Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/htdM1v8BJm1b6OcdcgxSK0CJGTg.roa
File: htdM1v8BJm1b6OcdcgxSK0CJGTg.roa (raw, json)
Hash identifier: xakSkRPEsbm+SM/UNnuFyV5GkvW0EbzctnQ8dw17MaM=
Subject key identifier: 86:D7:4C:D6:FF:01:26:6D:5B:E8:E7:1D:72:0C:52:2B:40:89:19:38
Certificate issuer: /CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Certificate serial: 0185727A2C7EDED51549A432D48089CB8F58
Authority key identifier: 67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/htdM1v8BJm1b6OcdcgxSK0CJGTg.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25252
IP address blocks: 170.102.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2c:7e:de:d5:15:49:a4:32:d4:80:89:cb:8f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86d74cd6ff01266d5be8e71d720c522b40891938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:c7:8b:01:b1:38:76:92:91:97:01:7d:fd:
ae:ac:1a:8b:6a:c5:80:75:13:9f:58:fa:38:42:04:
3d:47:00:98:db:55:f0:e1:50:de:79:28:2c:dd:f1:
64:b4:73:13:a0:96:30:6a:ea:85:d6:59:f7:4a:be:
73:ed:25:f5:71:f4:02:41:d8:8b:87:cf:68:37:7b:
78:eb:75:4b:40:81:34:d7:47:77:11:f6:37:e9:a6:
6f:f2:bb:54:28:8a:5d:e1:93:d1:9f:bd:9f:74:c6:
ac:65:40:67:71:41:15:ca:53:7f:88:25:65:5a:f6:
e9:6e:8d:12:d6:01:64:ea:6a:20:7e:4d:dd:78:cb:
bc:71:1c:c3:e3:8d:a3:1d:33:5b:87:3b:00:07:52:
f8:ad:62:5a:9a:bf:d1:ad:bc:4e:43:5a:7a:5e:bc:
af:9e:ff:d7:f6:68:8f:91:7e:a9:de:ac:a7:d7:cb:
38:3e:6a:94:69:07:ae:a4:15:42:00:2d:85:95:36:
27:12:09:23:0d:e0:b6:dc:b6:28:f2:6b:2f:4a:06:
a4:0f:76:78:5d:62:df:34:36:bc:1a:cc:b1:89:74:
9c:ff:b9:3f:ad:cf:1a:37:40:70:c7:25:c0:ee:72:
76:05:8b:30:65:5e:4d:18:8d:fb:e7:14:54:50:be:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:4C:D6:FF:01:26:6D:5B:E8:E7:1D:72:0C:52:2B:40:89:19:38
X509v3 Authority Key Identifier:
keyid:67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/htdM1v8BJm1b6OcdcgxSK0CJGTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zzs6cc93J1Wj34ztXXNRb4ccChE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.102.196.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:9c:8b:9e:cb:d4:6f:74:da:5b:02:7a:39:4f:79:33:f6:2a:
94:f3:cc:7c:7a:94:c8:c2:fb:79:c5:a7:a5:d5:ac:25:c6:8c:
f6:35:b0:20:4f:94:78:c1:c6:5e:9d:70:51:bc:b0:49:63:60:
45:e1:59:7a:7b:00:3d:2f:11:e7:c9:b7:dd:35:b4:39:8a:af:
0d:cc:4a:b5:38:4c:d4:32:ff:48:fc:0b:d0:2f:32:f3:ec:b5:
5f:a9:07:06:90:50:3d:9b:c9:68:24:81:cc:24:57:f5:8a:77:
af:2d:57:19:c9:da:55:ef:89:60:43:1e:21:9b:0b:4f:06:76:
b4:7a:ec:c2:30:23:6a:71:d4:60:65:9d:a1:c6:a5:e4:1c:8c:
93:93:6e:45:62:3f:3f:63:f7:0f:e8:93:c3:64:6b:22:16:70:
56:66:5f:8b:dd:2a:96:6d:0f:f1:ec:35:06:76:f6:13:d7:39:
06:11:af:33:8c:f0:58:82:04:6e:7f:5e:3d:74:a6:46:0f:17:
e2:2d:b0:17:9f:fb:bb:9a:db:85:c0:2e:d3:71:0a:a1:c5:bc:
8c:94:57:21:da:04:b1:fd:15:13:36:1e:af:eb:19:c9:92:a1:
4f:47:55:6d:f4:46:34:49:0f:0d:8d:c1:88:f9:f5:c0:63:16:
55:30:04:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeix+3tUVSaQy1ICJy49YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3M2IzYTcxY2Y3NzI3NTVhM2RmOGNlZDVkNzM1MTZmODcx
YzBhMTEwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ3NGNkNmZmMDEyNjZkNWJlOGU3MWQ3MjBjNTIyYjQwODkxOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh7HiwGxOHaSkZcBff2urBqLasWA
dROfWPo4QgQ9RwCY21Xw4VDeeSgs3fFktHMToJYwauqF1ln3Sr5z7SX1cfQCQdiL
h89oN3t463VLQIE010d3EfY36aZv8rtUKIpd4ZPRn72fdMasZUBncUEVylN/iCVl
Wvbpbo0S1gFk6mogfk3deMu8cRzD442jHTNbhzsAB1L4rWJamr/RrbxOQ1p6Xryv
nv/X9miPkX6p3qyn18s4PmqUaQeupBVCAC2FlTYnEgkjDeC23LYo8msvSgakD3Z4
XWLfNDa8GsyxiXSc/7k/rc8aN0BwxyXA7nJ2BYswZV5NGI375xRUUL4trwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbXTNb/ASZtW+jnHXIMUitAiRk4MB8GA1UdIwQY
MBaAFGc7OnHPdydVo9+M7V1zUW+HHAoRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEt
NmZlMWYyOTRlNjI3LzEvaHRkTTF2OEJKbTFiNk9jZGNneFNLMENKR1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jOTQ4NTUtNWIxYS00Zjk2LWI3YTEtNmZlMWYyOTRlNjI3
LzEvWnpzNmNjOTNKMVdqMzR6dFhYTlJiNGNjQ2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqmbEMA0G
CSqGSIb3DQEBCwUAA4IBAQCpnIuey9RvdNpbAno5T3kz9iqU88x8epTIwvt5xael
1awlxoz2NbAgT5R4wcZenXBRvLBJY2BF4Vl6ewA9LxHnybfdNbQ5iq8NzEq1OEzU
Mv9I/AvQLzLz7LVfqQcGkFA9m8loJIHMJFf1inevLVcZydpV74lgQx4hmwtPBna0
euzCMCNqcdRgZZ2hxqXkHIyTk25FYj8/Y/cP6JPDZGsiFnBWZl+L3SqWbQ/x7DUG
dvYT1zkGEa8zjPBYggRuf149dKZGDxfiLbAXn/u7mtuFwC7TcQqhxbyMlFch2gSx
/RUTNh6v6xnJkqFPR1Vt9EY0SQ8NjcGI+fXAYxZVMATA
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:23 2024 by rpki-client on console.sobornost.net