Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OK_G7d3eFdN028GKTvkUbiiN0u8.roa
File: OK_G7d3eFdN028GKTvkUbiiN0u8.roa (raw, json)
Hash identifier: JsOisVAmSRxyf5JYXl8X+LR+rRWnQ/plM/v6s1cbU6g=
Subject key identifier: 38:AF:C6:ED:DD:DE:15:D3:74:DB:C1:8A:4E:F9:14:6E:28:8D:D2:EF
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018C58D6927802E3D501BE6EDECF8568A8DB
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OK_G7d3eFdN028GKTvkUbiiN0u8.roa
Signing time: Mon 11 Dec 2023 12:25:06 +0000
ROA not before: Mon 11 Dec 2023 12:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47554
IP address blocks: 80.253.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:d6:92:78:02:e3:d5:01:be:6e:de:cf:85:68:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Dec 11 12:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38afc6edddde15d374dbc18a4ef9146e288dd2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:07:5a:94:d5:eb:97:da:33:b6:7b:ea:f8:f3:
04:9d:c1:74:21:af:da:14:72:59:ce:58:7f:ec:aa:
16:47:08:77:07:98:78:df:b6:e3:90:f3:7b:01:88:
a8:f8:49:26:a2:ed:80:ed:49:f5:97:55:3b:ae:c6:
72:74:9e:e9:aa:a6:cf:2f:79:04:57:4d:4e:6f:b1:
54:32:e2:d5:0d:ce:a5:f9:83:2a:7a:06:c3:27:47:
c4:86:4f:5f:df:d6:1d:eb:ea:44:f8:1d:15:c9:2e:
be:69:75:36:8f:d7:0e:ad:5e:77:06:de:be:6e:af:
dd:f9:91:95:57:e4:05:1b:59:23:b8:5f:81:53:94:
20:42:bc:c6:66:30:a4:ce:c4:e5:eb:73:55:8c:90:
53:55:30:62:ca:8a:c3:2c:1e:b5:19:48:33:32:8d:
29:63:83:a2:06:d1:8c:c4:c9:fe:0f:d6:2b:d0:5e:
0b:94:66:a5:bc:14:b4:ef:d7:41:b7:a1:fc:56:53:
02:58:47:0a:71:03:57:24:ce:6c:8e:bf:5d:ad:36:
46:3f:c0:c3:b5:20:b8:0f:d9:7a:9b:1b:1c:1e:ad:
b1:e6:be:51:cb:2c:cd:75:8c:9f:ec:32:18:1d:79:
69:5b:c7:a7:46:9e:a6:49:cd:e5:fd:54:bb:b7:9b:
f9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AF:C6:ED:DD:DE:15:D3:74:DB:C1:8A:4E:F9:14:6E:28:8D:D2:EF
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OK_G7d3eFdN028GKTvkUbiiN0u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.134.0/24
Signature Algorithm: sha256WithRSAEncryption
80:1d:ab:f3:2d:fd:5e:64:1d:e9:b3:27:04:55:3a:bc:8f:1c:
78:73:88:59:75:7c:03:5c:f9:2e:52:08:ab:72:a2:86:56:ed:
9e:b6:f1:d9:76:5d:4a:3d:91:9c:f3:7d:73:53:77:ed:6f:6b:
aa:ca:74:9e:3d:0a:13:ea:c5:27:65:cf:12:54:97:fc:90:58:
31:30:74:16:6a:76:25:e7:32:3d:2b:fb:bc:4e:86:39:e6:78:
dc:30:d9:13:f4:f4:ad:72:0d:29:ac:9c:4c:84:d8:3b:ad:83:
b3:52:6a:0a:dd:82:ad:d7:0b:04:bb:03:6b:69:af:c9:82:0c:
eb:1e:c2:f1:4c:74:34:18:4c:1a:e7:07:a1:d7:6b:84:5d:a9:
97:12:1f:fd:48:f7:c0:4c:92:95:d7:65:45:96:66:8d:76:e5:
7d:ae:c8:03:90:58:92:5c:76:a1:0a:1e:4c:33:2c:d8:7d:52:
bc:42:dc:c3:4b:c3:19:1c:fe:f4:ea:cc:56:83:04:c6:8a:ec:
1a:e9:ca:3e:10:0f:2b:a2:65:35:3e:a8:79:05:a2:1f:0a:0d:
4f:af:24:73:24:60:c1:7d:d5:38:ed:96:b5:1e:84:46:c2:b8:
15:cb:bc:61:b3:cd:38:66:57:62:68:8b:4f:d0:be:7a:42:2a:
12:82:1c:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxY1pJ4AuPVAb5u3s+FaKjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMxMjExMTIyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFmYzZlZGRkZGUxNWQzNzRkYmMxOGE0ZWY5MTQ2ZTI4OGRkMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgdalNXrl9oztnvq+PMEncF0Ia/a
FHJZzlh/7KoWRwh3B5h437bjkPN7AYio+Ekmou2A7Un1l1U7rsZydJ7pqqbPL3kE
V01Ob7FUMuLVDc6l+YMqegbDJ0fEhk9f39Yd6+pE+B0VyS6+aXU2j9cOrV53Bt6+
bq/d+ZGVV+QFG1kjuF+BU5QgQrzGZjCkzsTl63NVjJBTVTBiyorDLB61GUgzMo0p
Y4OiBtGMxMn+D9Yr0F4LlGalvBS079dBt6H8VlMCWEcKcQNXJM5sjr9drTZGP8DD
tSC4D9l6mxscHq2x5r5RyyzNdYyf7DIYHXlpW8enRp6mSc3l/VS7t5v5qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDivxu3d3hXTdNvBik75FG4ojdLvMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvT0tfRzdkM2VGZE4wMjhHS1R2a1ViaWlOMHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUP2GMA0G
CSqGSIb3DQEBCwUAA4IBAQCAHavzLf1eZB3psycEVTq8jxx4c4hZdXwDXPkuUgir
cqKGVu2etvHZdl1KPZGc831zU3ftb2uqynSePQoT6sUnZc8SVJf8kFgxMHQWanYl
5zI9K/u8ToY55njcMNkT9PStcg0prJxMhNg7rYOzUmoK3YKt1wsEuwNraa/Jggzr
HsLxTHQ0GEwa5weh12uEXamXEh/9SPfATJKV12VFlmaNduV9rsgDkFiSXHahCh5M
MyzYfVK8QtzDS8MZHP706sxWgwTGiuwa6co+EA8romU1Pqh5BaIfCg1PryRzJGDB
fdU47Za1HoRGwrgVy7xhs804ZldiaItP0L56QioSghxP
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net