Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/Kv1ifLwB2rC1DiH1qroUkQF2rQI.roa
File: Kv1ifLwB2rC1DiH1qroUkQF2rQI.roa (raw, json)
Hash identifier: vVfpYnWN6uGmHJ1zxU337mgLGa1RKABy00s3547YIeM=
Subject key identifier: 2A:FD:62:7C:BC:01:DA:B0:B5:0E:21:F5:AA:BA:14:91:01:76:AD:02
Certificate issuer: /CN=07743006a8e9d0e1bf20557ad5964078fe8126ef
Certificate serial: 01856B80E4AA3F8302ADE78003D71FCA397A
Authority key identifier: 07:74:30:06:A8:E9:D0:E1:BF:20:55:7A:D5:96:40:78:FE:81:26:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3QwBqjp0OG_IFV61ZZAeP6BJu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/Kv1ifLwB2rC1DiH1qroUkQF2rQI.roa
Signing time: Sun 01 Jan 2023 04:04:47 +0000
ROA not before: Sun 01 Jan 2023 04:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13236
IP address blocks: 195.234.236.0/22 maxlen: 22
195.234.237.0/24 maxlen: 24
195.234.238.0/24 maxlen: 24
195.234.236.0/24 maxlen: 24
195.234.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:e4:aa:3f:83:02:ad:e7:80:03:d7:1f:ca:39:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07743006a8e9d0e1bf20557ad5964078fe8126ef
Validity
Not Before: Jan 1 04:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2afd627cbc01dab0b50e21f5aaba14910176ad02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:c5:25:8c:61:00:fe:c6:50:83:5e:84:63:
f7:fb:21:d8:3d:b2:d8:2e:7e:5b:14:e6:28:b0:53:
42:80:db:8c:45:dc:a1:2b:38:e8:29:4b:e2:42:99:
b4:5c:21:2e:0a:e6:7b:ea:9e:d8:0c:29:e5:d4:b9:
1b:4c:bb:dd:af:f8:9f:1b:d8:24:cf:5c:97:6f:38:
2d:c9:ce:bb:13:fe:af:bf:89:fb:3b:14:5f:2a:d9:
ee:1f:47:e6:3e:37:65:c7:db:94:42:09:92:84:c5:
9c:b1:e5:8c:15:56:25:34:f7:aa:78:95:88:76:97:
2b:8a:f4:b1:d6:17:e2:c6:dc:6b:4d:55:45:17:b2:
56:f9:91:f8:8a:29:3e:9f:1f:36:7c:a2:64:64:19:
f5:ed:d4:92:3c:a1:db:68:e2:be:c2:a7:96:b4:e2:
a0:87:a3:00:d5:7b:18:66:bb:76:48:85:9d:af:c6:
e0:19:f1:bf:3b:9e:dd:bc:c4:d5:cd:e5:3c:57:2d:
e7:35:1b:0b:d8:4c:51:05:ed:3f:40:d9:7a:5b:fc:
a2:32:32:24:11:c1:83:da:f3:12:e0:a7:ff:61:f3:
5f:b6:8a:cb:d4:bd:42:c5:57:ad:49:a6:55:88:d0:
0d:7f:6b:00:c4:93:30:9e:5c:06:a0:23:40:01:98:
1f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FD:62:7C:BC:01:DA:B0:B5:0E:21:F5:AA:BA:14:91:01:76:AD:02
X509v3 Authority Key Identifier:
keyid:07:74:30:06:A8:E9:D0:E1:BF:20:55:7A:D5:96:40:78:FE:81:26:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3QwBqjp0OG_IFV61ZZAeP6BJu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/Kv1ifLwB2rC1DiH1qroUkQF2rQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/B3QwBqjp0OG_IFV61ZZAeP6BJu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:08:c1:46:66:9a:71:58:3d:bd:85:1e:19:b5:4f:ed:de:b8:
66:bf:54:52:45:27:9c:8b:07:16:37:f2:5b:11:bf:e9:fd:21:
d3:c0:b1:27:ef:64:0b:d1:1b:2c:a9:41:ca:a1:18:92:cb:47:
b3:4d:36:66:5e:f5:87:8a:4d:82:82:88:b6:28:75:ff:bf:db:
32:d3:a3:52:b6:66:9e:63:fa:97:c5:67:06:91:47:c4:83:da:
2d:fc:76:7d:9d:06:af:22:59:cd:a7:fb:2d:53:a4:85:87:f7:
9e:5d:8d:ac:4d:12:a3:9e:7d:8f:ca:4f:3e:c0:98:2c:4c:f2:
14:e7:c5:17:e6:2f:9e:1c:3f:50:99:e2:c1:e7:8f:c7:89:e4:
5b:8c:8f:a0:3f:f5:16:01:f4:01:41:13:22:20:b1:33:4e:52:
76:a4:88:8a:b3:ca:2c:08:40:33:52:e3:76:31:a4:09:1b:68:
96:4b:a2:d8:7f:93:49:d3:3c:6f:c5:21:9f:30:44:fa:8d:cc:
47:19:7f:51:c5:11:64:b4:db:8c:3e:e3:17:17:07:40:a9:56:
a9:ec:08:c6:7d:9b:7f:cb:3f:70:f2:6d:98:34:f7:fc:a3:10:
31:c4:15:b2:26:67:5a:bd:f3:51:85:d2:8f:79:d5:2f:5e:d6:
df:b8:3c:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgOSqP4MCreeAA9cfyjl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NzQzMDA2YThlOWQwZTFiZjIwNTU3YWQ1OTY0MDc4ZmU4
MTI2ZWYwHhcNMjMwMTAxMDQwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZkNjI3Y2JjMDFkYWIwYjUwZTIxZjVhYWJhMTQ5MTAxNzZhZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2rFJYxhAP7GUINehGP3+yHYPbLY
Ln5bFOYosFNCgNuMRdyhKzjoKUviQpm0XCEuCuZ76p7YDCnl1LkbTLvdr/ifG9gk
z1yXbzgtyc67E/6vv4n7OxRfKtnuH0fmPjdlx9uUQgmShMWcseWMFVYlNPeqeJWI
dpcrivSx1hfixtxrTVVFF7JW+ZH4iik+nx82fKJkZBn17dSSPKHbaOK+wqeWtOKg
h6MA1XsYZrt2SIWdr8bgGfG/O57dvMTVzeU8Vy3nNRsL2ExRBe0/QNl6W/yiMjIk
EcGD2vMS4Kf/YfNftorL1L1CxVetSaZViNANf2sAxJMwnlwGoCNAAZgfWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr9Yny8AdqwtQ4h9aq6FJEBdq0CMB8GA1UdIwQY
MBaAFAd0MAao6dDhvyBVetWWQHj+gSbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjNRd0JxanAwT0dfSUZWNjFaWkFlUDZCSnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NzljYWItMmNmNC00MGE1LWI1ZWUt
MjQ2NjQ2ZTlkYjFlLzEvS3YxaWZMd0IyckMxRGlIMXFyb1VrUUYyclFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NzljYWItMmNmNC00MGE1LWI1ZWUtMjQ2NjQ2ZTlkYjFl
LzEvQjNRd0JxanAwT0dfSUZWNjFaWkFlUDZCSnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+rsMA0G
CSqGSIb3DQEBCwUAA4IBAQBcCMFGZppxWD29hR4ZtU/t3rhmv1RSRSeciwcWN/Jb
Eb/p/SHTwLEn72QL0RssqUHKoRiSy0ezTTZmXvWHik2Cgoi2KHX/v9sy06NStmae
Y/qXxWcGkUfEg9ot/HZ9nQavIlnNp/stU6SFh/eeXY2sTRKjnn2Pyk8+wJgsTPIU
58UX5i+eHD9QmeLB54/HieRbjI+gP/UWAfQBQRMiILEzTlJ2pIiKs8osCEAzUuN2
MaQJG2iWS6LYf5NJ0zxvxSGfMET6jcxHGX9RxRFktNuMPuMXFwdAqVap7AjGfZt/
yz9w8m2YNPf8oxAxxBWyJmdavfNRhdKPedUvXtbfuDzo
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:38 2024 by rpki-client on console.sobornost.net