Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/qFb0g9Ld2FVOyAStwb-m6fL1IHg.roa
File: qFb0g9Ld2FVOyAStwb-m6fL1IHg.roa (raw, json)
Hash identifier: YCQBwgYDLJYryFNKXsxPGeAjpXNPDh/SpOAv5OcebPk=
Subject key identifier: A8:56:F4:83:D2:DD:D8:55:4E:C8:04:AD:C1:BF:A6:E9:F2:F5:20:78
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B81215D7E20BFE3C6FA85D570BD482D
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/qFb0g9Ld2FVOyAStwb-m6fL1IHg.roa
Signing time: Sun 01 Jan 2023 04:05:02 +0000
ROA not before: Sun 01 Jan 2023 04:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210992
IP address blocks: 89.25.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:21:5d:7e:20:bf:e3:c6:fa:85:d5:70:bd:48:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a856f483d2ddd8554ec804adc1bfa6e9f2f52078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:32:95:d7:94:19:be:2f:79:5c:c9:ae:6d:61:
90:d1:1d:e6:5b:d0:dd:88:18:17:ba:ac:e0:34:1e:
75:d9:52:d7:ae:f7:63:a5:95:37:48:59:aa:d0:81:
f2:27:02:9c:70:0c:45:bb:45:9f:e8:73:84:ca:f3:
8e:8a:54:84:7e:b4:20:1a:35:0c:bf:11:04:32:51:
21:56:ed:48:cf:ca:e5:83:3e:0e:92:7a:53:ec:a6:
c3:f3:44:2c:7e:48:f7:18:a9:a3:d7:e8:1f:c4:f2:
50:8c:f3:07:98:c4:20:35:e4:3e:53:f9:e1:a1:f2:
cb:70:84:34:cc:b6:3c:f6:b3:5f:a8:cd:07:6f:6b:
63:d7:f9:b6:b4:e3:c9:84:cd:8e:66:ac:d0:e6:8f:
52:2c:89:17:39:2d:5c:d7:d2:47:06:e0:d4:d4:37:
0a:14:2c:bb:a0:e1:d6:ea:24:ce:60:cd:58:bd:23:
2a:8f:a3:27:a4:10:b5:ef:c7:64:cb:cd:af:57:b8:
89:d2:6a:93:46:eb:a0:79:d2:21:cc:9b:38:69:a8:
19:a3:d2:75:d2:31:3d:05:32:b5:9a:74:52:af:77:
d8:5b:77:cb:bf:82:f0:db:78:fc:21:c6:c5:8e:93:
c6:1d:68:5b:aa:12:b8:21:f9:53:ae:5c:e3:27:0e:
40:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:56:F4:83:D2:DD:D8:55:4E:C8:04:AD:C1:BF:A6:E9:F2:F5:20:78
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/qFb0g9Ld2FVOyAStwb-m6fL1IHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.14.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f8:e3:92:46:8e:1f:44:64:e0:23:16:a1:79:61:81:9e:c7:
ec:d0:06:41:c1:7f:dc:9c:1f:47:0c:19:06:7e:e0:51:ce:84:
6e:50:21:8b:ed:51:e6:e5:f8:d3:95:32:19:d0:71:45:fa:1d:
88:d6:22:d7:5c:53:ab:c3:72:fd:dc:7f:1b:06:aa:cf:8f:f6:
11:74:77:75:8e:b6:b0:2e:8b:22:43:6a:6b:d8:96:d6:d0:83:
e8:02:04:ad:b7:35:d3:5f:90:fc:dc:ca:db:5a:ab:f9:c2:7c:
c8:75:29:ca:00:bf:4c:07:3b:d2:4a:a3:c7:58:c1:99:13:88:
40:e9:31:77:15:44:5c:de:c4:16:13:a0:29:3f:a2:e0:36:84:
f3:1e:49:57:21:82:d2:0b:51:8f:56:e8:51:8e:f6:d0:37:88:
b7:14:e5:7b:ac:87:31:87:ff:ea:51:40:fa:d9:a7:09:fc:b1:
00:6a:f1:d2:3f:b5:f8:c2:aa:64:f3:aa:59:ba:ec:95:ce:6d:
34:42:96:ba:c7:e9:0a:3c:4d:68:f3:c4:5f:e0:7d:23:7f:91:
0e:69:64:05:b5:a9:3c:e6:99:93:e8:59:e9:61:86:1f:4a:97:
e1:3c:6b:26:a0:a2:96:96:71:20:8c:d9:9c:5b:29:38:4d:5b:
a3:93:9e:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgSFdfiC/48b6hdVwvUgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU2ZjQ4M2QyZGRkODU1NGVjODA0YWRjMWJmYTZlOWYyZjUyMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjKV15QZvi95XMmubWGQ0R3mW9Dd
iBgXuqzgNB512VLXrvdjpZU3SFmq0IHyJwKccAxFu0Wf6HOEyvOOilSEfrQgGjUM
vxEEMlEhVu1Iz8rlgz4OknpT7KbD80Qsfkj3GKmj1+gfxPJQjPMHmMQgNeQ+U/nh
ofLLcIQ0zLY89rNfqM0Hb2tj1/m2tOPJhM2OZqzQ5o9SLIkXOS1c19JHBuDU1DcK
FCy7oOHW6iTOYM1YvSMqj6MnpBC178dky82vV7iJ0mqTRuugedIhzJs4aagZo9J1
0jE9BTK1mnRSr3fYW3fLv4Lw23j8IcbFjpPGHWhbqhK4IflTrlzjJw5ANwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhW9IPS3dhVTsgErcG/puny9SB4MB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvcUZiMGc5TGQyRlZPeUFTdHdiLW02ZkwxSUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRkOMA0G
CSqGSIb3DQEBCwUAA4IBAQAI+OOSRo4fRGTgIxaheWGBnsfs0AZBwX/cnB9HDBkG
fuBRzoRuUCGL7VHm5fjTlTIZ0HFF+h2I1iLXXFOrw3L93H8bBqrPj/YRdHd1jraw
LosiQ2pr2JbW0IPoAgSttzXTX5D83MrbWqv5wnzIdSnKAL9MBzvSSqPHWMGZE4hA
6TF3FURc3sQWE6ApP6LgNoTzHklXIYLSC1GPVuhRjvbQN4i3FOV7rIcxh//qUUD6
2acJ/LEAavHSP7X4wqpk86pZuuyVzm00Qpa6x+kKPE1o88Rf4H0jf5EOaWQFtak8
5pmT6FnpYYYfSpfhPGsmoKKWlnEgjNmcWyk4TVujk567
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:23 2024 by rpki-client on console.sobornost.net