Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/C3ard9FqCzzevTNi4wWrfj-_2WU.roa
File: C3ard9FqCzzevTNi4wWrfj-_2WU.roa (raw, json)
Hash identifier: 7ol5oGB7KRIXEJcFX/KXvSSo+mjMXniVxuUpR5kTyag=
Subject key identifier: 0B:76:AB:77:D1:6A:0B:3C:DE:BD:33:62:E3:05:AB:7E:3F:BF:D9:65
Certificate issuer: /CN=6e3ee2b8400208a7eea45060f4b7a83c43e8de7c
Certificate serial: 01856FF98010206EB0FE3A384B31EA20D9E2
Authority key identifier: 6E:3E:E2:B8:40:02:08:A7:EE:A4:50:60:F4:B7:A8:3C:43:E8:DE:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj7iuEACCKfupFBg9LeoPEPo3nw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/C3ard9FqCzzevTNi4wWrfj-_2WU.roa
Signing time: Mon 02 Jan 2023 00:55:00 +0000
ROA not before: Mon 02 Jan 2023 00:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205234
IP address blocks: 91.201.34.0/24 maxlen: 24
91.201.35.0/24 maxlen: 24
91.201.32.0/24 maxlen: 24
91.201.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:80:10:20:6e:b0:fe:3a:38:4b:31:ea:20:d9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3ee2b8400208a7eea45060f4b7a83c43e8de7c
Validity
Not Before: Jan 2 00:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b76ab77d16a0b3cdebd3362e305ab7e3fbfd965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1c:f2:ec:30:80:e0:1d:e0:cd:69:1f:d8:24:
dc:60:24:79:48:a0:bb:75:81:40:eb:9d:25:59:8a:
f4:b1:db:66:7a:7c:b0:eb:a5:bb:fc:c5:af:ee:d0:
50:88:30:d5:f9:a5:d4:10:89:7f:12:33:1b:8c:e9:
eb:02:95:f3:60:a2:cf:a3:e8:41:97:2c:dc:da:ad:
32:c4:58:7b:14:e2:2b:c4:3c:a6:eb:d1:cb:ad:72:
8a:4f:03:89:a5:7c:f1:cd:ce:58:2f:1f:ac:ef:40:
f7:78:a8:a6:9e:01:ed:c2:3e:94:4d:9b:62:f4:60:
ea:d9:61:ce:4e:d9:ac:99:31:da:27:e9:cc:ef:cf:
9a:60:9a:f1:06:3d:ba:f9:60:38:85:3d:3e:e2:e1:
db:b0:e4:1d:8b:14:d6:a7:ac:5f:90:c2:35:03:ca:
9b:9b:a8:bf:07:34:97:09:30:6b:9a:3a:df:10:8b:
7a:bc:62:27:70:fc:57:c5:7a:1b:35:15:4b:73:31:
1c:fb:6f:ac:24:bb:8c:12:27:72:fc:28:fa:49:a1:
a5:97:22:cd:d1:e9:14:59:dc:8f:40:e6:32:e7:1a:
23:01:98:78:51:1d:a5:73:0b:cf:a3:7c:92:e3:18:
4f:e3:c4:42:b3:a0:82:af:1f:7d:72:6e:64:21:97:
b7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:76:AB:77:D1:6A:0B:3C:DE:BD:33:62:E3:05:AB:7E:3F:BF:D9:65
X509v3 Authority Key Identifier:
keyid:6E:3E:E2:B8:40:02:08:A7:EE:A4:50:60:F4:B7:A8:3C:43:E8:DE:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7iuEACCKfupFBg9LeoPEPo3nw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/C3ard9FqCzzevTNi4wWrfj-_2WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/bj7iuEACCKfupFBg9LeoPEPo3nw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.32.0/22
Signature Algorithm: sha256WithRSAEncryption
03:85:18:b4:07:3d:0b:01:20:17:c1:17:b8:50:d0:b3:01:84:
ec:c5:f2:a4:25:6a:14:f0:ff:4e:4b:15:be:d8:1a:2a:16:c5:
09:f7:b0:6f:37:12:2e:d1:d0:58:bf:ee:f6:e6:e2:97:6f:a3:
ec:89:e6:32:ee:43:5c:29:bd:c7:7b:5a:3e:f9:85:7d:db:26:
59:da:d4:8b:2e:9c:71:b6:ba:78:5f:c5:7a:9a:c3:93:93:7c:
a9:29:ab:59:72:f9:fc:78:ad:8a:c4:44:bd:88:4d:10:a8:61:
ec:de:44:9d:f2:50:b1:3e:a7:72:04:f0:31:4b:f7:1d:fb:16:
da:44:9d:54:01:74:ec:98:b2:17:5a:4b:91:4c:b2:23:90:da:
99:f4:18:cf:17:3a:e4:7d:d8:3b:b2:70:7f:4e:83:06:cd:ec:
08:5a:4e:52:02:f4:56:1f:16:89:c2:1e:66:f6:37:15:a9:23:
12:b7:9c:30:59:90:d8:07:a1:2b:c7:3c:b2:17:11:c0:d3:bd:
cd:80:01:8c:4f:8f:56:62:cb:14:31:61:ac:9e:77:d8:ec:73:
04:67:87:5a:06:94:ca:25:9a:c1:15:92:f4:6b:8f:d1:5f:08:
40:f0:74:70:3c:1c:41:51:8d:df:1e:1e:73:3c:46:5a:dd:9a:
6b:e5:46:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+YAQIG6w/jo4SzHqINniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2VlMmI4NDAwMjA4YTdlZWE0NTA2MGY0YjdhODNjNDNl
OGRlN2MwHhcNMjMwMTAyMDA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc2YWI3N2QxNmEwYjNjZGViZDMzNjJlMzA1YWI3ZTNmYmZkOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhzy7DCA4B3gzWkf2CTcYCR5SKC7
dYFA650lWYr0sdtmenyw66W7/MWv7tBQiDDV+aXUEIl/EjMbjOnrApXzYKLPo+hB
lyzc2q0yxFh7FOIrxDym69HLrXKKTwOJpXzxzc5YLx+s70D3eKimngHtwj6UTZti
9GDq2WHOTtmsmTHaJ+nM78+aYJrxBj26+WA4hT0+4uHbsOQdixTWp6xfkMI1A8qb
m6i/BzSXCTBrmjrfEIt6vGIncPxXxXobNRVLczEc+2+sJLuMEidy/Cj6SaGllyLN
0ekUWdyPQOYy5xojAZh4UR2lcwvPo3yS4xhP48RCs6CCrx99cm5kIZe37QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAt2q3fRags83r0zYuMFq34/v9llMB8GA1UdIwQY
MBaAFG4+4rhAAgin7qRQYPS3qDxD6N58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo3aXVFQUNDS2Z1cEZCZzlMZW9QRVBvM253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9lNGYyZGItNmY0Ni00NzYxLWFkZmUt
NzMyN2RmNmJkZDEwLzEvQzNhcmQ5RnFDenpldlROaTR3V3Jmai1fMldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9lNGYyZGItNmY0Ni00NzYxLWFkZmUtNzMyN2RmNmJkZDEw
LzEvYmo3aXVFQUNDS2Z1cEZCZzlMZW9QRVBvM253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8kgMA0G
CSqGSIb3DQEBCwUAA4IBAQADhRi0Bz0LASAXwRe4UNCzAYTsxfKkJWoU8P9OSxW+
2BoqFsUJ97BvNxIu0dBYv+725uKXb6PsieYy7kNcKb3He1o++YV92yZZ2tSLLpxx
trp4X8V6msOTk3ypKatZcvn8eK2KxES9iE0QqGHs3kSd8lCxPqdyBPAxS/cd+xba
RJ1UAXTsmLIXWkuRTLIjkNqZ9BjPFzrkfdg7snB/ToMGzewIWk5SAvRWHxaJwh5m
9jcVqSMSt5wwWZDYB6ErxzyyFxHA073NgAGMT49WYssUMWGsnnfY7HMEZ4daBpTK
JZrBFZL0a4/RXwhA8HRwPBxBUY3fHh5zPEZa3Zpr5UZI
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:50 2024 by rpki-client on console.sobornost.net