Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/bSfuYeKnWY4hvHnRAT077OQzf3U.roa
File: bSfuYeKnWY4hvHnRAT077OQzf3U.roa (raw, json)
Hash identifier: nSmEDzdIbYmINvAMnF49Xh8uV2FUU6A5F56FGTHl3mw=
Subject key identifier: 6D:27:EE:61:E2:A7:59:8E:21:BC:79:D1:01:3D:3B:EC:E4:33:7F:75
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 018C33A8113FAD6B8D3832A2C3DD11EF51ED
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/bSfuYeKnWY4hvHnRAT077OQzf3U.roa
Signing time: Mon 04 Dec 2023 07:08:21 +0000
ROA not before: Mon 04 Dec 2023 07:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204316
IP address blocks: 194.145.115.0/24 maxlen: 24
2a12:dc40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:33:a8:11:3f:ad:6b:8d:38:32:a2:c3:dd:11:ef:51:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Dec 4 07:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d27ee61e2a7598e21bc79d1013d3bece4337f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:88:c8:24:11:9c:2e:5f:23:ce:31:0f:83:
54:4b:6e:57:87:9c:65:06:1a:f3:de:7a:fc:19:0f:
a6:60:73:4d:5c:1e:3b:2c:f4:8c:35:d7:6c:ef:84:
44:9d:83:b0:0a:54:56:15:83:6e:69:99:47:43:6f:
8e:13:1b:e7:24:47:2b:e0:28:a5:ad:c8:59:77:71:
09:04:5d:66:c6:f9:56:2f:e4:18:49:19:5a:60:ef:
e3:48:a1:ac:24:6d:e3:97:d4:f2:9a:80:5e:be:d4:
1e:72:4e:0d:e3:58:06:2c:a9:8d:23:2f:2a:1b:eb:
e4:88:09:5b:51:a3:a5:0c:a8:6f:10:e1:68:59:d7:
71:7b:99:5e:69:fd:cc:7c:13:0c:28:03:e0:ee:2d:
e9:0f:de:62:8a:14:7a:66:af:c0:14:b9:5f:88:3e:
be:18:c7:ca:e4:63:bd:32:86:e4:82:92:25:6d:26:
eb:c8:e4:79:25:b3:a3:98:ad:fc:06:6a:0e:b5:92:
96:20:08:3d:2b:fd:46:8e:52:93:7a:03:b5:85:46:
2f:55:49:19:be:92:fe:42:a1:ba:46:da:8e:67:28:
99:f1:9c:bc:0a:8a:be:96:a6:aa:c3:15:b1:4f:d1:
4b:e5:0f:40:0c:a3:a9:2b:19:1c:0f:10:7b:c8:4e:
6e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:27:EE:61:E2:A7:59:8E:21:BC:79:D1:01:3D:3B:EC:E4:33:7F:75
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/bSfuYeKnWY4hvHnRAT077OQzf3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.115.0/24
IPv6:
2a12:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:7b:a6:04:40:22:0e:1b:f5:f3:3d:71:e1:79:69:1d:22:19:
aa:4d:02:6f:71:ad:06:d8:e5:33:c2:d1:a8:f9:dc:8d:c3:79:
2b:9f:aa:73:ff:7c:c7:41:20:2c:6e:c5:72:9c:dc:0d:d9:73:
d3:c0:da:2f:cb:ea:da:64:e7:28:fe:ac:9c:c8:4a:9c:18:83:
e0:4a:9e:26:59:01:5b:a8:38:5e:38:29:e3:f5:95:cd:4a:f9:
49:cd:38:a6:72:6c:eb:23:7f:a0:90:96:e6:c5:99:3e:57:6d:
df:f6:95:ff:ce:8a:82:2c:fb:b3:d6:43:24:83:d2:8b:27:35:
8e:15:18:09:a1:5b:43:7c:11:c3:9d:60:6d:cc:76:fa:06:1f:
5d:36:b8:c8:ff:dd:6f:72:e9:bd:c5:39:9b:32:25:64:19:77:
fb:e2:fd:e0:8c:2d:1b:f8:33:6f:a9:64:6e:b3:55:3c:a9:26:
a1:71:41:8b:8f:2c:32:88:08:94:9f:a2:83:85:b7:67:90:01:
1e:02:c6:43:73:aa:fc:90:2d:a4:de:0a:24:d8:22:bc:35:2d:
6c:06:f1:73:09:47:68:20:03:de:a9:33:0d:1e:82:83:05:12:
16:9b:26:9b:c9:95:32:92:38:71:52:74:7c:fa:c5:40:be:d4:
66:17:cb:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwzqBE/rWuNODKiw90R71HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjMxMjA0MDcwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDI3ZWU2MWUyYTc1OThlMjFiYzc5ZDEwMTNkM2JlY2U0MzM3Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs32IyCQRnC5fI84xD4NUS25Xh5xl
Bhrz3nr8GQ+mYHNNXB47LPSMNdds74REnYOwClRWFYNuaZlHQ2+OExvnJEcr4Cil
rchZd3EJBF1mxvlWL+QYSRlaYO/jSKGsJG3jl9TymoBevtQeck4N41gGLKmNIy8q
G+vkiAlbUaOlDKhvEOFoWddxe5leaf3MfBMMKAPg7i3pD95iihR6Zq/AFLlfiD6+
GMfK5GO9MobkgpIlbSbryOR5JbOjmK38BmoOtZKWIAg9K/1GjlKTegO1hUYvVUkZ
vpL+QqG6RtqOZyiZ8Zy8Coq+lqaqwxWxT9FL5Q9ADKOpKxkcDxB7yE5uuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG0n7mHip1mOIbx50QE9O+zkM391MB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvYlNmdVllS25XWTRodkhuUkFUMDc3T1F6ZjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpFzMA0E
AgACMAcDBQMqEtxAMA0GCSqGSIb3DQEBCwUAA4IBAQBde6YEQCIOG/XzPXHheWkd
IhmqTQJvca0G2OUzwtGo+dyNw3krn6pz/3zHQSAsbsVynNwN2XPTwNovy+raZOco
/qycyEqcGIPgSp4mWQFbqDheOCnj9ZXNSvlJzTimcmzrI3+gkJbmxZk+V23f9pX/
zoqCLPuz1kMkg9KLJzWOFRgJoVtDfBHDnWBtzHb6Bh9dNrjI/91vcum9xTmbMiVk
GXf74v3gjC0b+DNvqWRus1U8qSahcUGLjywyiAiUn6KDhbdnkAEeAsZDc6r8kC2k
3gok2CK8NS1sBvFzCUdoIAPeqTMNHoKDBRIWmyabyZUykjhxUnR8+sVAvtRmF8t1
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:54 2024 by rpki-client on console.sobornost.net