Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/h7j9HWm52-SlXKCrJKGfTyn7feI.roa
File: h7j9HWm52-SlXKCrJKGfTyn7feI.roa (raw, json)
Hash identifier: Osz99umQ9uEJCH1p0NdAoh0UT9Txj0H9WqRdqTGQcuc=
Subject key identifier: 87:B8:FD:1D:69:B9:DB:E4:A5:5C:A0:AB:24:A1:9F:4F:29:FB:7D:E2
Certificate issuer: /CN=351c7b5607c536657fd5748f6f65b24ac12eb17d
Certificate serial: 018CC6B7C9A553C466FC141260B2B28EDF7C
Authority key identifier: 35:1C:7B:56:07:C5:36:65:7F:D5:74:8F:6F:65:B2:4A:C1:2E:B1:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRx7VgfFNmV_1XSPb2WySsEusX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/h7j9HWm52-SlXKCrJKGfTyn7feI.roa
Signing time: Mon 01 Jan 2024 20:29:42 +0000
ROA not before: Mon 01 Jan 2024 20:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 146.19.191.0/24 maxlen: 24
193.111.248.0/24 maxlen: 24
2a12:eb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 13 Apr 2024 01:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:c9:a5:53:c4:66:fc:14:12:60:b2:b2:8e:df:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351c7b5607c536657fd5748f6f65b24ac12eb17d
Validity
Not Before: Jan 1 20:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87b8fd1d69b9dbe4a55ca0ab24a19f4f29fb7de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:00:7b:6b:72:81:bc:b6:f5:e6:b2:99:91:74:
d5:7f:31:7e:00:bb:e0:23:07:9d:ad:fb:ef:8b:15:
57:01:43:4c:73:0e:24:ee:ed:7f:5f:92:d0:ce:be:
1f:58:27:f6:93:2c:40:33:8e:55:46:7f:34:2b:1e:
7b:38:d6:40:50:99:8e:c3:5e:f1:97:84:29:c4:ef:
0d:3d:ce:bd:be:0d:ca:23:a3:e4:c8:da:46:b6:d1:
58:ec:e0:fc:9e:58:fb:2b:6c:27:3f:e9:47:c7:da:
c6:d8:00:48:ae:1a:52:3f:b1:22:a2:e1:00:57:7e:
a1:71:7e:d0:8b:3a:ff:a4:85:c2:78:b5:a1:30:72:
46:98:4c:65:f6:f9:2a:17:9f:62:5e:7f:91:5a:2d:
c8:42:61:c8:f2:e3:33:1d:cf:26:5c:84:a3:3e:bf:
12:80:90:c4:1e:12:35:9a:81:f5:03:fd:b5:1c:22:
fc:7c:26:6b:1d:c6:4c:eb:0a:2c:5a:c0:ee:90:15:
ad:c7:56:20:83:c6:7e:a9:82:f6:70:c4:a1:5a:3a:
01:4e:cc:45:24:f8:d2:12:1a:fa:4a:83:ba:b7:3a:
d0:35:7a:b2:54:c8:de:3c:03:df:d9:6c:22:12:e2:
a1:dc:80:a2:80:0d:de:25:70:90:f8:0f:06:ff:d6:
ca:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B8:FD:1D:69:B9:DB:E4:A5:5C:A0:AB:24:A1:9F:4F:29:FB:7D:E2
X509v3 Authority Key Identifier:
keyid:35:1C:7B:56:07:C5:36:65:7F:D5:74:8F:6F:65:B2:4A:C1:2E:B1:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRx7VgfFNmV_1XSPb2WySsEusX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/h7j9HWm52-SlXKCrJKGfTyn7feI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/NRx7VgfFNmV_1XSPb2WySsEusX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.191.0/24
193.111.248.0/24
IPv6:
2a12:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
1a:dc:8b:72:76:2d:f0:02:41:92:37:2d:14:5d:90:72:3b:82:
2a:8f:85:dd:bd:fa:d1:31:52:ab:a4:70:32:69:7e:92:92:de:
28:39:dd:a6:8a:e7:0e:f0:99:24:84:61:d4:ec:d2:4f:a0:be:
54:22:cb:2b:86:75:27:9a:d0:f1:b9:61:8e:b2:6f:d6:9d:0f:
29:e0:40:a0:8e:c9:a8:2b:06:c6:ae:2e:6d:01:c0:8b:8f:e5:
61:59:ee:08:02:d2:32:b7:b3:e1:76:e8:0b:51:26:e8:a7:75:
59:96:79:f3:fa:81:8d:e7:33:86:f5:a7:ec:de:6f:13:3c:44:
1f:44:c5:0c:82:2b:af:c2:f2:5b:2f:e2:e3:bd:56:48:16:93:
93:a1:9f:e2:32:bd:20:43:4e:52:6d:0c:7a:2d:1c:31:fd:45:
f6:f9:92:11:cc:c6:86:77:e8:cd:d9:08:38:d5:21:73:ac:0f:
21:77:c2:15:99:0d:87:bb:49:c3:7a:a2:30:10:12:68:ad:3a:
1e:76:85:9c:8e:3c:44:6f:94:78:66:08:bd:6e:85:11:77:a6:
40:bb:d2:7a:28:49:d3:86:0e:78:24:ed:f7:c6:52:52:c6:c5:
02:b2:ac:bf:37:a1:cb:f1:ae:5b:fb:8e:bf:b7:28:ae:1d:30:
90:29:70:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt8mlU8Rm/BQSYLKyjt98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWM3YjU2MDdjNTM2NjU3ZmQ1NzQ4ZjZmNjViMjRhYzEy
ZWIxN2QwHhcNMjQwMTAxMjAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I4ZmQxZDY5YjlkYmU0YTU1Y2EwYWIyNGExOWY0ZjI5ZmI3ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQB7a3KBvLb15rKZkXTVfzF+ALvg
IwedrfvvixVXAUNMcw4k7u1/X5LQzr4fWCf2kyxAM45VRn80Kx57ONZAUJmOw17x
l4QpxO8NPc69vg3KI6PkyNpGttFY7OD8nlj7K2wnP+lHx9rG2ABIrhpSP7EiouEA
V36hcX7Qizr/pIXCeLWhMHJGmExl9vkqF59iXn+RWi3IQmHI8uMzHc8mXISjPr8S
gJDEHhI1moH1A/21HCL8fCZrHcZM6wosWsDukBWtx1Ygg8Z+qYL2cMShWjoBTsxF
JPjSEhr6SoO6tzrQNXqyVMjePAPf2WwiEuKh3ICigA3eJXCQ+A8G/9bKtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIe4/R1pudvkpVygqyShn08p+33iMB8GA1UdIwQY
MBaAFDUce1YHxTZlf9V0j29lskrBLrF9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJ4N1ZnZkZObVZfMVhTUGIyV3lTc0V1c1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jMWZmMjEtNWFjMi00ZTUwLTkzNmMt
NjUxNzA3YzkxZmQzLzEvaDdqOUhXbTUyLVNsWEtDckpLR2ZUeW43ZmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jMWZmMjEtNWFjMi00ZTUwLTkzNmMtNjUxNzA3YzkxZmQz
LzEvTlJ4N1ZnZkZObVZfMVhTUGIyV3lTc0V1c1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkhO/AwQA
wW/4MA0EAgACMAcDBQMqEusAMA0GCSqGSIb3DQEBCwUAA4IBAQAa3Itydi3wAkGS
Ny0UXZByO4Iqj4XdvfrRMVKrpHAyaX6Skt4oOd2miucO8JkkhGHU7NJPoL5UIssr
hnUnmtDxuWGOsm/WnQ8p4ECgjsmoKwbGri5tAcCLj+VhWe4IAtIyt7PhdugLUSbo
p3VZlnnz+oGN5zOG9afs3m8TPEQfRMUMgiuvwvJbL+LjvVZIFpOToZ/iMr0gQ05S
bQx6LRwx/UX2+ZIRzMaGd+jN2Qg41SFzrA8hd8IVmQ2Hu0nDeqIwEBJorToedoWc
jjxEb5R4Zgi9boURd6ZAu9J6KEnThg54JO33xlJSxsUCsqy/N6HL8a5b+46/tyiu
HTCQKXAt
-----END CERTIFICATE-----
Generated at Sat Apr 13 06:50:21 2024 by rpki-client on console.sobornost.net