Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2fbf2c-542f-4c98-99db-a4e5de8ee716/1/pF5y1Rt6h7XmOj36d4t8qRzy6f4.roa
File: pF5y1Rt6h7XmOj36d4t8qRzy6f4.roa (raw, json)
Hash identifier: 4zftoWoUEMkLUWFwtYaW/6nBAFNfWW+lVXhuvQ5sCV8=
Subject key identifier: A4:5E:72:D5:1B:7A:87:B5:E6:3A:3D:FA:77:8B:7C:A9:1C:F2:E9:FE
Certificate issuer: /CN=3d16072ca0252fab50658d736ff2c60c1629dc76
Certificate serial: 018571BA26E3ACE3768B7D1BACAB12A036BE
Authority key identifier: 3D:16:07:2C:A0:25:2F:AB:50:65:8D:73:6F:F2:C6:0C:16:29:DC:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PRYHLKAlL6tQZY1zb_LGDBYp3HY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2fbf2c-542f-4c98-99db-a4e5de8ee716/1/pF5y1Rt6h7XmOj36d4t8qRzy6f4.roa
Signing time: Mon 02 Jan 2023 09:05:03 +0000
ROA not before: Mon 02 Jan 2023 09:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211611
IP address blocks: 91.244.247.0/24 maxlen: 24
45.86.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:26:e3:ac:e3:76:8b:7d:1b:ac:ab:12:a0:36:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d16072ca0252fab50658d736ff2c60c1629dc76
Validity
Not Before: Jan 2 09:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a45e72d51b7a87b5e63a3dfa778b7ca91cf2e9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:83:f5:a8:a1:8d:33:96:94:24:19:d2:be:
c4:e3:82:ed:51:96:f6:ef:9c:45:d2:27:cd:00:c3:
e5:87:46:6c:22:93:78:23:61:34:22:b2:56:af:9e:
cd:30:ef:7e:49:9e:fd:fb:ef:84:b3:df:f0:b2:6a:
95:65:97:e4:42:be:fc:6f:1d:89:db:c9:fe:d9:b9:
b7:08:3e:c3:88:f1:67:3e:9d:57:e0:bb:29:08:f4:
a4:c2:16:de:23:f3:66:ba:36:31:93:ea:ca:da:4f:
d2:d8:34:d2:d6:0b:53:21:50:2d:be:cd:e0:a7:c7:
40:12:bc:8d:00:ea:e5:ea:9f:04:3b:dc:c7:7f:63:
f4:46:80:c7:f7:2e:18:a4:8d:2c:de:a6:6a:ba:d4:
c2:ae:47:80:2d:7c:0b:4b:01:8e:06:68:ec:04:26:
00:80:5d:13:a6:6f:3f:c5:48:ac:2f:09:da:50:cf:
1b:c5:3c:2f:c3:74:e6:a3:4d:0c:3a:a8:a2:85:60:
e2:ea:8b:36:dc:e6:10:f7:b2:a6:47:89:20:0a:cb:
31:bf:d9:c2:83:70:19:f0:fe:02:ef:70:e5:18:e2:
de:57:d6:b2:91:d0:00:57:df:85:c7:28:3c:1a:ca:
22:96:a1:40:5b:a3:e7:05:33:0a:cd:31:a7:4a:50:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5E:72:D5:1B:7A:87:B5:E6:3A:3D:FA:77:8B:7C:A9:1C:F2:E9:FE
X509v3 Authority Key Identifier:
keyid:3D:16:07:2C:A0:25:2F:AB:50:65:8D:73:6F:F2:C6:0C:16:29:DC:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRYHLKAlL6tQZY1zb_LGDBYp3HY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2fbf2c-542f-4c98-99db-a4e5de8ee716/1/pF5y1Rt6h7XmOj36d4t8qRzy6f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2fbf2c-542f-4c98-99db-a4e5de8ee716/1/PRYHLKAlL6tQZY1zb_LGDBYp3HY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.220.0/24
91.244.247.0/24
Signature Algorithm: sha256WithRSAEncryption
74:75:4e:df:02:df:c7:70:2e:60:bd:fc:5c:d8:7f:9d:a1:14:
bb:a6:67:01:3a:f0:f0:16:7f:fc:fd:53:40:5d:fc:13:09:7d:
00:eb:35:27:1a:9f:33:a9:43:49:7e:0e:04:74:33:70:43:8f:
23:63:7c:86:d9:20:39:a3:2a:df:58:4a:b6:e0:d1:39:b9:8b:
79:09:14:53:cb:18:13:fc:c2:8f:08:30:d5:2c:63:1b:9f:83:
93:01:6f:d3:bf:8d:21:d7:e2:5b:d5:d5:43:5c:c0:0e:78:ad:
6a:35:86:ec:5b:94:42:7a:63:c4:d4:97:d7:73:c6:89:97:fe:
fb:83:6c:0f:8a:19:98:01:13:d6:d1:df:13:2a:2c:a8:00:6a:
f9:18:5e:1e:b6:9e:bc:80:a5:7d:00:29:fd:95:b8:30:18:be:
a3:36:d5:ad:0f:5b:31:13:80:31:1c:87:bd:16:79:61:1c:86:
73:45:42:8d:eb:fe:a3:4d:4b:e4:a7:99:2c:3c:4d:67:61:64:
89:99:61:cf:bc:d1:4c:56:91:21:6d:16:2b:45:85:4a:11:64:
45:93:9c:53:96:85:e3:75:b0:c1:d7:08:76:71:6a:be:33:ea:
3d:5e:d1:75:9b:60:0f:fb:5d:d1:e1:dc:b8:9e:28:3a:d0:8b:
3b:e9:a9:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuibjrON2i30brKsSoDa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTYwNzJjYTAyNTJmYWI1MDY1OGQ3MzZmZjJjNjBjMTYy
OWRjNzYwHhcNMjMwMTAyMDkwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDVlNzJkNTFiN2E4N2I1ZTYzYTNkZmE3NzhiN2NhOTFjZjJlOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooqD9aihjTOWlCQZ0r7E44LtUZb2
75xF0ifNAMPlh0ZsIpN4I2E0IrJWr57NMO9+SZ79+++Es9/wsmqVZZfkQr78bx2J
28n+2bm3CD7DiPFnPp1X4LspCPSkwhbeI/NmujYxk+rK2k/S2DTS1gtTIVAtvs3g
p8dAEryNAOrl6p8EO9zHf2P0RoDH9y4YpI0s3qZqutTCrkeALXwLSwGOBmjsBCYA
gF0Tpm8/xUisLwnaUM8bxTwvw3Tmo00MOqiihWDi6os23OYQ97KmR4kgCssxv9nC
g3AZ8P4C73DlGOLeV9aykdAAV9+Fxyg8GsoilqFAW6PnBTMKzTGnSlA/YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKRectUbeoe15jo9+neLfKkc8un+MB8GA1UdIwQY
MBaAFD0WByygJS+rUGWNc2/yxgwWKdx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJZSExLQWxMNnRRWlkxemJfTEdEQllwM0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yZmJmMmMtNTQyZi00Yzk4LTk5ZGIt
YTRlNWRlOGVlNzE2LzEvcEY1eTFSdDZoN1htT2ozNmQ0dDhxUnp5NmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yZmJmMmMtNTQyZi00Yzk4LTk5ZGItYTRlNWRlOGVlNzE2
LzEvUFJZSExLQWxMNnRRWlkxemJfTEdEQllwM0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVbcAwQA
W/T3MA0GCSqGSIb3DQEBCwUAA4IBAQB0dU7fAt/HcC5gvfxc2H+doRS7pmcBOvDw
Fn/8/VNAXfwTCX0A6zUnGp8zqUNJfg4EdDNwQ48jY3yG2SA5oyrfWEq24NE5uYt5
CRRTyxgT/MKPCDDVLGMbn4OTAW/Tv40h1+Jb1dVDXMAOeK1qNYbsW5RCemPE1JfX
c8aJl/77g2wPihmYARPW0d8TKiyoAGr5GF4etp68gKV9ACn9lbgwGL6jNtWtD1sx
E4AxHIe9FnlhHIZzRUKN6/6jTUvkp5ksPE1nYWSJmWHPvNFMVpEhbRYrRYVKEWRF
k5xTloXjdbDB1wh2cWq+M+o9XtF1m2AP+13R4dy4nig60Is76amy
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:10 2024 by rpki-client on console.sobornost.net