Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/G5MndGbzte8oQNGgWIAccWuBh1Y.roa
File: G5MndGbzte8oQNGgWIAccWuBh1Y.roa (raw, json)
Hash identifier: d3ZGDoG69pqlxXlQtU34naDdrGTRk7UBnifKIH8e310=
Subject key identifier: 1B:93:27:74:66:F3:B5:EF:28:40:D1:A0:58:80:1C:71:6B:81:87:56
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018BF0370E084950F3C1FFE1EBF656542583
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/G5MndGbzte8oQNGgWIAccWuBh1Y.roa
Signing time: Tue 21 Nov 2023 04:50:21 +0000
ROA not before: Tue 21 Nov 2023 04:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 46.20.111.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:37:0e:08:49:50:f3:c1:ff:e1:eb:f6:56:54:25:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Nov 21 04:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b93277466f3b5ef2840d1a058801c716b818756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:56:70:7b:74:7e:1c:66:d3:6b:67:80:79:
73:d5:25:6b:ba:29:75:23:3f:2c:1f:7e:ca:22:7e:
91:04:a9:04:90:3a:53:60:3d:45:35:f6:7f:df:d7:
71:12:e3:73:ec:d8:2e:45:fe:4e:a4:a1:9f:38:05:
cd:bb:59:1c:07:21:9c:9d:7d:7d:dc:9e:e8:ca:8b:
b5:76:c0:96:a1:83:d1:50:9a:35:3c:f8:fd:bd:c3:
59:4c:bd:a0:46:af:f4:cd:f8:ea:67:91:0e:46:1e:
50:2d:7f:0c:a9:71:76:11:95:2f:32:2e:eb:98:b6:
07:c0:48:8c:09:95:8d:ca:74:c9:0f:e7:4d:7a:b8:
00:bc:52:37:6a:18:31:32:8f:42:d6:04:26:8f:3d:
20:15:17:64:0c:b3:60:11:7a:fb:de:3d:8c:92:33:
b4:a2:ba:a3:fa:1f:d5:d0:9f:56:96:68:cb:1f:90:
18:f3:8d:75:dd:d4:5f:82:0a:6f:09:70:16:06:d7:
f5:2a:d6:f8:1f:a5:db:d1:fe:9d:7b:b6:b5:aa:4a:
91:26:97:ff:2e:d1:38:ec:97:1b:5e:f5:fa:19:70:
6b:e6:40:5e:ba:e9:31:a2:2b:5e:e5:07:43:1d:90:
ae:e2:73:76:0c:27:23:f5:05:5d:62:c9:a1:ab:6e:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:93:27:74:66:F3:B5:EF:28:40:D1:A0:58:80:1C:71:6B:81:87:56
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/G5MndGbzte8oQNGgWIAccWuBh1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.105.0/24
46.20.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:22:e3:72:f8:c6:82:da:a8:25:72:0b:92:e8:c1:42:9f:a2:
9b:ed:dd:b8:5f:f1:77:2e:a8:3f:6d:11:e3:8a:0e:69:15:d9:
c3:c4:b9:62:be:d8:38:f3:d0:7e:41:42:35:26:ce:c0:32:41:
3d:6e:23:91:95:99:5d:0f:c6:fa:57:e8:c5:f6:03:d5:7b:42:
d2:c6:3f:b7:e7:d5:c0:81:2d:12:ca:78:2f:58:97:3a:8e:3d:
e8:6e:f9:e9:d9:c8:41:f7:ce:1f:a8:c2:a0:eb:3b:9a:6c:08:
93:a2:bb:9e:ae:be:a6:61:fa:75:3f:7b:92:92:7d:98:c4:0b:
9e:2f:ae:6e:91:ed:b9:fa:74:10:16:cf:2a:77:1b:53:a8:ae:
2e:8d:04:a0:21:3d:07:03:7e:81:9e:b3:f1:e5:06:4e:28:4d:
86:a1:ea:08:9e:7e:c3:48:ab:2b:b8:bb:6a:c6:ca:53:99:f7:
0e:f5:d5:ef:67:f8:6a:e7:c8:9c:1e:19:f8:15:6c:d4:3f:b6:
d3:20:87:dd:da:7f:88:64:87:02:fc:5d:2f:ef:e7:90:8c:b2:
6b:da:ac:39:43:d9:16:4c:85:54:de:b8:e3:c6:13:ef:4c:ee:
b9:94:26:12:d2:c2:fe:20:13:c2:41:ef:da:88:99:c6:c6:55:
de:f9:df:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvwNw4ISVDzwf/h6/ZWVCWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMTIxMDQ1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkzMjc3NDY2ZjNiNWVmMjg0MGQxYTA1ODgwMWM3MTZiODE4NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRdWcHt0fhxm02tngHlz1SVruil1
Iz8sH37KIn6RBKkEkDpTYD1FNfZ/39dxEuNz7NguRf5OpKGfOAXNu1kcByGcnX19
3J7oyou1dsCWoYPRUJo1PPj9vcNZTL2gRq/0zfjqZ5EORh5QLX8MqXF2EZUvMi7r
mLYHwEiMCZWNynTJD+dNergAvFI3ahgxMo9C1gQmjz0gFRdkDLNgEXr73j2MkjO0
orqj+h/V0J9WlmjLH5AY84113dRfggpvCXAWBtf1Ktb4H6Xb0f6de7a1qkqRJpf/
LtE47JcbXvX6GXBr5kBeuukxoite5QdDHZCu4nN2DCcj9QVdYsmhq24SoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBuTJ3Rm87XvKEDRoFiAHHFrgYdWMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvRzVNbmRHYnp0ZThvUU5HZ1dJQWNjV3VCaDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRhAwQA
LhRpAwQALhRvMA0GCSqGSIb3DQEBCwUAA4IBAQAuIuNy+MaC2qglcguS6MFCn6Kb
7d24X/F3Lqg/bRHjig5pFdnDxLlivtg489B+QUI1Js7AMkE9biORlZldD8b6V+jF
9gPVe0LSxj+359XAgS0SyngvWJc6jj3obvnp2chB984fqMKg6zuabAiToruerr6m
Yfp1P3uSkn2YxAueL65uke25+nQQFs8qdxtTqK4ujQSgIT0HA36BnrPx5QZOKE2G
oeoInn7DSKsruLtqxspTmfcO9dXvZ/hq58icHhn4FWzUP7bTIIfd2n+IZIcC/F0v
7+eQjLJr2qw5Q9kWTIVU3rjjxhPvTO65lCYS0sL+IBPCQe/aiJnGxlXe+d8W
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:36 2024 by rpki-client on console.sobornost.net