Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/NcqIvINgkIlGNPjuatImdFqb2cM.roa
File: NcqIvINgkIlGNPjuatImdFqb2cM.roa (raw, json)
Hash identifier: yp2WPm8x1dkMKxfi53TqUqd+PYbM6xA+FL8yAQoukFQ=
Subject key identifier: 35:CA:88:BC:83:60:90:89:46:34:F8:EE:6A:D2:26:74:5A:9B:D9:C3
Certificate issuer: /CN=70f78b681b6617fed70ce867fb9a8c6f25cfda55
Certificate serial: 018B00289E910E6ACF3585FAF5F7978FECBD
Authority key identifier: 70:F7:8B:68:1B:66:17:FE:D7:0C:E8:67:FB:9A:8C:6F:25:CF:DA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPeLaBtmF_7XDOhn-5qMbyXP2lU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/NcqIvINgkIlGNPjuatImdFqb2cM.roa
Signing time: Thu 05 Oct 2023 14:05:43 +0000
ROA not before: Thu 05 Oct 2023 14:05:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49890
IP address blocks: 95.140.240.0/20 maxlen: 24
2a0c:aac0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:28:9e:91:0e:6a:cf:35:85:fa:f5:f7:97:8f:ec:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f78b681b6617fed70ce867fb9a8c6f25cfda55
Validity
Not Before: Oct 5 14:05:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35ca88bc836090894634f8ee6ad226745a9bd9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bf:cd:58:e7:37:80:d6:b5:3f:e0:78:e3:61:
22:6a:ac:d8:7b:ba:bf:c2:3a:5e:30:21:0b:13:c9:
78:b8:d8:11:29:aa:06:77:bb:19:62:1c:34:02:3e:
83:a6:0a:e9:ac:c0:08:2d:6c:3a:fd:5f:77:d7:f6:
43:9d:d4:4e:1a:ce:dd:02:c8:c0:b0:7a:01:6e:b1:
c1:93:25:ba:8a:77:ea:73:5a:44:f3:4a:ae:8d:f9:
1e:5a:3c:37:d8:c4:87:4e:81:f4:d3:c1:5a:be:9a:
f0:c7:e5:dd:1f:c0:cb:e1:fd:f1:21:f9:24:f4:f5:
35:b1:eb:7f:8b:7b:98:fb:d6:cf:b3:7a:0e:7e:23:
80:33:80:ec:7f:e8:bf:87:2a:e4:0a:38:29:da:cc:
83:05:af:c2:e4:a4:e6:f8:8c:7a:a1:74:24:c9:4b:
37:f1:c1:86:f7:4f:6b:e8:6e:c1:d9:82:fd:50:91:
6d:e4:ee:43:8e:c1:a4:ca:38:fb:a6:65:06:4b:43:
ed:89:49:40:ce:a4:ea:7e:2b:3f:0c:16:38:5b:bd:
a1:6d:4b:b2:57:37:57:86:e4:9e:ee:66:c2:9a:17:
13:de:a1:96:ce:4d:e2:66:69:b1:08:7b:3b:f8:97:
31:61:f9:4c:8f:0b:dc:fa:a0:5d:e2:52:11:a7:42:
52:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CA:88:BC:83:60:90:89:46:34:F8:EE:6A:D2:26:74:5A:9B:D9:C3
X509v3 Authority Key Identifier:
keyid:70:F7:8B:68:1B:66:17:FE:D7:0C:E8:67:FB:9A:8C:6F:25:CF:DA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPeLaBtmF_7XDOhn-5qMbyXP2lU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/NcqIvINgkIlGNPjuatImdFqb2cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/56ae15-1ca5-4d69-9a3a-837b10c2c636/1/cPeLaBtmF_7XDOhn-5qMbyXP2lU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.240.0/20
IPv6:
2a0c:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
75:d9:a7:9a:38:fb:c9:8f:1a:68:8c:95:dc:22:cd:9c:95:ec:
92:f8:7d:af:85:a4:b4:e2:44:ee:23:74:f4:60:43:b3:a2:56:
55:ed:32:bf:cc:19:cf:82:b1:de:22:f9:90:ba:d1:7b:ab:5d:
98:55:12:7b:98:25:ce:2e:d4:d4:12:50:f2:03:98:dc:a8:b2:
d9:3c:af:b4:7d:92:6b:c6:2f:67:e6:0a:4c:24:61:50:9c:5e:
94:57:f8:c3:dd:65:19:27:49:7c:d5:ee:bb:b9:39:50:34:a4:
9a:8d:9c:52:87:18:8b:4c:34:58:b2:fe:51:41:18:3c:55:13:
c9:b0:1b:70:c5:6a:10:74:d0:b0:7e:fe:b7:9b:6d:7f:56:76:
19:28:9b:5b:47:b8:bb:81:f5:08:ef:69:6e:38:f5:47:5a:02:
94:c8:ca:21:40:b3:83:88:b1:1f:09:bb:10:9b:01:c5:35:1e:
bd:22:e0:da:38:87:b2:b9:55:da:7a:3f:f2:0a:47:cd:94:3d:
3d:b9:90:42:c9:dc:51:15:3d:2c:a9:33:f2:6c:23:cb:ae:d3:
a3:86:c0:27:5d:40:70:8b:e9:71:f9:c7:6a:69:2c:9f:c3:f4:
ba:96:1e:18:bb:2b:eb:75:5c:6f:94:59:d8:af:7e:5b:ed:32:
c1:dc:67:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsAKJ6RDmrPNYX69feXj+y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjc4YjY4MWI2NjE3ZmVkNzBjZTg2N2ZiOWE4YzZmMjVj
ZmRhNTUwHhcNMjMxMDA1MTQwNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWNhODhiYzgzNjA5MDg5NDYzNGY4ZWU2YWQyMjY3NDVhOWJkOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL/NWOc3gNa1P+B442EiaqzYe7q/
wjpeMCELE8l4uNgRKaoGd7sZYhw0Aj6DpgrprMAILWw6/V931/ZDndROGs7dAsjA
sHoBbrHBkyW6infqc1pE80qujfkeWjw32MSHToH008Favprwx+XdH8DL4f3xIfkk
9PU1set/i3uY+9bPs3oOfiOAM4Dsf+i/hyrkCjgp2syDBa/C5KTm+Ix6oXQkyUs3
8cGG909r6G7B2YL9UJFt5O5DjsGkyjj7pmUGS0PtiUlAzqTqfis/DBY4W72hbUuy
VzdXhuSe7mbCmhcT3qGWzk3iZmmxCHs7+JcxYflMjwvc+qBd4lIRp0JSKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDXKiLyDYJCJRjT47mrSJnRam9nDMB8GA1UdIwQY
MBaAFHD3i2gbZhf+1wzoZ/uajG8lz9pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BlTGFCdG1GXzdYRE9obi01cU1ieVhQMmxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NmFlMTUtMWNhNS00ZDY5LTlhM2Et
ODM3YjEwYzJjNjM2LzEvTmNxSXZJTmdrSWxHTlBqdWF0SW1kRnFiMmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NmFlMTUtMWNhNS00ZDY5LTlhM2EtODM3YjEwYzJjNjM2
LzEvY1BlTGFCdG1GXzdYRE9obi01cU1ieVhQMmxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEX4zwMA0E
AgACMAcDBQMqDKrAMA0GCSqGSIb3DQEBCwUAA4IBAQB12aeaOPvJjxpojJXcIs2c
leyS+H2vhaS04kTuI3T0YEOzolZV7TK/zBnPgrHeIvmQutF7q12YVRJ7mCXOLtTU
ElDyA5jcqLLZPK+0fZJrxi9n5gpMJGFQnF6UV/jD3WUZJ0l81e67uTlQNKSajZxS
hxiLTDRYsv5RQRg8VRPJsBtwxWoQdNCwfv63m21/VnYZKJtbR7i7gfUI72luOPVH
WgKUyMohQLODiLEfCbsQmwHFNR69IuDaOIeyuVXaej/yCkfNlD09uZBCydxRFT0s
qTPybCPLrtOjhsAnXUBwi+lx+cdqaSyfw/S6lh4YuyvrdVxvlFnYr35b7TLB3Gdf
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:13 2024 by rpki-client on console.sobornost.net