Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/rXsfkPh63DyzYJUnAzunuofV0wc.roa
File: rXsfkPh63DyzYJUnAzunuofV0wc.roa (raw, json)
Hash identifier: 4HeWbKLRPdbZxgl8f53CUKtVYpBa+DJetGUYn/8P0Tk=
Subject key identifier: AD:7B:1F:90:F8:7A:DC:3C:B3:60:95:27:03:3B:A7:BA:87:D5:D3:07
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 018AF0776815DE08BA4B55478767BD7C9E24
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/rXsfkPh63DyzYJUnAzunuofV0wc.roa
Signing time: Mon 02 Oct 2023 12:57:51 +0000
ROA not before: Mon 02 Oct 2023 12:57:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 194.36.142.0/24 maxlen: 24
185.234.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:77:68:15:de:08:ba:4b:55:47:87:67:bd:7c:9e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Oct 2 12:57:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad7b1f90f87adc3cb3609527033ba7ba87d5d307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:de:70:17:44:37:b6:c5:0c:f7:0f:f1:ad:
57:b0:57:5d:4d:94:04:cc:e6:46:4a:e9:2c:b2:a9:
a1:b7:e5:21:ad:66:0a:15:0e:11:18:27:1f:ad:6a:
f9:17:27:3f:4b:38:2b:65:64:02:4c:c4:91:16:fb:
97:4a:fd:d9:7e:05:1e:82:ee:b8:55:85:3a:fc:03:
2a:d4:b0:24:4e:7b:73:f0:ad:2c:4d:83:cb:2f:61:
4c:37:a8:a2:b5:08:b7:1d:29:34:5a:9a:a8:14:e2:
55:00:08:67:98:8b:2c:2a:10:7d:af:e6:e1:f4:5f:
85:ef:75:f0:c1:d9:ef:8e:ff:7b:ab:6d:f7:f2:86:
d3:d0:c2:a1:75:a5:57:47:24:f9:b6:2c:94:f1:18:
e4:c3:56:c2:c6:98:66:04:b8:2d:18:ee:65:6b:2f:
ee:5e:fc:ac:ad:ad:ab:ed:5f:90:3b:1a:49:75:38:
ba:83:4c:21:ed:5f:83:a1:2e:fe:b4:fe:6b:6c:f7:
8e:36:2c:47:4f:cd:c5:ed:b5:13:ea:6d:33:f3:3a:
c1:07:fe:52:fe:21:99:72:d5:20:7b:e2:5f:47:fb:
5e:52:2b:b8:53:ca:9f:8f:ae:69:68:75:01:e0:57:
4e:42:5d:a1:6d:aa:27:07:0e:c3:ad:62:01:3f:86:
1a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:7B:1F:90:F8:7A:DC:3C:B3:60:95:27:03:3B:A7:BA:87:D5:D3:07
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/rXsfkPh63DyzYJUnAzunuofV0wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.131.0/24
194.36.142.0/24
Signature Algorithm: sha256WithRSAEncryption
36:76:6b:d9:f5:31:f0:1b:f0:ed:62:eb:d9:fa:cc:b0:f0:10:
db:c6:4c:b8:5a:cb:47:74:df:44:88:58:be:65:08:b2:9f:f7:
17:ec:40:da:2c:01:85:b0:bb:a7:45:93:e8:e3:a6:5d:85:42:
64:41:55:01:fd:6e:28:9d:c7:4b:7b:ef:d6:2f:0c:d9:f5:c8:
6d:f3:66:e0:37:d9:27:4d:63:df:55:3e:c3:31:ce:a4:3c:94:
46:91:32:3a:28:20:7c:2d:a4:21:d0:73:42:79:06:c7:92:93:
67:eb:4d:42:75:08:3c:50:5b:f9:c9:66:59:e2:72:ce:79:31:
6f:89:6b:99:b6:4a:51:8b:2f:5f:f8:90:3d:09:21:a7:f3:d5:
97:dc:85:6a:41:4a:e5:8e:63:ff:b6:84:3d:f1:64:75:87:53:
ed:17:68:f0:39:67:0b:6d:78:bc:6d:ac:de:80:21:68:91:7f:
1b:21:6d:5f:09:10:d5:03:ea:78:5b:b2:06:c2:c3:7a:35:3b:
9f:5d:da:47:41:6e:c9:cb:74:9b:37:06:2b:30:2b:6e:e4:a3:
ff:f6:06:fe:47:85:33:bb:f8:ca:40:17:75:e3:13:72:fb:67:
bf:e4:28:98:55:71:62:6c:4a:c5:08:0f:94:2c:5a:6c:76:f7:
e5:65:6f:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrwd2gV3gi6S1VHh2e9fJ4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjMxMDAyMTI1NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDdiMWY5MGY4N2FkYzNjYjM2MDk1MjcwMzNiYTdiYTg3ZDVkMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs47ecBdEN7bFDPcP8a1XsFddTZQE
zOZGSukssqmht+UhrWYKFQ4RGCcfrWr5Fyc/SzgrZWQCTMSRFvuXSv3ZfgUegu64
VYU6/AMq1LAkTntz8K0sTYPLL2FMN6iitQi3HSk0WpqoFOJVAAhnmIssKhB9r+bh
9F+F73Xwwdnvjv97q2338obT0MKhdaVXRyT5tiyU8Rjkw1bCxphmBLgtGO5lay/u
Xvysra2r7V+QOxpJdTi6g0wh7V+DoS7+tP5rbPeONixHT83F7bUT6m0z8zrBB/5S
/iGZctUge+JfR/teUiu4U8qfj65paHUB4FdOQl2hbaonBw7DrWIBP4YaDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK17H5D4etw8s2CVJwM7p7qH1dMHMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvclhzZmtQaDYzRHl6WUpVbkF6dW51b2ZWMHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueqDAwQA
wiSOMA0GCSqGSIb3DQEBCwUAA4IBAQA2dmvZ9THwG/DtYuvZ+syw8BDbxky4WstH
dN9EiFi+ZQiyn/cX7EDaLAGFsLunRZPo46ZdhUJkQVUB/W4oncdLe+/WLwzZ9cht
82bgN9knTWPfVT7DMc6kPJRGkTI6KCB8LaQh0HNCeQbHkpNn601CdQg8UFv5yWZZ
4nLOeTFviWuZtkpRiy9f+JA9CSGn89WX3IVqQUrljmP/toQ98WR1h1PtF2jwOWcL
bXi8bazegCFokX8bIW1fCRDVA+p4W7IGwsN6NTufXdpHQW7Jy3SbNwYrMCtu5KP/
9gb+R4Uzu/jKQBd14xNy+2e/5CiYVXFibErFCA+ULFpsdvflZW+H
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:28 2024 by rpki-client on console.sobornost.net