Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nWbxtQy06mfArGCelV-tAA-T7Jk.roa
File: nWbxtQy06mfArGCelV-tAA-T7Jk.roa (raw, json)
Hash identifier: Qx+gZJ73IrGqiHJHxJdR2QwhxgiPBzAE4TAlTxbntU0=
Subject key identifier: 9D:66:F1:B5:0C:B4:EA:67:C0:AC:60:9E:95:5F:AD:00:0F:93:EC:99
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CDA66B0A5FEE6294674DC1CF43506
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nWbxtQy06mfArGCelV-tAA-T7Jk.roa
Signing time: Mon 02 Jan 2023 15:15:00 +0000
ROA not before: Mon 02 Jan 2023 15:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213079
IP address blocks: 147.234.85.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:da:66:b0:a5:fe:e6:29:46:74:dc:1c:f4:35:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d66f1b50cb4ea67c0ac609e955fad000f93ec99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:60:55:ef:b2:6f:ac:d8:35:50:d4:2b:6d:
22:5f:da:ad:25:ee:da:ff:1e:2e:66:68:16:ab:eb:
94:1e:73:50:cf:16:66:bd:ee:f1:b3:cb:9f:f2:da:
f6:f0:30:ff:11:2d:09:35:d6:b2:5d:ca:12:98:79:
80:25:49:03:08:a2:24:59:13:2b:cc:e6:6e:04:ca:
e5:f4:04:a2:01:e8:e3:b9:90:47:35:f8:68:65:ad:
92:ee:d9:ef:1b:2e:6e:f8:42:f4:e5:9f:d0:50:16:
84:72:0f:fe:51:c3:88:13:e7:3a:ab:7c:77:a7:80:
7b:4a:59:58:04:bf:83:e8:ab:d5:2d:a5:af:cc:45:
e0:aa:5d:ac:93:ee:00:2a:5a:12:6f:b7:66:66:24:
d8:a3:58:35:89:9f:70:0e:9a:2d:a9:f8:81:0c:ef:
4d:93:a1:13:e9:d6:7f:89:a7:56:8c:48:70:51:21:
64:e9:72:14:92:be:42:3c:9e:4a:31:83:00:86:bb:
cb:a1:58:1c:a1:25:00:f9:2c:cb:50:18:c0:13:ad:
35:19:da:53:16:e6:53:9a:62:4b:09:9e:bf:84:b1:
c0:dc:50:f5:76:57:54:3a:57:cb:46:e5:0c:d0:c5:
c6:a9:b2:e6:e6:1c:16:b4:d5:0d:c9:ae:7e:7a:e3:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:66:F1:B5:0C:B4:EA:67:C0:AC:60:9E:95:5F:AD:00:0F:93:EC:99
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/nWbxtQy06mfArGCelV-tAA-T7Jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:61:96:f3:6e:0a:88:75:47:b9:c0:bd:a3:0b:ca:27:77:95:
69:91:21:81:37:bd:20:6b:0a:3d:e3:de:22:74:4d:7b:13:70:
ac:5f:8b:f5:ca:32:c2:06:1b:a9:1b:03:e0:58:52:ca:d3:79:
3f:59:2c:bd:57:96:11:d0:ec:bd:3e:e7:ce:91:f5:d1:1b:d1:
26:28:e2:8c:25:d8:50:3c:5d:3a:4b:9f:9a:8b:a3:d9:54:75:
97:28:25:99:f5:2d:f5:9e:d3:91:14:fc:c4:77:ba:f4:fb:19:
ba:3e:a4:70:6c:bc:5d:33:35:f1:92:c1:3e:be:0a:ae:86:3c:
aa:0d:84:4b:72:a6:4f:55:9f:34:b6:63:60:4f:0b:41:75:cc:
cd:78:ad:5d:54:07:9b:3a:08:da:6f:ab:c4:59:02:1c:71:1a:
bb:1d:a1:f7:e8:fd:16:c9:9a:61:1a:c7:f0:58:9d:fa:ce:a0:
67:b0:dc:67:22:bb:a5:f3:26:1b:a6:fe:4a:ca:07:c5:96:39:
97:b6:3a:57:68:93:0a:e0:7f:78:d4:2d:2f:bc:31:9f:ba:1a:
59:58:69:47:d3:12:5d:0d:57:4f:62:1e:92:09:e3:be:c6:08:
b8:01:8a:2a:23:86:84:41:0d:c1:df:c2:56:b9:f7:34:dd:3f:
20:f4:e2:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNpmsKX+5ilGdNwc9DUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY2ZjFiNTBjYjRlYTY3YzBhYzYwOWU5NTVmYWQwMDBmOTNlYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO5gVe+yb6zYNVDUK20iX9qtJe7a
/x4uZmgWq+uUHnNQzxZmve7xs8uf8tr28DD/ES0JNdayXcoSmHmAJUkDCKIkWRMr
zOZuBMrl9ASiAejjuZBHNfhoZa2S7tnvGy5u+EL05Z/QUBaEcg/+UcOIE+c6q3x3
p4B7SllYBL+D6KvVLaWvzEXgql2sk+4AKloSb7dmZiTYo1g1iZ9wDpotqfiBDO9N
k6ET6dZ/iadWjEhwUSFk6XIUkr5CPJ5KMYMAhrvLoVgcoSUA+SzLUBjAE601GdpT
FuZTmmJLCZ6/hLHA3FD1dldUOlfLRuUM0MXGqbLm5hwWtNUNya5+euOJqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1m8bUMtOpnwKxgnpVfrQAPk+yZMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvbldieHRReTA2bWZBckdDZWxWLXRBQS1UN0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+pVMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYZbzbgqIdUe5wL2jC8ond5VpkSGBN70gawo9494i
dE17E3CsX4v1yjLCBhupGwPgWFLK03k/WSy9V5YR0Oy9PufOkfXRG9EmKOKMJdhQ
PF06S5+ai6PZVHWXKCWZ9S31ntORFPzEd7r0+xm6PqRwbLxdMzXxksE+vgquhjyq
DYRLcqZPVZ80tmNgTwtBdczNeK1dVAebOgjab6vEWQIccRq7HaH36P0WyZphGsfw
WJ36zqBnsNxnIrul8yYbpv5KygfFljmXtjpXaJMK4H941C0vvDGfuhpZWGlH0xJd
DVdPYh6SCeO+xgi4AYoqI4aEQQ3B38JWufc03T8g9OL0
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:24 2024 by rpki-client on console.sobornost.net