Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/h2DnGRH79I3t17hK3s5SqngIA3I.roa
File: h2DnGRH79I3t17hK3s5SqngIA3I.roa (raw, json)
Hash identifier: NfvcYw20hxOm04BeMDhK9DmthPxgnLI0eqI3Bu1jmZE=
Subject key identifier: 87:60:E7:19:11:FB:F4:8D:ED:D7:B8:4A:DE:CE:52:AA:78:08:03:72
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 01891C7B9F100AAFCB567B322C680EFF69FB
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/h2DnGRH79I3t17hK3s5SqngIA3I.roa
Signing time: Mon 03 Jul 2023 16:00:10 +0000
ROA not before: Mon 03 Jul 2023 16:00:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 141.226.246.0/24 maxlen: 24
141.226.244.0/24 maxlen: 24
213.137.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:7b:9f:10:0a:af:cb:56:7b:32:2c:68:0e:ff:69:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jul 3 16:00:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8760e71911fbf48dedd7b84adece52aa78080372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:33:f8:ac:5a:f1:c9:ed:21:c7:de:e8:e3:1a:
13:58:37:da:79:7f:3f:6e:4f:7b:cb:46:7b:2b:7e:
d2:54:bc:18:d9:ff:67:5b:4b:73:f8:35:38:2f:0e:
da:69:20:f3:59:33:ab:8c:62:cc:36:14:f5:c6:54:
a5:9f:d8:c8:da:61:dc:bf:08:44:15:4c:b9:09:f5:
90:ed:04:0e:af:71:ab:6e:0b:df:2d:9b:7a:15:3a:
09:60:0b:fb:03:ef:c4:33:6e:a6:a7:53:7e:45:be:
36:f9:93:05:c2:20:2b:41:55:2b:84:3f:1e:21:cb:
8b:e9:c1:c5:06:85:72:75:00:4a:cb:c2:bb:8b:35:
ac:c0:de:e8:c8:b1:df:a9:93:b4:d2:77:1b:89:fc:
23:c8:ae:df:02:90:65:e8:a5:e8:04:74:09:15:1c:
fc:82:4f:50:b2:78:09:64:89:df:96:a0:6e:6a:cd:
2e:05:8a:7f:e2:75:29:d2:bc:80:ae:c2:36:9f:f3:
f4:20:bb:40:f4:e2:1b:14:d9:61:d7:f8:93:38:98:
c7:73:b3:a5:1b:7f:e8:6a:45:f8:a2:2b:d4:bc:7d:
03:8b:13:d8:10:17:fd:b9:df:c8:0b:1c:97:ae:24:
dc:54:fe:44:7d:05:dd:19:a0:d3:bb:2b:70:93:cc:
2f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:60:E7:19:11:FB:F4:8D:ED:D7:B8:4A:DE:CE:52:AA:78:08:03:72
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/h2DnGRH79I3t17hK3s5SqngIA3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.244.0/24
141.226.246.0/24
213.137.80.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:49:b5:91:2e:d1:72:ec:cf:49:7d:44:fe:2e:57:a1:08:7e:
fb:4c:ba:09:e3:e0:d3:ae:3e:b1:ed:21:1c:94:8f:10:24:42:
12:07:08:78:32:01:a4:d0:b9:60:a5:a6:12:de:81:57:e1:55:
c8:9d:0a:81:96:56:38:6c:d9:0c:13:40:a3:c4:75:5a:4d:68:
a1:c1:bd:c3:b3:22:09:4b:af:42:29:9e:0a:29:e4:4c:cc:79:
c0:f9:0c:72:82:9a:02:1c:97:6d:db:99:bc:b6:80:31:72:b9:
ee:56:0d:3e:74:87:af:94:34:8f:31:ad:87:7c:2b:5b:68:74:
6b:ad:df:88:6d:96:52:80:b7:2f:4d:ef:13:65:99:d8:f1:8c:
be:bc:c7:e3:29:e4:7d:8f:b7:73:4a:57:6a:bc:8d:9e:c1:5b:
af:66:6d:12:ab:5a:18:78:02:d8:5d:ff:04:d3:d1:a8:77:a9:
46:a5:88:2a:28:bf:19:b7:fe:8f:9d:f0:6b:14:f5:4c:11:f1:
ae:46:12:df:d4:29:2c:40:a7:27:13:c2:39:09:00:25:cc:c2:
28:fe:86:29:99:30:10:a5:b0:a5:30:18:4b:8b:f4:4a:dd:57:
84:35:ee:b0:98:75:2e:2c:63:1b:f0:77:79:9e:2f:10:57:74:
a2:77:11:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkce58QCq/LVnsyLGgO/2n7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMwNzAzMTYwMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYwZTcxOTExZmJmNDhkZWRkN2I4NGFkZWNlNTJhYTc4MDgwMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzP4rFrxye0hx97o4xoTWDfaeX8/
bk97y0Z7K37SVLwY2f9nW0tz+DU4Lw7aaSDzWTOrjGLMNhT1xlSln9jI2mHcvwhE
FUy5CfWQ7QQOr3GrbgvfLZt6FToJYAv7A+/EM26mp1N+Rb42+ZMFwiArQVUrhD8e
IcuL6cHFBoVydQBKy8K7izWswN7oyLHfqZO00ncbifwjyK7fApBl6KXoBHQJFRz8
gk9QsngJZInflqBuas0uBYp/4nUp0ryArsI2n/P0ILtA9OIbFNlh1/iTOJjHc7Ol
G3/oakX4oivUvH0DixPYEBf9ud/ICxyXriTcVP5EfQXdGaDTuytwk8wv9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIdg5xkR+/SN7de4St7OUqp4CANyMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvaDJEbkdSSDc5STN0MTdoSzNzNVNxbmdJQTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjeL0AwQA
jeL2AwQA1YlQMA0GCSqGSIb3DQEBCwUAA4IBAQB6SbWRLtFy7M9JfUT+LlehCH77
TLoJ4+DTrj6x7SEclI8QJEISBwh4MgGk0LlgpaYS3oFX4VXInQqBllY4bNkME0Cj
xHVaTWihwb3DsyIJS69CKZ4KKeRMzHnA+QxygpoCHJdt25m8toAxcrnuVg0+dIev
lDSPMa2HfCtbaHRrrd+IbZZSgLcvTe8TZZnY8Yy+vMfjKeR9j7dzSldqvI2ewVuv
Zm0Sq1oYeALYXf8E09God6lGpYgqKL8Zt/6PnfBrFPVMEfGuRhLf1CksQKcnE8I5
CQAlzMIo/oYpmTAQpbClMBhLi/RK3VeENe6wmHUuLGMb8Hd5ni8QV3SidxH3
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:25 2023 by rpki-client on console.sobornost.net