Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/YITfvX8iKEZMk-kJnZzOh5eAqcw.roa
File: YITfvX8iKEZMk-kJnZzOh5eAqcw.roa (raw, json)
Hash identifier: 9U8g3ZNE0MQwxWEtlpgfsIpoyXmrEQYCPbb6YFKCFcU=
Subject key identifier: 60:84:DF:BD:7F:22:28:46:4C:93:E9:09:9D:9C:CE:87:97:80:A9:CC
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 01857002815654BDFAE3A1442180E60C6A78
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/YITfvX8iKEZMk-kJnZzOh5eAqcw.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50939
IP address blocks: 194.36.140.0/24 maxlen: 24
194.36.140.0/23 maxlen: 23
194.36.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:81:56:54:bd:fa:e3:a1:44:21:80:e6:0c:6a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6084dfbd7f2228464c93e9099d9cce879780a9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0b:60:db:33:92:f6:81:25:71:4a:d5:87:46:
eb:c0:75:4d:47:16:27:ae:2e:58:56:f3:fc:52:c8:
7e:77:71:ef:71:91:1c:e0:00:af:eb:da:72:78:f6:
e3:ee:d6:5f:01:f7:29:db:8a:db:51:24:9c:53:0e:
c5:4c:24:95:89:48:61:0c:a5:47:bf:72:67:36:21:
d3:7c:5b:f2:65:5d:d6:83:0b:27:eb:c0:02:3f:c3:
58:cc:1d:b7:0b:9e:98:86:f8:65:23:ed:f6:0c:43:
da:d3:41:77:29:e5:df:4d:ce:e8:b7:ac:21:e7:c5:
ce:af:9c:6e:da:e8:ae:e6:00:aa:08:87:9e:00:88:
af:5d:ab:f5:06:aa:a8:b2:60:29:2d:bd:e6:db:7b:
04:f8:a9:9c:8e:1b:5b:87:34:5c:5f:05:44:d4:14:
74:e8:ec:36:82:09:8d:38:1c:2b:64:d7:31:94:f8:
d1:bd:ba:45:02:5a:97:00:f2:5d:e3:6c:f7:fd:ca:
c7:84:96:92:d1:2e:61:55:90:33:d0:6e:e8:48:b0:
41:c7:15:6b:28:2f:ff:6d:02:3e:02:db:54:84:e8:
8a:82:7a:ca:35:6d:fb:69:4c:80:33:cd:61:a7:22:
a5:d8:8a:49:68:8d:50:71:e1:4f:2a:cc:fc:53:78:
66:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:84:DF:BD:7F:22:28:46:4C:93:E9:09:9D:9C:CE:87:97:80:A9:CC
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/YITfvX8iKEZMk-kJnZzOh5eAqcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.140.0/23
Signature Algorithm: sha256WithRSAEncryption
65:23:02:7d:76:fa:ca:fb:fb:76:88:fd:ca:60:1d:41:82:36:
80:be:9f:1d:7b:ae:bb:e8:bc:14:a2:ef:54:63:38:e4:67:cc:
dc:aa:75:6f:7f:c3:45:c9:54:ba:c9:48:63:a5:4b:a5:e6:c5:
19:98:15:02:32:c5:fd:4d:27:5c:6d:22:3e:99:f2:21:c8:44:
60:c0:26:d2:f4:c8:58:f8:2e:8f:46:e3:6f:07:f8:a4:17:9a:
00:b9:2e:b2:0d:eb:4f:34:b6:dd:b1:46:11:3c:c6:8d:a3:fb:
fe:77:de:b9:79:fe:b8:aa:e8:01:8d:e8:eb:d6:e5:52:4e:fb:
ee:d2:95:b0:f1:c1:3b:3e:c0:98:7f:e2:0c:f8:a3:29:c6:86:
a4:e9:27:61:ae:e7:4b:82:35:a0:02:a0:c7:20:a5:c0:23:2c:
47:ae:f9:cf:1e:0f:96:89:f7:db:34:20:94:dd:83:c8:53:bd:
92:f9:d9:3c:f2:85:72:ab:13:cb:99:0f:5c:51:66:73:03:a3:
80:9a:8c:67:06:15:61:6a:50:84:25:a9:c5:70:91:1f:cb:e7:
91:92:3b:86:82:37:1a:ed:39:1b:c5:d5:e7:65:9e:f9:76:4a:
3f:5f:a8:e7:7e:6f:0e:02:3b:90:10:ac:3a:6f:15:25:09:a4:
61:b4:34:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoFWVL3646FEIYDmDGp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg0ZGZiZDdmMjIyODQ2NGM5M2U5MDk5ZDljY2U4Nzk3ODBhOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQtg2zOS9oElcUrVh0brwHVNRxYn
ri5YVvP8Ush+d3HvcZEc4ACv69pyePbj7tZfAfcp24rbUSScUw7FTCSViUhhDKVH
v3JnNiHTfFvyZV3Wgwsn68ACP8NYzB23C56YhvhlI+32DEPa00F3KeXfTc7ot6wh
58XOr5xu2uiu5gCqCIeeAIivXav1BqqosmApLb3m23sE+KmcjhtbhzRcXwVE1BR0
6Ow2ggmNOBwrZNcxlPjRvbpFAlqXAPJd42z3/crHhJaS0S5hVZAz0G7oSLBBxxVr
KC//bQI+AttUhOiKgnrKNW37aUyAM81hpyKl2IpJaI1QceFPKsz8U3hmMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCE371/IihGTJPpCZ2czoeXgKnMMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvWUlUZnZYOGlLRVpNay1rSm5aek9oNWVBcWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiSMMA0G
CSqGSIb3DQEBCwUAA4IBAQBlIwJ9dvrK+/t2iP3KYB1BgjaAvp8de6676LwUou9U
YzjkZ8zcqnVvf8NFyVS6yUhjpUul5sUZmBUCMsX9TSdcbSI+mfIhyERgwCbS9MhY
+C6PRuNvB/ikF5oAuS6yDetPNLbdsUYRPMaNo/v+d965ef64qugBjejr1uVSTvvu
0pWw8cE7PsCYf+IM+KMpxoak6SdhrudLgjWgAqDHIKXAIyxHrvnPHg+WiffbNCCU
3YPIU72S+dk88oVyqxPLmQ9cUWZzA6OAmoxnBhVhalCEJanFcJEfy+eRkjuGgjca
7TkbxdXnZZ75dko/X6jnfm8OAjuQEKw6bxUlCaRhtDSO
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:28 2024 by rpki-client on console.sobornost.net