Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/ckwYpNRLYMVr9njaOq1No-2XACY.roa
File: ckwYpNRLYMVr9njaOq1No-2XACY.roa (raw, json)
Hash identifier: Bm/Mtz1YZugM8zcA3sz7qLlqAByEsOMTXHXE68MBcSo=
Subject key identifier: 72:4C:18:A4:D4:4B:60:C5:6B:F6:78:DA:3A:AD:4D:A3:ED:97:00:26
Certificate issuer: /CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Certificate serial: 0185720C559FC54998EAA93EC1C61E72C937
Authority key identifier: AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/ckwYpNRLYMVr9njaOq1No-2XACY.roa
Signing time: Mon 02 Jan 2023 10:34:49 +0000
ROA not before: Mon 02 Jan 2023 10:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39904
IP address blocks: 46.227.168.0/21 maxlen: 32
91.215.12.0/22 maxlen: 32
195.189.0.0/22 maxlen: 32
2a02:7a00::/32 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:55:9f:c5:49:98:ea:a9:3e:c1:c6:1e:72:c9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Validity
Not Before: Jan 2 10:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=724c18a4d44b60c56bf678da3aad4da3ed970026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ae:1e:85:d0:5c:88:bf:2d:d9:3d:b0:08:56:
99:ed:03:e7:4b:b7:19:c0:80:c0:a7:f9:2f:a4:04:
e7:ed:ee:71:da:5c:e2:df:74:60:1e:e1:fc:6c:eb:
be:68:58:44:d5:3b:52:83:24:dd:e6:5e:47:85:dd:
ac:69:24:3e:53:1a:58:50:b5:bc:30:8a:a3:bd:d7:
60:11:bb:e5:fb:97:00:6c:c4:77:73:73:db:a4:41:
ff:0b:f0:68:ae:8d:59:e9:3a:19:e2:db:b7:49:83:
84:f3:b2:db:0b:7d:ea:8c:e3:4e:cb:4f:ee:27:62:
fb:08:de:e7:49:6c:af:de:8f:54:01:a9:78:85:e2:
9e:60:b7:b9:ec:81:44:89:2f:fa:f5:77:af:46:4c:
3b:c3:04:84:ad:d5:1b:d1:fb:38:b6:84:a8:a4:0b:
8b:11:21:bb:41:62:8c:50:67:4a:cc:c3:74:a1:a3:
60:40:20:94:67:28:97:fe:e2:95:cd:45:00:13:49:
6f:82:2f:6a:b2:5b:19:57:23:1d:b1:39:7e:f6:6a:
db:d3:55:c5:5e:2b:de:dd:8e:c3:be:4d:48:39:72:
7a:81:98:81:11:c5:07:74:9f:a5:5e:26:ef:96:8b:
1d:d6:84:2d:10:9e:31:38:98:93:09:0a:74:ba:b8:
d4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4C:18:A4:D4:4B:60:C5:6B:F6:78:DA:3A:AD:4D:A3:ED:97:00:26
X509v3 Authority Key Identifier:
keyid:AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/ckwYpNRLYMVr9njaOq1No-2XACY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/rqwbISmrusZTn4DaZVDElyHQqMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.168.0/21
91.215.12.0/22
195.189.0.0/22
IPv6:
2a02:7a00::/32
Signature Algorithm: sha256WithRSAEncryption
17:6f:d9:8c:da:69:54:f8:38:e1:1f:13:4a:59:6e:13:35:f3:
cf:5c:c9:9c:77:0b:cf:3d:19:85:f3:b7:c7:4b:8e:70:a6:10:
9a:74:a5:8d:ad:18:9a:30:f4:c9:e2:48:ed:2b:de:e8:7a:bc:
a1:84:45:fd:34:68:88:af:c4:46:ba:6f:62:1d:2b:61:ff:de:
72:3b:3d:26:9d:17:b1:fd:0b:0e:57:7c:14:3b:27:29:4f:6c:
fc:59:c2:50:f3:68:54:f2:14:e5:7c:56:58:45:39:98:19:61:
77:8c:f1:99:3a:56:df:21:52:e1:b6:5c:ae:7c:2b:9e:55:c0:
2f:8b:e0:25:11:13:13:0d:68:f8:23:2f:06:6a:c6:86:44:ef:
da:dd:26:91:b2:06:06:82:a4:6a:de:fd:56:30:82:25:2d:33:
9e:09:c7:74:78:c9:46:7b:1d:cd:bf:5e:b1:5a:13:14:dc:30:
8c:0c:5a:a6:d9:78:15:77:0a:35:70:81:b1:76:80:66:ad:c8:
38:bc:10:76:3d:7e:0c:15:ca:34:92:38:d2:9d:df:67:4b:1a:
4f:b9:c6:6b:b2:0d:2d:76:2b:c6:cc:c7:8c:55:e3:93:55:6b:
dc:84:47:8d:30:1c:3a:0d:d6:70:bf:47:3f:c3:d8:39:a0:29:
a2:2a:57:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyDFWfxUmY6qk+wcYecsk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYWMxYjIxMjlhYmJhYzY1MzlmODBkYTY1NTBjNDk3MjFk
MGE4YzQwHhcNMjMwMTAyMTAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRjMThhNGQ0NGI2MGM1NmJmNjc4ZGEzYWFkNGRhM2VkOTcwMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq4ehdBciL8t2T2wCFaZ7QPnS7cZ
wIDAp/kvpATn7e5x2lzi33RgHuH8bOu+aFhE1TtSgyTd5l5Hhd2saSQ+UxpYULW8
MIqjvddgEbvl+5cAbMR3c3PbpEH/C/Boro1Z6ToZ4tu3SYOE87LbC33qjONOy0/u
J2L7CN7nSWyv3o9UAal4heKeYLe57IFEiS/69XevRkw7wwSErdUb0fs4toSopAuL
ESG7QWKMUGdKzMN0oaNgQCCUZyiX/uKVzUUAE0lvgi9qslsZVyMdsTl+9mrb01XF
Xive3Y7Dvk1IOXJ6gZiBEcUHdJ+lXibvlosd1oQtEJ4xOJiTCQp0urjUHQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHJMGKTUS2DFa/Z42jqtTaPtlwAmMB8GA1UdIwQY
MBaAFK6sGyEpq7rGU5+A2mVQxJch0KjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGIt
ODY2YjJiMDIxZmM1LzEvY2t3WXBOUkxZTVZyOW5qYU9xMU5vLTJYQUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGItODY2YjJiMDIxZmM1
LzEvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuOoAwQC
W9cMAwQCw70AMA0EAgACMAcDBQAqAnoAMA0GCSqGSIb3DQEBCwUAA4IBAQAXb9mM
2mlU+DjhHxNKWW4TNfPPXMmcdwvPPRmF87fHS45wphCadKWNrRiaMPTJ4kjtK97o
eryhhEX9NGiIr8RGum9iHSth/95yOz0mnRex/QsOV3wUOycpT2z8WcJQ82hU8hTl
fFZYRTmYGWF3jPGZOlbfIVLhtlyufCueVcAvi+AlERMTDWj4Iy8GasaGRO/a3SaR
sgYGgqRq3v1WMIIlLTOeCcd0eMlGex3Nv16xWhMU3DCMDFqm2XgVdwo1cIGxdoBm
rcg4vBB2PX4MFco0kjjSnd9nSxpPucZrsg0tdivGzMeMVeOTVWvchEeNMBw6DdZw
v0c/w9g5oCmiKldj
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:48 2024 by rpki-client on console.sobornost.net