Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/27fce1-11ce-4a32-a649-e076b51721ad/1/XvrnjzI0AaWsfmAzC5z-6glXBwM.roa
File: XvrnjzI0AaWsfmAzC5z-6glXBwM.roa (raw, json)
Hash identifier: MkA5HL6llj3cNl4uLcDOk/hlIGfQhDSf1qwPTNMaipk=
Subject key identifier: 5E:FA:E7:8F:32:34:01:A5:AC:7E:60:33:0B:9C:FE:EA:09:57:07:03
Certificate issuer: /CN=7f6a8e5d55c2498a82636f99f8fc9e319e07771e
Certificate serial: 018571153563E6C38F68E87F82C0C41C8544
Authority key identifier: 7F:6A:8E:5D:55:C2:49:8A:82:63:6F:99:F8:FC:9E:31:9E:07:77:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2qOXVXCSYqCY2-Z-PyeMZ4Hdx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/27fce1-11ce-4a32-a649-e076b51721ad/1/XvrnjzI0AaWsfmAzC5z-6glXBwM.roa
Signing time: Mon 02 Jan 2023 06:04:53 +0000
ROA not before: Mon 02 Jan 2023 06:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49855
IP address blocks: 202.49.88.0/23 maxlen: 23
91.212.95.0/24 maxlen: 24
2001:67c:18e8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:35:63:e6:c3:8f:68:e8:7f:82:c0:c4:1c:85:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f6a8e5d55c2498a82636f99f8fc9e319e07771e
Validity
Not Before: Jan 2 06:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5efae78f323401a5ac7e60330b9cfeea09570703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b7:50:08:d6:31:16:81:45:a1:d7:e0:36:a9:
fb:db:a1:21:82:22:67:0c:63:c8:1e:c2:28:28:65:
e0:84:10:76:73:b1:ed:56:c6:63:c8:60:65:13:95:
a5:99:fd:6f:10:63:1c:ac:b6:91:95:8f:0d:0c:70:
32:2f:a9:8c:52:4d:00:26:b8:93:54:0e:71:bc:4c:
39:47:29:8e:4a:52:c7:bb:60:67:f0:9b:da:4b:05:
cd:a5:80:f4:b2:d8:dc:d1:a8:71:73:99:2e:a3:a3:
58:fa:09:64:fb:04:fb:cc:ae:6f:07:07:81:c0:d9:
b8:e0:bd:0f:f6:50:4a:a0:1d:97:d3:4a:d3:05:99:
dc:1a:00:d6:e2:f4:c3:24:6b:ec:5a:91:f0:e0:0f:
f9:0f:bd:56:2c:e8:71:3c:96:2d:77:4f:8f:80:7a:
5a:e1:b6:dd:56:bf:0e:c7:e3:bf:d0:78:64:24:69:
79:6d:8e:03:4b:03:bc:27:66:10:58:aa:55:3c:e8:
d1:61:98:9f:ef:11:8b:93:55:46:ed:92:26:db:09:
6b:10:be:28:c2:80:40:75:9a:50:41:45:26:b0:e0:
2c:0c:bc:37:74:a1:23:4f:cf:a2:35:f2:52:6f:98:
2e:2e:0f:94:3c:52:03:cc:9c:9d:59:da:aa:9e:79:
fb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FA:E7:8F:32:34:01:A5:AC:7E:60:33:0B:9C:FE:EA:09:57:07:03
X509v3 Authority Key Identifier:
keyid:7F:6A:8E:5D:55:C2:49:8A:82:63:6F:99:F8:FC:9E:31:9E:07:77:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2qOXVXCSYqCY2-Z-PyeMZ4Hdx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/27fce1-11ce-4a32-a649-e076b51721ad/1/XvrnjzI0AaWsfmAzC5z-6glXBwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/27fce1-11ce-4a32-a649-e076b51721ad/1/f2qOXVXCSYqCY2-Z-PyeMZ4Hdx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.95.0/24
202.49.88.0/23
IPv6:
2001:67c:18e8::/48
Signature Algorithm: sha256WithRSAEncryption
88:40:15:14:a2:6a:8f:4e:fb:fc:cd:56:44:98:74:1e:86:67:
c2:37:a9:f6:70:0a:70:7a:c6:81:c5:26:99:59:4c:2e:fe:0e:
63:cb:f4:7f:c6:0c:af:b8:01:b2:66:a5:d8:d9:49:67:10:4a:
5c:0e:2a:29:4d:9c:d2:75:f2:34:65:6a:c7:81:d3:1b:ab:b2:
0c:e6:9f:79:f5:88:ed:b5:d2:88:5f:23:0d:7d:c7:8f:4d:19:
17:b4:99:13:19:47:cc:30:81:7f:b5:fb:77:67:1f:80:e1:dc:
b0:9b:c8:78:2b:4c:58:a2:e3:4a:5c:1f:05:73:2c:1c:c0:0e:
0f:51:81:d6:77:d0:69:64:eb:1f:ab:38:73:c5:31:9f:d5:9b:
6c:03:c9:33:20:b9:b1:f5:6f:7f:e2:15:3d:f6:40:61:4a:39:
46:63:f3:78:95:27:24:10:80:2f:42:c5:e2:19:ba:34:f5:b9:
c0:a8:a6:6d:7a:34:e2:47:9f:61:b0:c9:18:b3:8b:b1:46:75:
f1:b5:a3:c9:b7:5f:c5:82:f6:e7:59:df:9c:d1:8f:c8:ad:e2:
8c:d5:c5:7d:02:e0:10:87:8d:16:a6:db:08:2b:15:da:8b:08:
d1:b3:fe:56:59:1d:8c:8e:1e:5c:ac:bf:59:75:e7:2d:6c:51:
3f:7f:69:06
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxFTVj5sOPaOh/gsDEHIVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNmE4ZTVkNTVjMjQ5OGE4MjYzNmY5OWY4ZmM5ZTMxOWUw
Nzc3MWUwHhcNMjMwMTAyMDYwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZhZTc4ZjMyMzQwMWE1YWM3ZTYwMzMwYjljZmVlYTA5NTcwNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLdQCNYxFoFFodfgNqn726EhgiJn
DGPIHsIoKGXghBB2c7HtVsZjyGBlE5Wlmf1vEGMcrLaRlY8NDHAyL6mMUk0AJriT
VA5xvEw5RymOSlLHu2Bn8JvaSwXNpYD0stjc0ahxc5kuo6NY+glk+wT7zK5vBweB
wNm44L0P9lBKoB2X00rTBZncGgDW4vTDJGvsWpHw4A/5D71WLOhxPJYtd0+PgHpa
4bbdVr8Ox+O/0HhkJGl5bY4DSwO8J2YQWKpVPOjRYZif7xGLk1VG7ZIm2wlrEL4o
woBAdZpQQUUmsOAsDLw3dKEjT8+iNfJSb5guLg+UPFIDzJydWdqqnnn7NwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF76548yNAGlrH5gMwuc/uoJVwcDMB8GA1UdIwQY
MBaAFH9qjl1VwkmKgmNvmfj8njGeB3ceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJxT1hWWENTWXFDWTItWi1QeWVNWjRIZHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yN2ZjZTEtMTFjZS00YTMyLWE2NDkt
ZTA3NmI1MTcyMWFkLzEvWHZybmp6STBBYVdzZm1BekM1ei02Z2xYQndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yN2ZjZTEtMTFjZS00YTMyLWE2NDktZTA3NmI1MTcyMWFk
LzEvZjJxT1hWWENTWXFDWTItWi1QeWVNWjRIZHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9RfAwQB
yjFYMA8EAgACMAkDBwAgAQZ8GOgwDQYJKoZIhvcNAQELBQADggEBAIhAFRSiao9O
+/zNVkSYdB6GZ8I3qfZwCnB6xoHFJplZTC7+DmPL9H/GDK+4AbJmpdjZSWcQSlwO
KilNnNJ18jRlaseB0xursgzmn3n1iO210ohfIw19x49NGRe0mRMZR8wwgX+1+3dn
H4Dh3LCbyHgrTFii40pcHwVzLBzADg9RgdZ30Glk6x+rOHPFMZ/Vm2wDyTMgubH1
b3/iFT32QGFKOUZj83iVJyQQgC9CxeIZujT1ucCopm16NOJHn2GwyRizi7FGdfG1
o8m3X8WC9udZ35zRj8it4ozVxX0C4BCHjRam2wgrFdqLCNGz/lZZHYyOHlysv1l1
5y1sUT9/aQY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:43 2024 by rpki-client on console.sobornost.net