Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/1XeDcH8ejY8yypSrLHX2t2ODx7A.roa
File: 1XeDcH8ejY8yypSrLHX2t2ODx7A.roa (raw, json)
Hash identifier: iPSG5BI9TwfMAB3n8TyjG5YzsF5dxnoqKuyaofZOfaA=
Subject key identifier: D5:77:83:70:7F:1E:8D:8F:32:CA:94:AB:2C:75:F6:B7:63:83:C7:B0
Certificate issuer: /CN=36eb516ea902d964adb2aa6dcad9a1dc0f5b7efe
Certificate serial: 018570706003EBB24A45879C25F53789861D
Authority key identifier: 36:EB:51:6E:A9:02:D9:64:AD:B2:AA:6D:CA:D9:A1:DC:0F:5B:7E:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NutRbqkC2WStsqptytmh3A9bfv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/1XeDcH8ejY8yypSrLHX2t2ODx7A.roa
Signing time: Mon 02 Jan 2023 03:04:50 +0000
ROA not before: Mon 02 Jan 2023 03:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39591
IP address blocks: 91.233.206.0/23 maxlen: 24
91.233.207.0/24 maxlen: 24
2001:678:c30::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:60:03:eb:b2:4a:45:87:9c:25:f5:37:89:86:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eb516ea902d964adb2aa6dcad9a1dc0f5b7efe
Validity
Not Before: Jan 2 03:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d57783707f1e8d8f32ca94ab2c75f6b76383c7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:0e:b1:93:a4:4b:1f:e7:48:ac:5b:ec:43:
b0:c6:00:f5:a6:8d:38:75:dc:2b:49:ee:ac:98:2d:
a9:b9:e5:96:f8:ff:83:2f:13:3e:32:33:c0:ec:5d:
ce:b1:ff:7f:d5:ca:65:6e:c3:3b:71:a6:65:24:52:
01:57:34:ac:97:1a:de:ad:0d:0d:9e:af:52:b6:56:
96:cd:e3:9e:f5:89:57:11:a7:1e:30:bf:8c:ca:37:
64:53:56:80:cc:33:a2:22:df:7e:c6:4e:6e:df:58:
f0:86:89:a6:71:e3:1a:b4:f4:4c:04:4d:ea:fc:bd:
58:9b:24:23:65:60:ab:8e:21:51:09:09:a4:1d:25:
33:1b:0a:1c:ab:c7:f3:09:39:7e:8b:6b:22:6c:bd:
31:6d:cb:5d:dc:61:09:4e:50:47:3f:83:5c:ef:36:
07:3b:72:89:03:dc:f2:5d:11:ad:15:b4:f2:f1:80:
93:e9:e4:c4:a8:ac:e8:8e:b7:b4:0e:92:0e:94:4c:
65:d9:4f:c7:48:53:6f:fe:4c:07:38:b0:72:0b:15:
d8:ae:5c:00:f3:64:ab:9c:eb:46:79:eb:60:7e:bc:
3f:6e:00:5f:0b:20:05:da:c4:7f:d9:4b:7b:56:8e:
10:b6:4a:b0:70:d7:fc:77:20:bd:d7:cb:6a:bf:e5:
31:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:77:83:70:7F:1E:8D:8F:32:CA:94:AB:2C:75:F6:B7:63:83:C7:B0
X509v3 Authority Key Identifier:
keyid:36:EB:51:6E:A9:02:D9:64:AD:B2:AA:6D:CA:D9:A1:DC:0F:5B:7E:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NutRbqkC2WStsqptytmh3A9bfv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/1XeDcH8ejY8yypSrLHX2t2ODx7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/26c675-def7-4232-811b-8f76c3291fbc/1/NutRbqkC2WStsqptytmh3A9bfv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.206.0/23
IPv6:
2001:678:c30::/48
Signature Algorithm: sha256WithRSAEncryption
7a:8f:23:7e:d8:b9:f4:3d:71:a6:ae:80:84:b5:1e:67:92:f2:
29:b1:fd:bc:f0:0f:4e:78:b1:78:34:51:b4:76:3c:10:1b:88:
43:59:75:8d:d5:57:7b:1b:96:5a:6c:5f:8a:19:2f:f3:4d:a9:
6f:25:06:1b:41:67:e7:ed:de:93:1c:2e:46:1a:01:ab:c5:47:
a2:53:5b:cc:58:cd:b6:3a:7e:61:f9:c9:49:e0:36:db:fd:69:
b3:9c:34:71:24:70:8d:cb:b1:95:fb:b2:f6:62:06:22:49:af:
5b:61:1c:2c:fa:f9:a6:00:86:ce:d4:84:61:e0:88:0d:ed:54:
ac:13:4e:5d:0a:51:d8:0e:bf:0d:55:cd:9b:9a:3e:6c:45:b2:
ef:76:6b:81:9e:67:3b:95:8c:a3:be:72:9d:99:1b:3f:b0:c2:
46:ac:72:f2:39:f8:40:60:49:ab:81:b5:26:57:a6:3e:c5:73:
a1:8f:97:8c:35:1d:a5:c9:d9:db:bb:3b:c0:1b:ba:dd:b6:58:
50:ba:de:62:97:cf:74:b9:0f:14:e5:5d:8d:cc:96:be:2d:d5:
c1:e1:a7:5d:e0:91:37:29:42:32:f4:31:66:07:34:b4:ec:d9:
75:fb:a7:df:34:17:83:95:0e:17:b8:56:f0:ff:bb:ce:af:3d:
7d:20:9b:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwcGAD67JKRYecJfU3iYYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWI1MTZlYTkwMmQ5NjRhZGIyYWE2ZGNhZDlhMWRjMGY1
YjdlZmUwHhcNMjMwMTAyMDMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc3ODM3MDdmMWU4ZDhmMzJjYTk0YWIyYzc1ZjZiNzYzODNjN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDgOsZOkSx/nSKxb7EOwxgD1po04
ddwrSe6smC2pueWW+P+DLxM+MjPA7F3Osf9/1cplbsM7caZlJFIBVzSslxrerQ0N
nq9StlaWzeOe9YlXEaceML+MyjdkU1aAzDOiIt9+xk5u31jwhommceMatPRMBE3q
/L1YmyQjZWCrjiFRCQmkHSUzGwocq8fzCTl+i2sibL0xbctd3GEJTlBHP4Nc7zYH
O3KJA9zyXRGtFbTy8YCT6eTEqKzojre0DpIOlExl2U/HSFNv/kwHOLByCxXYrlwA
82SrnOtGeetgfrw/bgBfCyAF2sR/2Ut7Vo4QtkqwcNf8dyC918tqv+Ux4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNV3g3B/Ho2PMsqUqyx19rdjg8ewMB8GA1UdIwQY
MBaAFDbrUW6pAtlkrbKqbcrZodwPW37+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnV0UmJxa0MyV1N0c3FwdHl0bWgzQTliZnY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNmM2NzUtZGVmNy00MjMyLTgxMWIt
OGY3NmMzMjkxZmJjLzEvMVhlRGNIOGVqWTh5eXBTckxIWDJ0Mk9EeDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yNmM2NzUtZGVmNy00MjMyLTgxMWItOGY3NmMzMjkxZmJj
LzEvTnV0UmJxa0MyV1N0c3FwdHl0bWgzQTliZnY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+nOMA8E
AgACMAkDBwAgAQZ4DDAwDQYJKoZIhvcNAQELBQADggEBAHqPI37YufQ9caaugIS1
HmeS8imx/bzwD054sXg0UbR2PBAbiENZdY3VV3sbllpsX4oZL/NNqW8lBhtBZ+ft
3pMcLkYaAavFR6JTW8xYzbY6fmH5yUngNtv9abOcNHEkcI3LsZX7svZiBiJJr1th
HCz6+aYAhs7UhGHgiA3tVKwTTl0KUdgOvw1VzZuaPmxFsu92a4GeZzuVjKO+cp2Z
Gz+wwkascvI5+EBgSauBtSZXpj7Fc6GPl4w1HaXJ2du7O8Abut22WFC63mKXz3S5
DxTlXY3Mlr4t1cHhp13gkTcpQjL0MWYHNLTs2XX7p980F4OVDhe4VvD/u86vPX0g
m/0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:05 2024 by rpki-client on console.sobornost.net