Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/Px4pHK3imkH3dTsebJBa4oztjk0.roa
File: Px4pHK3imkH3dTsebJBa4oztjk0.roa (raw, json)
Hash identifier: bHIizM1vteDmujqmHEMm+RSDok6C9Fe1dPiRmP01neM=
Subject key identifier: 3F:1E:29:1C:AD:E2:9A:41:F7:75:3B:1E:6C:90:5A:E2:8C:ED:8E:4D
Certificate issuer: /CN=4b993958d47daae349eec6fd2eba28354377e5d4
Certificate serial: 01856B1C1A79B83FE991C2D9574BB8118E11
Authority key identifier: 4B:99:39:58:D4:7D:AA:E3:49:EE:C6:FD:2E:BA:28:35:43:77:E5:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5k5WNR9quNJ7sb9LrooNUN35dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/Px4pHK3imkH3dTsebJBa4oztjk0.roa
Signing time: Sun 01 Jan 2023 02:14:41 +0000
ROA not before: Sun 01 Jan 2023 02:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44196
IP address blocks: 195.2.202.0/24 maxlen: 24
195.2.202.0/23 maxlen: 23
195.2.203.0/24 maxlen: 24
195.93.132.0/24 maxlen: 24
195.93.132.0/23 maxlen: 23
195.93.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:1c:1a:79:b8:3f:e9:91:c2:d9:57:4b:b8:11:8e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b993958d47daae349eec6fd2eba28354377e5d4
Validity
Not Before: Jan 1 02:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f1e291cade29a41f7753b1e6c905ae28ced8e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:29:19:70:7c:6c:fa:a5:06:1c:18:a5:b5:bd:
16:95:59:f6:ad:39:ad:8d:68:da:1d:0b:57:6e:1a:
11:4b:77:09:8c:0d:61:a9:bd:df:5f:ac:0a:72:14:
2c:e1:ef:6a:e5:a8:1a:8b:8f:e0:15:dd:ad:e8:a0:
de:80:f7:55:b9:e5:49:36:4f:fa:19:75:3a:62:7a:
7f:81:0b:f5:de:c8:11:6a:cf:c3:3c:20:2d:2e:7d:
68:53:64:65:05:fd:96:a1:eb:c9:a6:d1:5c:bb:c8:
4a:14:dc:43:cf:35:b8:25:8b:5e:ad:ee:a8:39:5a:
78:a4:cd:18:b4:d7:25:19:93:8d:18:d5:8d:81:3b:
1a:fa:6d:54:94:1f:ae:cc:85:dc:ea:f8:e9:ee:2a:
d0:ce:a9:5a:72:95:a0:c9:78:46:10:21:71:a9:b5:
70:1e:ae:02:b2:ea:99:31:75:a6:3f:dd:95:23:00:
2b:5f:48:11:30:66:fd:17:a4:cc:b5:22:b2:65:9d:
85:58:12:84:67:93:7f:1a:d4:93:e5:73:f4:fe:1d:
80:9d:0f:94:03:d8:f7:9e:7a:14:a0:71:94:0b:e2:
83:9a:c8:fe:12:ae:bb:71:78:8d:e1:b2:83:81:2f:
0a:00:a3:a5:76:ab:5d:69:79:ab:e6:8e:55:80:ed:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1E:29:1C:AD:E2:9A:41:F7:75:3B:1E:6C:90:5A:E2:8C:ED:8E:4D
X509v3 Authority Key Identifier:
keyid:4B:99:39:58:D4:7D:AA:E3:49:EE:C6:FD:2E:BA:28:35:43:77:E5:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5k5WNR9quNJ7sb9LrooNUN35dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/Px4pHK3imkH3dTsebJBa4oztjk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/S5k5WNR9quNJ7sb9LrooNUN35dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.202.0/23
195.93.132.0/23
Signature Algorithm: sha256WithRSAEncryption
67:f8:06:d4:56:ee:65:a1:af:be:5e:a8:03:c4:a4:a7:ec:76:
f8:b1:01:41:5c:1d:05:5d:14:4d:78:74:e0:37:45:f9:27:e7:
71:f2:95:22:16:f7:ab:fa:49:53:d6:41:70:ab:16:fd:c4:cf:
13:dd:78:3b:0c:b3:53:10:0d:c0:eb:0d:4d:3d:a0:0d:99:2a:
71:3f:54:b1:a1:1f:c5:98:88:86:5d:3c:51:83:dd:3a:c4:e9:
7c:ef:5e:04:76:5f:f0:37:5b:8a:50:13:f8:d0:b5:b2:b5:bb:
98:d7:df:ba:4e:e7:51:50:b7:cf:b6:43:82:40:b0:01:35:02:
fb:e4:59:7c:f3:91:d5:c5:19:dc:c6:85:7d:b4:7d:36:71:51:
bf:81:d3:c6:fa:26:27:19:e5:5f:5c:64:a2:ca:d6:ca:c6:36:
1b:78:d7:10:a1:63:82:01:fc:c9:57:66:f5:30:13:ec:8f:43:
b5:57:2e:c4:01:31:c5:14:2b:f3:ab:36:08:d5:34:1d:fa:4c:
f2:0f:87:6d:9b:27:48:68:07:90:89:66:ac:c4:c2:20:c4:11:
e5:f2:d0:94:67:49:6a:95:75:81:a2:fe:f5:3e:a4:e2:f2:31:
de:cf:df:83:40:4a:b0:a1:8a:3e:1a:8b:d1:df:52:b7:05:cb:
d2:47:16:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrHBp5uD/pkcLZV0u4EY4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTkzOTU4ZDQ3ZGFhZTM0OWVlYzZmZDJlYmEyODM1NDM3
N2U1ZDQwHhcNMjMwMTAxMDIxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjFlMjkxY2FkZTI5YTQxZjc3NTNiMWU2YzkwNWFlMjhjZWQ4ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CkZcHxs+qUGHBiltb0WlVn2rTmt
jWjaHQtXbhoRS3cJjA1hqb3fX6wKchQs4e9q5agai4/gFd2t6KDegPdVueVJNk/6
GXU6Ynp/gQv13sgRas/DPCAtLn1oU2RlBf2WoevJptFcu8hKFNxDzzW4JYtere6o
OVp4pM0YtNclGZONGNWNgTsa+m1UlB+uzIXc6vjp7irQzqlacpWgyXhGECFxqbVw
Hq4CsuqZMXWmP92VIwArX0gRMGb9F6TMtSKyZZ2FWBKEZ5N/GtST5XP0/h2AnQ+U
A9j3nnoUoHGUC+KDmsj+Eq67cXiN4bKDgS8KAKOldqtdaXmr5o5VgO01VwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8eKRyt4ppB93U7HmyQWuKM7Y5NMB8GA1UdIwQY
MBaAFEuZOVjUfarjSe7G/S66KDVDd+XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVrNVdOUjlxdU5KN3NiOUxyb29OVU4zNWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85Yzg5YmYtYzgxZS00MTNmLWEyZDQt
YTA1NTYwNjAxYWMyLzEvUHg0cEhLM2lta0gzZFRzZWJKQmE0b3p0amswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85Yzg5YmYtYzgxZS00MTNmLWEyZDQtYTA1NTYwNjAxYWMy
LzEvUzVrNVdOUjlxdU5KN3NiOUxyb29OVU4zNWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwLKAwQB
w12EMA0GCSqGSIb3DQEBCwUAA4IBAQBn+AbUVu5loa++XqgDxKSn7Hb4sQFBXB0F
XRRNeHTgN0X5J+dx8pUiFver+klT1kFwqxb9xM8T3Xg7DLNTEA3A6w1NPaANmSpx
P1SxoR/FmIiGXTxRg906xOl8714Edl/wN1uKUBP40LWytbuY19+6TudRULfPtkOC
QLABNQL75Fl885HVxRncxoV9tH02cVG/gdPG+iYnGeVfXGSiytbKxjYbeNcQoWOC
AfzJV2b1MBPsj0O1Vy7EATHFFCvzqzYI1TQd+kzyD4dtmydIaAeQiWasxMIgxBHl
8tCUZ0lqlXWBov71PqTi8jHez9+DQEqwoYo+GovR31K3BcvSRxao
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:42 2024 by rpki-client on console.sobornost.net