Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/3foqnpJim4CQR_C-t6SCBRpP4vE.roa
File: 3foqnpJim4CQR_C-t6SCBRpP4vE.roa (raw, json)
Hash identifier: TUg9vS0YPVZ/etBYUGuiuovT+aChaBy2Pfx/H0QJh2w=
Subject key identifier: DD:FA:2A:9E:92:62:9B:80:90:47:F0:BE:B7:A4:82:05:1A:4F:E2:F1
Certificate issuer: /CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Certificate serial: 018C12FDA41C205AAD92EAA3B91D04BA5FE2
Authority key identifier: 34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/3foqnpJim4CQR_C-t6SCBRpP4vE.roa
Signing time: Mon 27 Nov 2023 22:54:21 +0000
ROA not before: Mon 27 Nov 2023 22:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 931
IP address blocks: 5.252.164.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:fd:a4:1c:20:5a:ad:92:ea:a3:b9:1d:04:ba:5f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Validity
Not Before: Nov 27 22:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddfa2a9e92629b809047f0beb7a482051a4fe2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b7:14:04:68:a9:8a:30:47:3a:79:2f:8a:72:
f1:95:b9:9d:eb:84:f8:a3:8a:bf:a1:87:84:f4:92:
10:dc:56:2f:fe:2c:73:f0:51:00:5f:65:6d:b7:04:
cb:35:76:a6:17:7d:c0:4e:a7:e2:a9:4e:84:ff:07:
70:90:85:b5:c8:b8:4c:47:45:dd:4e:18:f6:20:85:
3e:61:ab:1c:f9:41:71:ae:1f:4c:6f:57:b2:24:cf:
b9:8e:f6:2c:2c:7d:a7:96:80:cb:aa:0e:4e:da:b4:
21:78:29:45:2e:96:0b:13:b3:2b:b7:a8:51:22:b2:
8e:8d:46:73:85:f6:5f:69:71:73:ae:6b:4d:7e:ad:
3a:67:2e:90:5d:2c:27:d8:12:48:10:0c:3c:a6:33:
5d:6f:f4:d1:3d:c2:3e:df:8d:7c:fc:79:16:ab:c4:
4f:ae:8e:0b:a6:1f:1d:82:a4:15:25:21:43:66:ef:
59:36:cb:95:5f:e7:40:64:f4:8e:70:d6:84:5e:89:
9d:a2:2f:8c:12:58:4a:21:84:c3:34:51:ee:20:7e:
de:0e:fb:11:5a:84:a5:ec:1e:02:31:18:a5:28:26:
40:13:94:b4:04:98:0d:98:c4:98:97:4e:50:ba:34:
b8:3a:5b:4a:40:f8:1f:a7:f0:c7:2e:ee:d7:e1:07:
e6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FA:2A:9E:92:62:9B:80:90:47:F0:BE:B7:A4:82:05:1A:4F:E2:F1
X509v3 Authority Key Identifier:
keyid:34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/3foqnpJim4CQR_C-t6SCBRpP4vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/24
5.252.166.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:3e:d3:7a:87:94:ef:53:68:83:9b:27:b8:c9:2d:3a:95:0c:
29:eb:27:78:bc:97:5e:fb:a9:72:b8:5f:6b:3f:2f:bd:26:4b:
88:7c:74:c0:cd:8b:de:0e:5c:12:f4:70:b4:92:40:d2:cf:8b:
cf:24:ba:df:d5:4b:a2:52:e4:a9:04:95:95:1d:17:18:eb:e4:
86:4a:a8:a2:c7:2c:11:bc:be:8a:9d:cf:3a:ab:19:0e:68:8c:
bf:1f:70:22:08:ae:6e:7f:0a:00:5d:0b:d5:ec:af:10:c1:a1:
12:ba:ac:53:7a:08:5a:aa:27:20:3d:ce:43:64:77:b2:c3:e2:
47:14:8b:45:43:92:b3:39:40:7d:24:37:6c:3d:6c:3b:53:05:
30:1c:ac:25:21:f3:09:53:61:f1:8f:87:2c:1c:5a:1f:d6:ba:
ef:de:9f:7d:13:9b:e2:14:7a:8e:88:34:d3:a3:68:ac:4f:f6:
34:5c:52:9d:e8:c8:40:7f:4c:f1:dd:cd:84:ac:e2:0c:40:15:
7b:05:d1:33:b5:92:27:d5:99:e7:0a:81:c8:a6:1a:9a:68:93:
de:ba:18:26:1e:69:34:77:3e:c0:f1:d8:47:89:45:10:13:80:
67:72:89:07:66:10:43:8e:2f:53:01:6d:ab:ed:05:10:1b:51:
fe:f2:df:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwS/aQcIFqtkuqjuR0Eul/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZkMmM0MzljY2JjYjc4YTgyZDVjYjJiNGMzZmY2ZTk5
MzRiOTYwHhcNMjMxMTI3MjI1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZhMmE5ZTkyNjI5YjgwOTA0N2YwYmViN2E0ODIwNTFhNGZlMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bcUBGipijBHOnkvinLxlbmd64T4
o4q/oYeE9JIQ3FYv/ixz8FEAX2VttwTLNXamF33ATqfiqU6E/wdwkIW1yLhMR0Xd
Thj2IIU+Yasc+UFxrh9Mb1eyJM+5jvYsLH2nloDLqg5O2rQheClFLpYLE7Mrt6hR
IrKOjUZzhfZfaXFzrmtNfq06Zy6QXSwn2BJIEAw8pjNdb/TRPcI+3418/HkWq8RP
ro4Lph8dgqQVJSFDZu9ZNsuVX+dAZPSOcNaEXomdoi+MElhKIYTDNFHuIH7eDvsR
WoSl7B4CMRilKCZAE5S0BJgNmMSYl05QujS4OltKQPgfp/DHLu7X4QfmlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN36Kp6SYpuAkEfwvrekggUaT+LxMB8GA1UdIwQY
MBaAFDQG0sQ5zLy3ioLVyytMP/bpk0uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAt
N2I4ODBjMDYzMzY3LzEvM2ZvcW5wSmltNENRUl9DLXQ2U0NCUnBQNHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAtN2I4ODBjMDYzMzY3
LzEvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfykAwQA
BfymMA0GCSqGSIb3DQEBCwUAA4IBAQC7PtN6h5TvU2iDmye4yS06lQwp6yd4vJde
+6lyuF9rPy+9JkuIfHTAzYveDlwS9HC0kkDSz4vPJLrf1UuiUuSpBJWVHRcY6+SG
SqiixywRvL6Knc86qxkOaIy/H3AiCK5ufwoAXQvV7K8QwaESuqxTeghaqicgPc5D
ZHeyw+JHFItFQ5KzOUB9JDdsPWw7UwUwHKwlIfMJU2Hxj4csHFof1rrv3p99E5vi
FHqOiDTTo2isT/Y0XFKd6MhAf0zx3c2ErOIMQBV7BdEztZIn1ZnnCoHIphqaaJPe
uhgmHmk0dz7A8dhHiUUQE4BncokHZhBDji9TAW2r7QUQG1H+8t9U
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:44 2024 by rpki-client on console.sobornost.net