Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/kP27PlQLoEEgV8_qLQxiEYXnqi4.roa
File: kP27PlQLoEEgV8_qLQxiEYXnqi4.roa (raw, json)
Hash identifier: YDEukYWcunC9y31qNt64zcWrUOLyIY03zyvYnQOymqQ=
Subject key identifier: 90:FD:BB:3E:54:0B:A0:41:20:57:CF:EA:2D:0C:62:11:85:E7:AA:2E
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018B138F5B475E46FF83324C5BDD955D9090
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/kP27PlQLoEEgV8_qLQxiEYXnqi4.roa
Signing time: Mon 09 Oct 2023 08:30:43 +0000
ROA not before: Mon 09 Oct 2023 08:30:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.169.0/24 maxlen: 24
62.182.170.0/24 maxlen: 24
194.15.153.0/24 maxlen: 24
194.15.154.0/24 maxlen: 24
194.15.155.0/24 maxlen: 24
83.97.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:8f:5b:47:5e:46:ff:83:32:4c:5b:dd:95:5d:90:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Oct 9 08:30:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90fdbb3e540ba0412057cfea2d0c621185e7aa2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bc:91:31:68:e4:52:b7:73:91:1b:09:b4:43:
ef:6a:c1:c8:d1:bf:ba:3e:35:63:ec:d6:6e:fa:15:
0a:0e:f5:6c:b7:cc:4c:fd:5d:4e:c8:88:85:07:f0:
45:62:d1:81:04:b7:0a:b9:9b:29:b5:8b:27:e3:b1:
e1:70:2f:c6:e4:ae:15:7f:30:ee:35:cf:26:2b:4c:
58:fb:af:9c:b2:59:bf:e4:5a:d9:a5:c9:af:6d:65:
4b:0a:ea:4d:c1:07:69:d5:3c:7c:6e:e2:be:bd:c8:
c3:f0:32:da:00:29:ca:14:85:8f:80:b8:b0:a9:3c:
90:9d:50:69:36:0c:54:28:77:0b:39:82:ac:9f:81:
db:0b:69:d1:f3:6b:76:c9:a6:dd:04:1d:21:ed:1d:
82:d7:91:e7:95:c4:b8:f9:37:75:2c:1e:0e:e6:b0:
d7:94:44:e4:bd:92:ab:0f:0a:95:de:64:dc:cf:65:
0b:06:a9:13:6d:b0:77:34:cf:24:01:87:1e:14:34:
dc:fb:f6:9b:42:61:49:66:00:73:21:a5:d6:09:6e:
d5:5a:e7:fc:26:3f:5b:79:92:0c:3f:82:f0:82:d6:
6a:55:3a:ed:b4:19:b2:61:ca:63:e7:66:fc:af:5b:
b6:53:59:dc:ea:52:44:cf:7f:93:f6:7d:5d:02:21:
72:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FD:BB:3E:54:0B:A0:41:20:57:CF:EA:2D:0C:62:11:85:E7:AA:2E
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/kP27PlQLoEEgV8_qLQxiEYXnqi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.169.0-62.182.170.255
83.97.96.0/22
194.15.153.0-194.15.155.255
Signature Algorithm: sha256WithRSAEncryption
21:59:3f:eb:3f:0e:8c:06:1f:4d:8d:15:29:27:16:02:8a:fe:
67:8c:2c:ec:7d:90:16:bb:af:32:15:41:c3:e6:6d:8b:be:6a:
b4:43:db:4b:5e:87:3c:81:8f:4e:59:db:c0:21:45:e4:72:36:
a1:d2:e4:8f:81:7c:5c:dc:75:c8:c9:12:d8:19:ac:65:aa:1c:
05:ba:48:e5:cc:05:06:c5:93:36:cc:ca:95:f1:80:bc:b5:0d:
f4:37:74:6e:02:b0:66:d9:08:4c:e1:d0:9d:a5:6a:34:28:59:
87:b6:59:99:e6:6c:7d:81:7e:57:3d:cb:1b:1a:3e:c2:aa:92:
1d:f7:97:8c:39:94:35:f0:b5:f8:74:50:7c:a9:bf:f8:54:79:
02:81:d1:c1:3a:61:4b:01:0d:c0:1d:c7:8b:2d:fb:6c:7a:0b:
be:56:cb:11:1a:e1:54:de:57:90:cb:bb:1e:0a:5d:4e:f8:9b:
5d:5a:b5:f5:39:5b:52:3b:bb:e4:55:23:2f:5e:c5:fd:a8:97:
b7:11:c0:b9:d8:7d:58:eb:b6:e4:83:42:07:4f:c7:3e:c5:8f:
83:0b:1c:01:23:47:25:fd:e1:51:31:80:c4:8e:4b:5e:b4:79:
13:df:25:3f:f7:dd:cc:2b:c3:cc:d6:e7:8f:98:b2:3b:9f:5c:
cf:56:10:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYsTj1tHXkb/gzJMW92VXZCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMxMDA5MDgzMDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZkYmIzZTU0MGJhMDQxMjA1N2NmZWEyZDBjNjIxMTg1ZTdhYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjryRMWjkUrdzkRsJtEPvasHI0b+6
PjVj7NZu+hUKDvVst8xM/V1OyIiFB/BFYtGBBLcKuZsptYsn47HhcC/G5K4VfzDu
Nc8mK0xY+6+cslm/5FrZpcmvbWVLCupNwQdp1Tx8buK+vcjD8DLaACnKFIWPgLiw
qTyQnVBpNgxUKHcLOYKsn4HbC2nR82t2yabdBB0h7R2C15HnlcS4+Td1LB4O5rDX
lETkvZKrDwqV3mTcz2ULBqkTbbB3NM8kAYceFDTc+/abQmFJZgBzIaXWCW7VWuf8
Jj9beZIMP4LwgtZqVTrttBmyYcpj52b8r1u2U1nc6lJEz3+T9n1dAiFyrQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJD9uz5UC6BBIFfP6i0MYhGF56ouMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEva1AyN1BsUUxvRUVnVjhfcUxReGlFWVhucWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAA+tqkD
BAA+tqoDBAJTYWAwDAMEAMIPmQMEAsIPmDANBgkqhkiG9w0BAQsFAAOCAQEAIVk/
6z8OjAYfTY0VKScWAor+Z4ws7H2QFruvMhVBw+Zti75qtEPbS16HPIGPTlnbwCFF
5HI2odLkj4F8XNx1yMkS2BmsZaocBbpI5cwFBsWTNszKlfGAvLUN9Dd0bgKwZtkI
TOHQnaVqNChZh7ZZmeZsfYF+Vz3LGxo+wqqSHfeXjDmUNfC1+HRQfKm/+FR5AoHR
wTphSwENwB3Hiy37bHoLvlbLERrhVN5XkMu7HgpdTvibXVq19TlbUju75FUjL17F
/aiXtxHAudh9WOu25INCB0/HPsWPgwscASNHJf3hUTGAxI5LXrR5E98lP/fdzCvD
zNbnj5iyO59cz1YQSg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net