Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i7ggzcT7X-5EsC2-TY5Infj9W2I.roa
File: i7ggzcT7X-5EsC2-TY5Infj9W2I.roa (raw, json)
Hash identifier: 2Obj66l76T78unzxUgbghtUiPGmebEsb5dEUyfNkrl8=
Subject key identifier: 8B:B8:20:CD:C4:FB:5F:EE:44:B0:2D:BE:4D:8E:48:9D:F8:FD:5B:62
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CB676F4D37216F6467C7232F2A166B83D
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i7ggzcT7X-5EsC2-TY5Infj9W2I.roa
Signing time: Fri 29 Dec 2023 16:44:58 +0000
ROA not before: Fri 29 Dec 2023 16:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 195.242.243.0/24 maxlen: 24
89.46.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:76:f4:d3:72:16:f6:46:7c:72:32:f2:a1:66:b8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Dec 29 16:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bb820cdc4fb5fee44b02dbe4d8e489df8fd5b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ed:cb:25:e2:20:7b:49:3e:03:38:c9:bf:52:
2d:30:4f:de:f6:5a:48:76:1f:99:b4:75:4d:ce:2f:
d7:2e:7f:67:a5:45:55:5a:0b:4b:8e:ee:44:2c:66:
cc:8c:ff:c1:99:d2:a8:a0:ff:14:28:fd:dd:80:b5:
88:f1:a6:96:45:34:52:c4:27:6a:1b:6b:13:84:77:
eb:65:2d:32:d0:04:ec:22:96:05:77:85:56:f6:84:
79:6b:55:f4:c9:67:e9:e9:01:80:4e:c8:76:93:ed:
6f:bd:3f:38:b3:65:d4:94:7c:67:b1:40:94:e1:ac:
b8:1a:e8:ed:e0:06:1b:dc:23:95:56:87:28:26:c8:
50:ee:59:5d:3b:53:93:c4:3b:45:7c:05:6f:e6:96:
ab:60:d3:42:40:f8:58:22:14:8c:52:eb:fa:4b:23:
43:81:e4:34:a4:23:26:81:61:a6:a9:bb:a9:bf:d6:
9e:1e:27:cb:a7:00:8c:6a:8e:15:3b:39:d3:32:e8:
5c:28:0d:55:48:c8:c7:16:60:54:b0:6d:02:3e:f5:
7b:eb:4b:fd:4f:92:81:1b:84:c4:d3:8e:f4:40:ca:
cc:df:2a:90:f3:15:c4:32:bf:00:3e:aa:fb:c9:8f:
71:d0:3b:20:87:84:1f:ca:f2:22:85:35:b0:99:59:
53:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B8:20:CD:C4:FB:5F:EE:44:B0:2D:BE:4D:8E:48:9D:F8:FD:5B:62
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/i7ggzcT7X-5EsC2-TY5Infj9W2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d2:13:10:90:cd:ef:b5:ae:45:b9:05:36:1d:89:9f:d2:7c:
ce:c9:4c:e9:20:39:bd:d7:e7:2a:69:38:a9:e4:14:ce:ad:ee:
a2:55:13:c1:13:8d:f8:e4:84:f7:92:2f:20:6c:b3:17:38:b8:
73:4a:c1:ef:5d:03:bc:df:b3:26:84:33:bb:c9:ae:97:ae:4d:
c6:50:7c:7a:0b:a5:e9:fb:30:6f:79:83:8e:9c:29:c0:64:88:
a9:4f:77:30:ad:9d:a5:05:18:4f:ac:85:15:28:20:8a:ac:60:
8f:fd:ae:97:f3:32:b9:49:22:4c:6a:37:4b:77:11:59:ee:c2:
eb:28:a0:d5:82:63:f4:b9:b9:09:ba:95:8b:17:a4:30:16:59:
30:d8:86:c8:c6:7b:8d:8a:52:23:17:b3:36:4b:2d:5e:ba:dd:
cb:ab:1a:54:b2:e9:a4:b8:9e:3a:be:62:5d:1d:b2:a9:6c:27:
90:a4:47:ac:0a:15:30:ff:8f:48:97:46:8a:6f:0d:a1:53:20:
69:36:ec:d8:bf:e4:52:aa:f5:5a:22:80:28:6f:6b:1a:be:4f:
e2:3b:12:4d:b0:8b:91:10:fd:7a:89:35:bf:fc:6b:d0:3d:b9:
48:80:2e:51:0b:60:9e:9b:7a:6e:43:1b:60:8e:9d:7a:e0:8e:
04:5e:8d:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYy2dvTTchb2RnxyMvKhZrg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMxMjI5MTY0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI4MjBjZGM0ZmI1ZmVlNDRiMDJkYmU0ZDhlNDg5ZGY4ZmQ1YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle3LJeIge0k+AzjJv1ItME/e9lpI
dh+ZtHVNzi/XLn9npUVVWgtLju5ELGbMjP/BmdKooP8UKP3dgLWI8aaWRTRSxCdq
G2sThHfrZS0y0ATsIpYFd4VW9oR5a1X0yWfp6QGATsh2k+1vvT84s2XUlHxnsUCU
4ay4Gujt4AYb3COVVocoJshQ7lldO1OTxDtFfAVv5parYNNCQPhYIhSMUuv6SyND
geQ0pCMmgWGmqbupv9aeHifLpwCMao4VOznTMuhcKA1VSMjHFmBUsG0CPvV760v9
T5KBG4TE0470QMrM3yqQ8xXEMr8APqr7yY9x0Dsgh4QfyvIihTWwmVlToQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIu4IM3E+1/uRLAtvk2OSJ34/VtiMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvaTdnZ3pjVDdYLTVFc0MyLVRZNUluZmo5VzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS4KAwQA
w/LzMA0GCSqGSIb3DQEBCwUAA4IBAQAs0hMQkM3vta5FuQU2HYmf0nzOyUzpIDm9
1+cqaTip5BTOre6iVRPBE4345IT3ki8gbLMXOLhzSsHvXQO837MmhDO7ya6Xrk3G
UHx6C6Xp+zBveYOOnCnAZIipT3cwrZ2lBRhPrIUVKCCKrGCP/a6X8zK5SSJMajdL
dxFZ7sLrKKDVgmP0ubkJupWLF6QwFlkw2IbIxnuNilIjF7M2Sy1eut3LqxpUsumk
uJ46vmJdHbKpbCeQpEesChUw/49Il0aKbw2hUyBpNuzYv+RSqvVaIoAob2savk/i
OxJNsIuREP16iTW//GvQPblIgC5RC2Cem3puQxtgjp164I4EXo1o
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:27 2024 by rpki-client on console.sobornost.net