857368489F2462AB24D23E1D94ED9DA1DA
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/BHrlmgQKm76CtP8mKPepWIjr7QA.roa
Signing time: Mon 02 Jan 2023 16:54:52 +0000
ROA not before: Mon 02 Jan 2023 16:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 194.188.145.0/24 maxlen: 24
192.126.64.0/24 maxlen: 24
192.126.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:48:9f:24:62:ab:24:d2:3e:1d:94:ed:9d:a1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 2 16:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=047ae59a040a9bbe82b4ff2628f7a95888ebed00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:69:ad:af:1b:f8:76:94:36:dd:30:df:33:f5:
f2:cf:a6:73:ba:b6:95:0a:75:88:2e:6b:7e:dd:38:
8b:b8:ad:0b:6b:65:7b:f0:37:f1:9e:2c:89:9e:61:
18:a1:f9:d9:21:d3:a3:82:8d:f0:c7:b8:2a:be:0a:
75:3a:10:b9:37:49:20:6f:5e:49:b6:9f:94:e6:f2:
76:16:e9:06:72:5f:a0:ca:1f:89:f0:1e:79:70:a9:
4e:e5:03:3b:b0:8b:4f:7b:37:3d:24:79:08:a4:e4:
84:d7:51:0f:01:a7:33:25:88:0c:72:bf:dc:c7:a6:
61:af:8f:a8:8a:ee:69:25:3d:bf:1d:d3:e2:5b:86:
d8:b4:8c:c6:a1:24:27:52:b6:ac:a8:19:84:83:62:
94:bf:dc:ec:d6:b6:f6:dc:92:4c:cb:e7:9c:fa:4c:
28:63:f9:f0:ff:db:5d:4a:e1:cb:76:fd:81:4a:b0:
d4:01:bc:94:23:1e:26:5b:79:0b:1b:21:af:1f:08:
75:3a:9d:42:f6:33:39:67:02:c2:83:09:4e:ac:ba:
aa:20:07:0d:ed:8e:30:8b:39:26:0e:17:1c:41:59:
8c:a6:f0:e3:1e:69:4b:ce:be:e1:15:ba:34:06:ee:
9e:26:2c:2e:ce:ae:27:f6:cd:58:0e:f5:55:7e:fe:
97:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:7A:E5:9A:04:0A:9B:BE:82:B4:FF:26:28:F7:A9:58:88:EB:ED:00
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/BHrlmgQKm76CtP8mKPepWIjr7QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.126.63.0-192.126.64.255
194.188.145.0/24
Signature Algorithm: sha256WithRSAEncryption
86:18:36:34:9c:91:0f:c1:a8:b8:90:b7:d3:4b:f5:ec:3d:53:
a5:15:c1:0c:ba:ee:5d:0d:80:c3:4b:e8:ce:8a:be:aa:c5:53:
22:c7:4a:19:90:d6:99:45:7e:cd:48:51:ec:a6:95:f5:eb:6a:
5f:ef:8a:67:92:ef:87:84:6d:06:0f:83:0a:3c:e7:87:b0:77:
79:96:0c:64:30:fd:31:04:db:12:f8:50:a1:2b:42:98:9c:37:
c0:0b:b3:ae:1a:55:e5:5e:52:7f:78:e0:6f:12:29:af:03:9b:
43:d5:7f:12:1d:a8:54:de:31:f3:7f:c1:da:d8:3c:72:c9:06:
14:84:f6:1b:6d:5d:19:38:12:43:6b:8f:db:83:31:e8:9b:e0:
26:0e:2c:a9:45:3a:2c:0d:4f:24:02:a3:0b:8a:84:13:cb:26:
e2:8d:87:22:45:73:87:70:f0:ff:87:b2:48:49:5f:39:4c:f9:
c3:5d:63:f8:40:2c:fd:66:91:3a:13:94:a1:a8:0f:78:1b:fc:
96:cf:99:81:fd:b8:c3:ba:01:9d:f8:b0:78:d1:bd:d8:4c:86:
d4:01:d2:43:29:a6:58:12:49:7b:b8:bd:bd:38:0c:71:26:27:
63:78:90:bc:2e:1f:d1:4b:e5:d0:1c:6a:31:89:34:3d:99:21:
a5:1e:71:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzaEifJGKrJNI+HZTtnaHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjMwMTAyMTY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDdhZTU5YTA0MGE5YmJlODJiNGZmMjYyOGY3YTk1ODg4ZWJlZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmmtrxv4dpQ23TDfM/Xyz6ZzuraV
CnWILmt+3TiLuK0La2V78DfxniyJnmEYofnZIdOjgo3wx7gqvgp1OhC5N0kgb15J
tp+U5vJ2FukGcl+gyh+J8B55cKlO5QM7sItPezc9JHkIpOSE11EPAaczJYgMcr/c
x6Zhr4+oiu5pJT2/HdPiW4bYtIzGoSQnUrasqBmEg2KUv9zs1rb23JJMy+ec+kwo
Y/nw/9tdSuHLdv2BSrDUAbyUIx4mW3kLGyGvHwh1Op1C9jM5ZwLCgwlOrLqqIAcN
7Y4wizkmDhccQVmMpvDjHmlLzr7hFbo0Bu6eJiwuzq4n9s1YDvVVfv6X2wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAR65ZoECpu+grT/Jij3qViI6+0AMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvQkhybG1nUUttNzZDdFA4bUtQZXBXSWpyN1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADAfj8D
BADAfkADBADCvJEwDQYJKoZIhvcNAQELBQADggEBAIYYNjSckQ/BqLiQt9NL9ew9
U6UVwQy67l0NgMNL6M6KvqrFUyLHShmQ1plFfs1IUeymlfXral/vimeS74eEbQYP
gwo854ewd3mWDGQw/TEE2xL4UKErQpicN8ALs64aVeVeUn944G8SKa8Dm0PVfxId
qFTeMfN/wdrYPHLJBhSE9httXRk4EkNrj9uDMeib4CYOLKlFOiwNTyQCowuKhBPL
JuKNhyJFc4dw8P+HskhJXzlM+cNdY/hALP1mkToTlKGoD3gb/JbPmYH9uMO6AZ34
sHjRvdhMhtQB0kMpplgSSXu4vb04DHEmJ2N4kLwuH9FL5dAcajGJND2ZIaUecZg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:11 2024 by rpki-client on console.sobornost.net