Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lCO1GlcxfjEoewOe8My5GuFtazc.roa
File: lCO1GlcxfjEoewOe8My5GuFtazc.roa (raw, json)
Hash identifier: qkvQWmCkDiBaWI6WivAsu3kxmEOHHHMF1y4ZBrXPW5o=
Subject key identifier: 94:23:B5:1A:57:31:7E:31:28:7B:03:9E:F0:CC:B9:1A:E1:6D:6B:37
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F023E4FDFBE90A69F7B7B85812422F3
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lCO1GlcxfjEoewOe8My5GuFtazc.roa
Signing time: Sun 01 Jan 2023 20:24:56 +0000
ROA not before: Sun 01 Jan 2023 20:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21107
IP address blocks: 89.111.225.0/24 maxlen: 24
81.93.92.0/24 maxlen: 24
94.250.48.0/21 maxlen: 21
94.250.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:3e:4f:df:be:90:a6:9f:7b:7b:85:81:24:22:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9423b51a57317e31287b039ef0ccb91ae16d6b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:49:f9:dc:b8:e9:03:08:f1:a7:69:d2:b1:37:
ce:78:7e:0c:03:43:e5:20:2a:76:f1:0f:81:26:a8:
59:87:d6:3b:e7:b0:ce:3d:24:41:e6:65:cd:42:2a:
a2:de:35:ee:44:bc:02:d8:58:f6:09:38:09:61:41:
64:3f:c0:70:f4:b7:e4:fd:f3:04:f5:ae:d2:1a:cd:
50:00:c8:dc:3e:11:45:7a:ab:da:8f:a2:be:cb:8a:
87:ba:c4:e0:a7:e0:36:f8:88:91:b7:8c:73:d7:b5:
03:47:34:52:74:f6:c8:69:4a:ac:89:52:ff:4e:ee:
f4:7e:42:10:51:be:bd:0b:b5:97:23:9b:bf:a1:16:
a2:df:a3:14:74:87:07:be:0b:96:a7:65:8a:2f:f9:
76:a3:72:6a:17:db:7b:ed:11:78:6b:8b:11:7e:1a:
fa:8a:d2:41:1e:4a:f6:82:68:3f:e0:96:23:57:b1:
65:c5:ff:3f:89:66:59:fa:3b:dd:34:63:14:56:9c:
20:60:cd:ac:08:83:7e:56:1f:d6:e5:9e:0e:c8:f7:
bf:65:38:b8:1e:d4:9f:41:52:34:02:94:c1:c5:b3:
39:45:b1:a4:bd:a7:a6:78:20:4b:0c:27:f1:c8:f6:
3f:d9:3d:e2:b4:94:dc:38:81:e0:51:f0:7b:65:1f:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:23:B5:1A:57:31:7E:31:28:7B:03:9E:F0:CC:B9:1A:E1:6D:6B:37
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lCO1GlcxfjEoewOe8My5GuFtazc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.93.92.0/24
89.111.225.0/24
94.250.48.0-94.250.59.255
Signature Algorithm: sha256WithRSAEncryption
1e:b6:95:ad:a2:af:4c:72:76:aa:26:4d:e5:c2:a9:10:5e:18:
be:75:d9:05:dd:ad:2c:c6:0b:6b:ec:9c:db:d5:a6:c5:ef:bb:
a7:6b:74:28:f7:45:08:1a:21:7b:70:ee:f6:99:9f:0a:e9:ea:
85:a7:6c:13:02:d0:6b:c7:b5:b4:5f:f1:65:f8:1d:15:12:47:
33:b3:f0:20:24:c2:cd:a9:65:a4:58:03:47:da:c7:f0:f9:05:
b0:3a:bc:66:3b:5c:e5:24:cd:68:1e:8b:f2:11:8f:8d:8c:17:
c5:ed:f9:0d:28:9e:2f:12:88:5c:41:55:97:96:9d:08:73:5e:
83:df:0e:f1:4d:e5:dd:fb:78:05:7a:50:85:f8:59:69:5c:9b:
2d:14:e1:00:38:dc:d7:16:3b:16:6c:4c:01:c9:cf:6d:ec:b0:
9e:05:01:6a:d4:55:26:58:bc:32:44:79:18:98:02:08:79:23:
e4:f8:4e:6e:c4:aa:a8:fc:4f:d2:32:62:d3:39:f2:10:5e:bf:
7e:d7:78:a7:f0:cb:e9:17:42:db:7b:db:2c:50:4d:ec:1a:7c:
e3:e8:e8:ac:a0:54:ce:8d:0e:e8:6f:29:71:1b:86:80:06:b1:
92:55:89:92:1f:68:2b:34:fe:da:39:48:1c:54:77:f8:f8:d9:
7d:9f:6e:23
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvAj5P376Qpp97e4WBJCLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDIzYjUxYTU3MzE3ZTMxMjg3YjAzOWVmMGNjYjkxYWUxNmQ2YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUn53LjpAwjxp2nSsTfOeH4MA0Pl
ICp28Q+BJqhZh9Y757DOPSRB5mXNQiqi3jXuRLwC2Fj2CTgJYUFkP8Bw9Lfk/fME
9a7SGs1QAMjcPhFFeqvaj6K+y4qHusTgp+A2+IiRt4xz17UDRzRSdPbIaUqsiVL/
Tu70fkIQUb69C7WXI5u/oRai36MUdIcHvguWp2WKL/l2o3JqF9t77RF4a4sRfhr6
itJBHkr2gmg/4JYjV7Flxf8/iWZZ+jvdNGMUVpwgYM2sCIN+Vh/W5Z4OyPe/ZTi4
HtSfQVI0ApTBxbM5RbGkvaemeCBLDCfxyPY/2T3itJTcOIHgUfB7ZR97UwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJQjtRpXMX4xKHsDnvDMuRrhbWs3MB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvbENPMUdsY3hmakVvZXdPZThNeTVHdUZ0YXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUV1cAwQA
WW/hMAwDBARe+jADBAJe+jgwDQYJKoZIhvcNAQELBQADggEBAB62la2ir0xydqom
TeXCqRBeGL512QXdrSzGC2vsnNvVpsXvu6drdCj3RQgaIXtw7vaZnwrp6oWnbBMC
0GvHtbRf8WX4HRUSRzOz8CAkws2pZaRYA0fax/D5BbA6vGY7XOUkzWgei/IRj42M
F8Xt+Q0oni8SiFxBVZeWnQhzXoPfDvFN5d37eAV6UIX4WWlcmy0U4QA43NcWOxZs
TAHJz23ssJ4FAWrUVSZYvDJEeRiYAgh5I+T4Tm7Eqqj8T9IyYtM58hBev37XeKfw
y+kXQtt72yxQTewafOPo6KygVM6NDuhvKXEbhoAGsZJViZIfaCs0/to5SBxUd/j4
2X2fbiM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:40 2023 by rpki-client on console.sobornost.net