Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/ogkqvWg8JlXyfG-FciIWHRKw-JE.roa
File: ogkqvWg8JlXyfG-FciIWHRKw-JE.roa (raw, json)
Hash identifier: THEexROE5M9SNtiE2ur6Zj1w0I4qdkbudcbpMDQDk+I=
Subject key identifier: A2:09:2A:BD:68:3C:26:55:F2:7C:6F:85:72:22:16:1D:12:B0:F8:91
Certificate issuer: /CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Certificate serial: 018CABBA8A4842FC5509534C0A2773C7AB43
Authority key identifier: 3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/ogkqvWg8JlXyfG-FciIWHRKw-JE.roa
Signing time: Wed 27 Dec 2023 14:42:58 +0000
ROA not before: Wed 27 Dec 2023 14:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204796
IP address blocks: 195.158.252.0/23 maxlen: 23
185.240.0.0/22 maxlen: 24
195.190.11.0/24 maxlen: 24
2001:67c:11f8::/48 maxlen: 48
2a0c:6880::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:ba:8a:48:42:fc:55:09:53:4c:0a:27:73:c7:ab:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Validity
Not Before: Dec 27 14:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2092abd683c2655f27c6f857222161d12b0f891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ff:28:22:b3:57:3b:9d:5b:a2:f6:00:e3:c1:
30:c5:89:3a:9f:5c:5e:f7:52:05:56:ba:6a:33:cd:
b4:b3:62:91:ef:93:7f:b5:90:1c:35:21:34:db:44:
23:33:2d:45:77:77:29:27:1f:c9:d5:62:90:90:a3:
22:70:bf:80:5b:70:d5:58:41:36:91:a6:79:84:61:
86:dd:1b:fb:f6:1d:60:cb:ec:00:35:aa:ff:86:af:
88:e5:89:47:a3:41:a3:fe:b0:b5:d2:b1:73:8a:79:
67:d1:6f:d9:d1:96:19:41:be:de:3e:b6:db:e1:2e:
3e:02:3a:c7:1a:ed:93:ac:1c:a0:cc:e8:97:09:ec:
09:06:57:cd:0d:e2:29:5c:06:dc:10:58:71:4d:f7:
b0:fb:98:79:c4:5d:e1:81:c7:4f:d6:28:db:64:82:
dc:ae:de:20:51:ca:2d:d2:9f:9c:be:79:67:9a:49:
b9:c9:b2:7a:eb:5a:2f:97:6f:f0:c1:1e:bd:43:ac:
c9:f4:e2:c4:fe:85:e2:ff:11:98:32:b9:17:c9:f8:
4c:0f:43:3d:d8:aa:a3:46:e3:f8:0c:e3:9d:93:d9:
d2:f4:1a:3f:81:bc:8a:a4:c0:c6:96:93:a9:10:9f:
3d:12:04:b1:9a:54:0d:ba:5f:dd:48:8c:08:5e:81:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:09:2A:BD:68:3C:26:55:F2:7C:6F:85:72:22:16:1D:12:B0:F8:91
X509v3 Authority Key Identifier:
keyid:3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/ogkqvWg8JlXyfG-FciIWHRKw-JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.0.0/22
195.158.252.0/23
195.190.11.0/24
IPv6:
2001:67c:11f8::/48
2a0c:6880::/32
Signature Algorithm: sha256WithRSAEncryption
5b:e5:bc:2f:2e:29:6a:9c:f8:71:da:de:65:13:93:ac:90:03:
62:8f:25:07:f3:bd:a1:8f:f5:d7:04:91:23:8a:31:dc:10:68:
8e:a9:6e:ef:93:05:52:b6:06:93:c4:d8:e2:63:b0:a3:a0:bf:
bc:f0:e7:46:7b:4c:32:fb:24:87:c1:ba:c0:e2:69:0a:c9:57:
8a:5c:dc:ff:d3:68:d8:06:b5:0a:81:2d:83:93:8a:37:de:14:
e2:5e:5a:01:e1:b5:3c:d4:45:1b:b9:2a:5b:17:49:2e:67:ad:
8b:92:6f:41:1f:89:9d:33:a5:92:52:1c:6e:a6:d4:8e:b2:29:
c7:5d:46:f0:7e:a4:14:90:8f:4a:87:c6:9c:bc:ea:82:19:01:
ba:e6:56:6a:ee:cf:36:11:58:0e:6a:18:76:80:39:ae:19:77:
79:80:a7:4b:a5:f6:ac:5a:83:19:cd:50:25:f3:6e:a1:fa:20:
ff:53:f5:ae:01:17:98:db:a9:c3:2d:b2:78:ed:4f:16:45:bb:
9f:6e:4a:d0:31:00:ff:44:6b:a1:9c:0c:f8:15:13:2b:70:37:
7b:b1:ab:cc:23:fa:b8:0f:bc:2e:b5:2e:b3:7c:a6:37:c2:96:
f4:be:9c:8b:9b:73:fa:3a:cc:86:0a:0d:97:b7:0d:fa:1c:67:
26:64:aa:08
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYyruopIQvxVCVNMCidzx6tDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMGVmNDM1OGFkYjA0MGYzMzNkOTM2MWE0MjYxZWEwZTUw
ZDM4YWIwHhcNMjMxMjI3MTQ0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA5MmFiZDY4M2MyNjU1ZjI3YzZmODU3MjIyMTYxZDEyYjBmODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf8oIrNXO51bovYA48EwxYk6n1xe
91IFVrpqM820s2KR75N/tZAcNSE020QjMy1Fd3cpJx/J1WKQkKMicL+AW3DVWEE2
kaZ5hGGG3Rv79h1gy+wANar/hq+I5YlHo0Gj/rC10rFzinln0W/Z0ZYZQb7ePrbb
4S4+AjrHGu2TrBygzOiXCewJBlfNDeIpXAbcEFhxTfew+5h5xF3hgcdP1ijbZILc
rt4gUcot0p+cvnlnmkm5ybJ661ovl2/wwR69Q6zJ9OLE/oXi/xGYMrkXyfhMD0M9
2KqjRuP4DOOdk9nS9Bo/gbyKpMDGlpOpEJ89EgSxmlQNul/dSIwIXoEbZwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKIJKr1oPCZV8nxvhXIiFh0SsPiRMB8GA1UdIwQY
MBaAFD0O9DWK2wQPMz2TYaQmHqDlDTirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDct
ZDJiYzk2YTk4YTE4LzEvb2drcXZXZzhKbFh5ZkctRmNpSVdIUkt3LUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDctZDJiYzk2YTk4YTE4
LzEvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCufAAAwQB
w578AwQAw74LMBYEAgACMBADBwAgAQZ8EfgDBQAqDGiAMA0GCSqGSIb3DQEBCwUA
A4IBAQBb5bwvLilqnPhx2t5lE5OskANijyUH872hj/XXBJEjijHcEGiOqW7vkwVS
tgaTxNjiY7CjoL+88OdGe0wy+ySHwbrA4mkKyVeKXNz/02jYBrUKgS2Dk4o33hTi
XloB4bU81EUbuSpbF0kuZ62Lkm9BH4mdM6WSUhxuptSOsinHXUbwfqQUkI9Kh8ac
vOqCGQG65lZq7s82EVgOahh2gDmuGXd5gKdLpfasWoMZzVAl826h+iD/U/WuAReY
26nDLbJ47U8WRbufbkrQMQD/RGuhnAz4FRMrcDd7savMI/q4D7wutS6zfKY3wpb0
vpyLm3P6OsyGCg2Xtw36HGcmZKoI
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:25 2024 by rpki-client on console.sobornost.net