Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Jx2pcZb5fAFqsrhtmZXRRB6wZQk.roa
File: Jx2pcZb5fAFqsrhtmZXRRB6wZQk.roa (raw, json)
Hash identifier: x/VP/ZLsKIUvlwW6KGDuxUCjunrqi5/jrgpRpAGOSG4=
Subject key identifier: 27:1D:A9:71:96:F9:7C:01:6A:B2:B8:6D:99:95:D1:44:1E:B0:65:09
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018BCD48BB817B8EF8D0D3C0C591168F95F1
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Jx2pcZb5fAFqsrhtmZXRRB6wZQk.roa
Signing time: Tue 14 Nov 2023 10:02:57 +0000
ROA not before: Tue 14 Nov 2023 10:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31334
IP address blocks: 77.20.0.0/14 maxlen: 24
31.16.0.0/14 maxlen: 24
91.64.0.0/14 maxlen: 14
88.134.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:48:bb:81:7b:8e:f8:d0:d3:c0:c5:91:16:8f:95:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Nov 14 10:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=271da97196f97c016ab2b86d9995d1441eb06509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:d8:10:3d:a1:ad:14:cd:30:99:18:5f:16:
b7:d7:df:ee:96:e3:ce:dd:8b:23:3f:bf:7d:18:b6:
db:fd:3f:29:0e:15:6b:09:68:a1:5b:a5:e1:41:ad:
dc:0d:97:30:02:57:0e:36:9e:99:ec:38:88:67:af:
5d:e1:2f:8a:84:74:25:5c:55:f7:7c:91:fd:ee:6b:
d6:8f:0b:a9:af:7f:26:7c:18:64:c4:f9:6e:f6:71:
90:a0:d0:74:82:3d:f9:c9:b0:ba:98:ef:e7:7b:d9:
7f:17:c4:28:d5:1c:3c:6a:c2:42:92:04:a0:f5:72:
ad:96:0f:fb:d1:13:09:24:00:4a:53:45:bf:50:ab:
5b:88:27:d0:be:9c:03:23:19:cd:38:65:ca:77:28:
a9:3d:ea:55:7d:16:b9:67:2d:68:dd:59:7a:55:2d:
48:37:1c:2b:0d:41:1f:21:e9:bb:7b:99:ef:3a:15:
49:e5:c9:a5:3d:74:c0:f4:93:f7:7d:48:07:79:4a:
61:78:67:34:ea:b5:e2:46:c2:f5:16:0c:41:d8:f5:
1a:e0:ff:f1:e9:f6:fa:f3:42:7a:a6:bf:32:7d:6b:
a2:ec:5f:ce:71:85:09:eb:be:fa:a6:f1:2f:c9:ac:
4b:d2:50:74:41:ed:06:e6:f7:25:62:92:11:0d:fa:
8e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1D:A9:71:96:F9:7C:01:6A:B2:B8:6D:99:95:D1:44:1E:B0:65:09
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Jx2pcZb5fAFqsrhtmZXRRB6wZQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.16.0.0/14
77.20.0.0/14
88.134.0.0/16
91.64.0.0/14
Signature Algorithm: sha256WithRSAEncryption
53:77:3c:f9:07:19:01:7f:64:e8:b4:ab:0a:e0:9f:69:49:f7:
1b:af:cb:bf:a4:58:52:e4:ba:77:b9:15:19:d0:93:00:de:b5:
28:05:83:c0:a1:23:34:58:68:93:62:44:12:5c:31:f4:67:ab:
42:5b:7f:19:58:2c:16:ed:3c:74:03:bc:6e:f2:55:f6:2d:67:
9f:77:60:be:83:e1:0b:f7:b2:bf:ba:73:54:c5:48:b2:b6:56:
5b:a1:15:53:90:7d:cd:69:5a:6c:eb:74:a0:20:71:4e:ea:77:
35:ae:6f:32:ad:b6:20:c0:ae:3f:2c:3e:f6:e6:11:67:53:90:
62:ec:31:04:80:f7:f8:3e:0c:a8:a1:6e:12:50:95:c4:6d:58:
2a:8a:be:df:47:2a:b9:48:d9:35:2d:22:59:f5:97:1b:c3:b1:
89:f9:6d:be:9f:aa:14:df:ef:bb:1e:71:9a:57:24:11:c8:6c:
9e:96:96:a4:d2:3e:22:ae:88:bf:7e:7a:fe:bc:5a:13:be:61:
a1:66:30:6a:72:9c:c0:ea:0c:37:6b:99:c0:29:14:0e:60:ac:
ce:01:f1:54:a6:74:1a:2b:30:64:9b:04:78:4c:a3:ed:9c:02:
47:74:21:f1:f5:16:e9:46:e9:ca:c9:9c:7e:54:93:5c:88:3a:
1e:3b:20:ce
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvNSLuBe4740NPAxZEWj5XxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjMxMTE0MTAwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzFkYTk3MTk2Zjk3YzAxNmFiMmI4NmQ5OTk1ZDE0NDFlYjA2NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjizYED2hrRTNMJkYXxa319/uluPO
3YsjP799GLbb/T8pDhVrCWihW6XhQa3cDZcwAlcONp6Z7DiIZ69d4S+KhHQlXFX3
fJH97mvWjwupr38mfBhkxPlu9nGQoNB0gj35ybC6mO/ne9l/F8Qo1Rw8asJCkgSg
9XKtlg/70RMJJABKU0W/UKtbiCfQvpwDIxnNOGXKdyipPepVfRa5Zy1o3Vl6VS1I
NxwrDUEfIem7e5nvOhVJ5cmlPXTA9JP3fUgHeUpheGc06rXiRsL1FgxB2PUa4P/x
6fb680J6pr8yfWui7F/OcYUJ6776pvEvyaxL0lB0Qe0G5vclYpIRDfqOEwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCcdqXGW+XwBarK4bZmV0UQesGUJMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvSngycGNaYjVmQUZxc3JodG1aWFJSQjZ3WlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwMCHxADAwJN
FAMDAFiGAwMCW0AwDQYJKoZIhvcNAQELBQADggEBAFN3PPkHGQF/ZOi0qwrgn2lJ
9xuvy7+kWFLkune5FRnQkwDetSgFg8ChIzRYaJNiRBJcMfRnq0JbfxlYLBbtPHQD
vG7yVfYtZ593YL6D4Qv3sr+6c1TFSLK2VluhFVOQfc1pWmzrdKAgcU7qdzWubzKt
tiDArj8sPvbmEWdTkGLsMQSA9/g+DKihbhJQlcRtWCqKvt9HKrlI2TUtIln1lxvD
sYn5bb6fqhTf77secZpXJBHIbJ6WlqTSPiKuiL9+ev68WhO+YaFmMGpynMDqDDdr
mcApFA5grM4B8VSmdBorMGSbBHhMo+2cAkd0IfH1FulG6crJnH5Uk1yIOh47IM4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net