Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/cdOjIgaQhzEvt133OOSXXVYWvwk.roa
File: cdOjIgaQhzEvt133OOSXXVYWvwk.roa (raw, json)
Hash identifier: ZRrEV13/+Y16fk0fxwQy5zgPP3qwlkSveNxanuiIlu8=
Subject key identifier: 71:D3:A3:22:06:90:87:31:2F:B7:5D:F7:38:E4:97:5D:56:16:BF:09
Certificate issuer: /CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Certificate serial: 018B23B17B989370F3000333DA8DD1E221A8
Authority key identifier: B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/cdOjIgaQhzEvt133OOSXXVYWvwk.roa
Signing time: Thu 12 Oct 2023 11:41:55 +0000
ROA not before: Thu 12 Oct 2023 11:41:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 91.214.170.0/24 maxlen: 24
91.214.168.0/24 maxlen: 24
91.214.168.0/22 maxlen: 22
91.214.169.0/24 maxlen: 24
91.213.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:b1:7b:98:93:70:f3:00:03:33:da:8d:d1:e2:21:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ef19bcb23a2f04c586ac1311a91bc7ca2a9765
Validity
Not Before: Oct 12 11:41:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d3a322069087312fb75df738e4975d5616bf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:0b:09:f2:b6:2d:e5:86:4d:8f:3e:b4:c2:
bb:fd:0c:73:fe:e7:7d:01:df:13:6c:dc:0d:94:0f:
6b:95:f7:41:22:f5:59:75:a8:03:72:52:78:40:26:
dd:61:16:ee:22:dc:ed:38:8d:1b:89:15:28:75:d9:
ea:d8:55:77:1d:c9:eb:09:a6:46:85:a2:13:be:13:
8b:07:fa:95:45:d4:13:b2:45:06:4d:00:ad:78:fe:
53:fb:9a:e7:d4:6f:7f:da:1a:59:32:e5:e9:5d:73:
59:5c:be:c9:cf:31:01:74:04:74:02:30:13:2e:0a:
7c:1a:60:00:7d:c3:aa:23:31:39:de:52:5d:e0:17:
ee:e8:e6:22:7d:94:62:4e:72:3e:c1:02:5c:c8:e0:
5c:55:23:7d:90:7b:b1:85:24:5a:46:b8:2f:c8:09:
8c:7f:2b:65:6f:d5:d4:ad:ee:4d:89:3b:4f:0a:1e:
7b:36:67:e9:e5:75:9c:87:cc:6b:4b:95:ab:cc:bb:
50:e0:41:8a:84:9a:62:92:0d:fa:1e:33:87:28:dd:
9a:d8:60:c5:da:a8:c8:eb:cd:6b:8d:df:83:52:76:
5b:37:c5:8e:84:49:37:3d:10:d5:c6:93:5b:00:e6:
6d:36:bf:83:f2:a3:53:dc:fb:58:c3:6d:d2:82:a2:
32:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D3:A3:22:06:90:87:31:2F:B7:5D:F7:38:E4:97:5D:56:16:BF:09
X509v3 Authority Key Identifier:
keyid:B0:EF:19:BC:B2:3A:2F:04:C5:86:AC:13:11:A9:1B:C7:CA:2A:97:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sO8ZvLI6LwTFhqwTEakbx8oql2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/cdOjIgaQhzEvt133OOSXXVYWvwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/af3e51-79d6-4078-a569-d0003a6b5224/1/sO8ZvLI6LwTFhqwTEakbx8oql2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.4.0/24
91.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
88:87:a6:19:ef:7e:9e:f0:f1:38:8e:ea:0a:55:ac:36:e2:65:
ed:a1:3d:3f:47:19:9a:21:75:1f:50:0e:f4:4e:64:56:d4:61:
2b:eb:9a:17:87:13:25:a9:94:b3:c3:c7:20:cd:0f:65:7f:74:
b1:e1:98:25:5f:3e:0f:16:13:42:c1:33:c8:2f:2e:21:38:30:
75:42:1c:10:21:af:e9:47:27:aa:8e:58:47:a9:8e:9b:aa:51:
86:77:a1:f2:2b:16:7c:ac:54:9b:f1:c7:36:0e:7c:6c:1c:0c:
bc:05:b7:81:85:0d:87:d1:f4:ac:6d:5a:0d:ee:48:0a:ca:48:
01:6b:da:f5:6f:c8:11:74:3d:d3:84:f1:51:43:53:ab:30:dd:
4c:e6:d5:eb:24:17:21:f3:91:76:3e:92:f8:39:f6:49:52:20:
be:a2:6f:12:69:31:01:b0:18:85:f8:31:17:07:41:ed:88:3a:
2d:5c:f2:f9:6d:5a:b9:4f:84:b4:e3:0f:aa:68:00:af:b1:90:
97:7f:80:a9:91:f1:70:56:4f:51:f3:7d:66:8e:24:7d:6c:3e:
9b:c6:30:9b:b0:1e:7a:80:dd:94:bc:1c:0b:c1:3b:21:b4:16:
9d:33:66:18:2d:3f:a2:a8:63:10:ba:18:6e:75:7a:4b:96:45:
73:c2:cf:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsjsXuYk3DzAAMz2o3R4iGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZWYxOWJjYjIzYTJmMDRjNTg2YWMxMzExYTkxYmM3Y2Ey
YTk3NjUwHhcNMjMxMDEyMTE0MTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQzYTMyMjA2OTA4NzMxMmZiNzVkZjczOGU0OTc1ZDU2MTZiZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0wLCfK2LeWGTY8+tMK7/Qxz/ud9
Ad8TbNwNlA9rlfdBIvVZdagDclJ4QCbdYRbuItztOI0biRUoddnq2FV3HcnrCaZG
haITvhOLB/qVRdQTskUGTQCteP5T+5rn1G9/2hpZMuXpXXNZXL7JzzEBdAR0AjAT
Lgp8GmAAfcOqIzE53lJd4Bfu6OYifZRiTnI+wQJcyOBcVSN9kHuxhSRaRrgvyAmM
fytlb9XUre5NiTtPCh57Nmfp5XWch8xrS5WrzLtQ4EGKhJpikg36HjOHKN2a2GDF
2qjI681rjd+DUnZbN8WOhEk3PRDVxpNbAOZtNr+D8qNT3PtYw23SgqIyXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHToyIGkIcxL7dd9zjkl11WFr8JMB8GA1UdIwQY
MBaAFLDvGbyyOi8ExYasExGpG8fKKpdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1Njkt
ZDAwMDNhNmI1MjI0LzEvY2RPaklnYVFoekV2dDEzM09PU1hYVllXdndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZjNlNTEtNzlkNi00MDc4LWE1NjktZDAwMDNhNmI1MjI0
LzEvc084WnZMSTZMd1RGaHF3VEVha2J4OG9xbDJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9UEAwQC
W9aoMA0GCSqGSIb3DQEBCwUAA4IBAQCIh6YZ736e8PE4juoKVaw24mXtoT0/Rxma
IXUfUA70TmRW1GEr65oXhxMlqZSzw8cgzQ9lf3Sx4ZglXz4PFhNCwTPILy4hODB1
QhwQIa/pRyeqjlhHqY6bqlGGd6HyKxZ8rFSb8cc2DnxsHAy8BbeBhQ2H0fSsbVoN
7kgKykgBa9r1b8gRdD3ThPFRQ1OrMN1M5tXrJBch85F2PpL4OfZJUiC+om8SaTEB
sBiF+DEXB0HtiDotXPL5bVq5T4S04w+qaACvsZCXf4CpkfFwVk9R831mjiR9bD6b
xjCbsB56gN2UvBwLwTshtBadM2YYLT+iqGMQuhhudXpLlkVzws/F
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:26 2023 by rpki-client on console.sobornost.net