Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/kwbCV9YeENdPiVuaO7laa2ynJDk.roa
File: kwbCV9YeENdPiVuaO7laa2ynJDk.roa (raw, json)
Hash identifier: y4U5dcTVgoxp7W6k7h9dWbIqaCebEVxuAK+qE78MT4M=
Subject key identifier: 93:06:C2:57:D6:1E:10:D7:4F:89:5B:9A:3B:B9:5A:6B:6C:A7:24:39
Certificate issuer: /CN=4304d868b0b9d1d43678eb467ae7c3fa3bffe2f8
Certificate serial: 01856FD523380316F6368C9EE8552B011341
Authority key identifier: 43:04:D8:68:B0:B9:D1:D4:36:78:EB:46:7A:E7:C3:FA:3B:FF:E2:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwTYaLC50dQ2eOtGeufD-jv_4vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/kwbCV9YeENdPiVuaO7laa2ynJDk.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39842
IP address blocks: 185.35.224.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:23:38:03:16:f6:36:8c:9e:e8:55:2b:01:13:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4304d868b0b9d1d43678eb467ae7c3fa3bffe2f8
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9306c257d61e10d74f895b9a3bb95a6b6ca72439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:93:ee:1a:7e:59:3a:a4:4d:96:03:3f:68:
2a:7a:2a:f2:c5:57:c0:19:ba:dc:72:13:b5:79:d5:
20:59:2a:37:83:42:4c:66:8c:e2:d1:21:47:87:e3:
6e:9e:3b:82:b0:91:85:c3:4c:fb:7f:71:af:62:30:
c7:aa:95:ec:94:e9:84:f5:0b:b9:00:23:35:22:83:
42:83:d5:28:06:a5:db:50:4d:96:c5:9f:a4:e5:c4:
0c:20:48:e2:f1:30:8e:ed:c8:ec:5c:d5:e8:99:96:
88:76:a1:27:14:f2:1e:6c:8c:73:e1:3b:70:87:6d:
d1:3c:1d:81:d4:d6:ab:62:02:20:f3:62:7e:23:f2:
6b:73:20:b0:ba:90:b6:3b:4b:8a:66:fa:bb:09:87:
2e:65:50:51:a7:b0:b9:dc:b5:1b:88:15:aa:11:ab:
01:3b:90:7d:9b:f5:92:a4:b4:da:e0:3b:c1:92:82:
19:e4:da:79:2c:76:54:13:7e:7c:ac:94:0c:64:cc:
22:f7:9f:39:71:46:a3:94:06:fd:6d:f5:04:68:f5:
02:55:dd:2f:6e:7c:68:99:8b:b3:e5:d7:d2:18:04:
9a:09:11:27:eb:f3:40:2a:2d:34:37:df:d6:b0:91:
20:45:9a:15:d4:29:aa:88:1d:79:00:d3:10:03:52:
e8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:06:C2:57:D6:1E:10:D7:4F:89:5B:9A:3B:B9:5A:6B:6C:A7:24:39
X509v3 Authority Key Identifier:
keyid:43:04:D8:68:B0:B9:D1:D4:36:78:EB:46:7A:E7:C3:FA:3B:FF:E2:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwTYaLC50dQ2eOtGeufD-jv_4vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/kwbCV9YeENdPiVuaO7laa2ynJDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/QwTYaLC50dQ2eOtGeufD-jv_4vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.224.0/22
Signature Algorithm: sha256WithRSAEncryption
46:4a:e6:78:14:bb:3d:a6:e0:f3:83:7d:06:64:bb:59:ac:24:
16:40:a0:8d:8d:61:05:16:0a:1e:00:ef:eb:d9:af:3f:72:76:
ee:aa:13:11:58:f8:83:8d:dd:ea:5e:3d:d8:8f:c0:78:48:40:
5e:ce:bd:4c:51:25:4f:31:40:da:73:51:4f:58:71:70:e4:bb:
77:25:65:ba:11:2b:a6:70:ce:5f:a3:a6:01:c4:a5:73:53:0f:
17:c7:29:3e:45:7f:8e:20:cf:74:06:af:c4:7d:d6:7b:62:d7:
d5:41:4e:d1:a5:43:5e:a3:5c:07:b8:09:ed:df:e5:96:68:3b:
37:21:91:94:e4:b4:1e:18:fb:91:64:9e:f2:9b:71:87:55:3c:
0e:64:52:0b:51:1e:0e:0f:0d:92:49:17:f8:76:24:a8:c4:9f:
3f:c2:5f:de:90:5f:ff:fe:cb:cf:b7:ba:75:64:87:20:73:de:
09:e9:37:80:16:c2:d5:a1:15:91:1e:73:03:cc:65:8d:e1:76:
b9:4f:1c:d4:99:f2:80:9b:9b:25:d7:56:2c:bf:a5:4b:2a:36:
85:ae:82:5c:1e:a7:1b:95:ee:2b:57:4c:07:83:33:c5:6b:ae:
0d:4f:e6:93:3d:46:bb:6c:90:ea:e6:90:62:4e:92:ed:96:50:
9f:36:a8:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1SM4Axb2Noye6FUrARNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDRkODY4YjBiOWQxZDQzNjc4ZWI0NjdhZTdjM2ZhM2Jm
ZmUyZjgwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA2YzI1N2Q2MWUxMGQ3NGY4OTViOWEzYmI5NWE2YjZjYTcyNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozyT7hp+WTqkTZYDP2gqeiryxVfA
GbrcchO1edUgWSo3g0JMZozi0SFHh+NunjuCsJGFw0z7f3GvYjDHqpXslOmE9Qu5
ACM1IoNCg9UoBqXbUE2WxZ+k5cQMIEji8TCO7cjsXNXomZaIdqEnFPIebIxz4Ttw
h23RPB2B1NarYgIg82J+I/JrcyCwupC2O0uKZvq7CYcuZVBRp7C53LUbiBWqEasB
O5B9m/WSpLTa4DvBkoIZ5Np5LHZUE358rJQMZMwi9585cUajlAb9bfUEaPUCVd0v
bnxomYuz5dfSGASaCREn6/NAKi00N9/WsJEgRZoV1CmqiB15ANMQA1LoJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMGwlfWHhDXT4lbmju5WmtspyQ5MB8GA1UdIwQY
MBaAFEME2GiwudHUNnjrRnrnw/o7/+L4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdUWWFMQzUwZFEyZU90R2V1ZkQtanZfNHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mYmRlMjktYjk0Ni00M2YzLWI4NDct
MWEyMGNkZDU2MGMyLzEva3diQ1Y5WWVFTmRQaVZ1YU83bGFhMnluSkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mYmRlMjktYjk0Ni00M2YzLWI4NDctMWEyMGNkZDU2MGMy
LzEvUXdUWWFMQzUwZFEyZU90R2V1ZkQtanZfNHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBGSuZ4FLs9puDzg30GZLtZrCQWQKCNjWEFFgoeAO/r
2a8/cnbuqhMRWPiDjd3qXj3Yj8B4SEBezr1MUSVPMUDac1FPWHFw5Lt3JWW6ESum
cM5fo6YBxKVzUw8Xxyk+RX+OIM90Bq/EfdZ7YtfVQU7RpUNeo1wHuAnt3+WWaDs3
IZGU5LQeGPuRZJ7ym3GHVTwOZFILUR4ODw2SSRf4diSoxJ8/wl/ekF///svPt7p1
ZIcgc94J6TeAFsLVoRWRHnMDzGWN4Xa5TxzUmfKAm5sl11Ysv6VLKjaFroJcHqcb
le4rV0wHgzPFa64NT+aTPUa7bJDq5pBiTpLtllCfNqh0
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:48 2024 by rpki-client on console.sobornost.net