Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/bwDEPKH3aQqaqI0DxcFYEvdATy4.roa
File: bwDEPKH3aQqaqI0DxcFYEvdATy4.roa (raw, json)
Hash identifier: Jf6VuM4cb+LsgHFg1xXhupwieDwPn87Ksim6SuVuLMk=
Subject key identifier: 6F:00:C4:3C:A1:F7:69:0A:9A:A8:8D:03:C5:C1:58:12:F7:40:4F:2E
Certificate issuer: /CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Certificate serial: 018572DEEA8777364A251A884D58C03B0B03
Authority key identifier: BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/bwDEPKH3aQqaqI0DxcFYEvdATy4.roa
Signing time: Mon 02 Jan 2023 14:24:49 +0000
ROA not before: Mon 02 Jan 2023 14:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59842
IP address blocks: 185.36.12.0/22 maxlen: 22
91.220.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:ea:87:77:36:4a:25:1a:88:4d:58:c0:3b:0b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa363346c12f83c60d7b5cfdefecd3e7ff0e2a
Validity
Not Before: Jan 2 14:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f00c43ca1f7690a9aa88d03c5c15812f7404f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a5:50:94:4a:9e:f8:05:20:86:a2:73:e9:67:
11:ab:e5:6a:73:88:b0:36:8a:be:13:59:5c:d1:74:
2e:42:21:ae:3b:69:e3:83:12:da:e3:d2:8b:74:a1:
40:24:49:ca:d8:10:44:6f:20:20:20:3f:4e:17:99:
ef:17:bb:ae:13:40:36:4c:ba:13:1d:c4:22:1b:8f:
86:2e:90:4a:f3:26:8f:05:7e:ae:f3:5c:8b:c5:d5:
a6:47:61:85:ec:ea:a4:a3:4f:73:59:fe:03:d6:36:
28:0d:3d:96:93:18:77:b2:a2:ca:5f:74:54:5a:83:
d4:b5:c2:d5:e8:d0:74:db:80:ed:96:e3:41:ab:50:
46:c0:34:05:37:4d:a7:47:18:40:3c:b1:b2:eb:68:
31:c5:35:74:27:69:08:6f:3a:92:4a:1d:48:0f:70:
9d:fa:7c:ed:f7:15:5b:83:6b:f9:b5:e9:29:38:36:
79:3b:22:8d:98:4f:4c:35:c0:e3:2e:52:dd:ef:a5:
49:c7:05:53:57:be:fa:3c:98:57:55:91:fa:46:76:
a9:dd:5b:55:44:cc:29:36:d9:0a:b0:21:a3:ea:89:
93:5b:42:1d:c8:7e:4b:55:6d:a6:50:99:71:48:a2:
89:53:be:0b:73:8f:28:bc:2c:57:c3:b0:23:15:1d:
14:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:00:C4:3C:A1:F7:69:0A:9A:A8:8D:03:C5:C1:58:12:F7:40:4F:2E
X509v3 Authority Key Identifier:
keyid:BD:FA:36:33:46:C1:2F:83:C6:0D:7B:5C:FD:EF:EC:D3:E7:FF:0E:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo2M0bBL4PGDXtc_e_s0-f_Dio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/bwDEPKH3aQqaqI0DxcFYEvdATy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ddf06e-db8b-4589-a656-1716146644e6/1/vfo2M0bBL4PGDXtc_e_s0-f_Dio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.245.0/24
185.36.12.0/22
Signature Algorithm: sha256WithRSAEncryption
32:a8:f0:09:ef:43:89:e4:62:b1:13:16:08:5c:04:d1:5e:2c:
cb:33:65:f9:bb:3c:2f:88:18:5d:84:d8:ff:e8:eb:ce:2c:3b:
9b:ed:2b:60:cc:c3:53:41:d4:af:49:15:ab:65:36:0e:6a:d6:
9a:6b:12:0e:f6:52:11:2b:bc:b0:ba:10:4e:00:f4:9f:77:af:
7a:7e:aa:e8:fc:18:27:9b:09:55:fd:2f:15:b0:8f:c4:d7:fc:
87:45:07:10:44:26:3c:b3:c5:bf:d8:00:e0:8d:61:70:f9:cc:
d4:be:a1:74:37:ea:05:38:2e:c0:14:fc:60:2e:c2:f8:3b:2a:
90:e5:85:e3:f6:e5:56:c5:a9:5a:05:72:29:d0:26:3e:9d:08:
60:e1:6f:d7:63:65:6a:15:5a:13:61:1a:62:02:ee:73:2c:af:
0c:d9:d8:cf:0f:a4:d0:7b:bb:13:c1:b3:79:2a:a3:28:f9:dc:
0a:51:7f:db:c0:d5:8e:75:c8:57:b1:9e:c5:81:64:ab:de:1f:
a3:ea:1f:40:6b:f0:3e:ec:15:4d:6f:38:20:0f:c0:41:0e:73:
85:82:c0:23:6a:00:8f:ac:0f:19:ee:35:c0:05:ee:93:ed:52:
28:8c:4f:e7:25:cb:a2:aa:3d:4e:f5:3c:bb:95:6d:c4:50:28:
6c:e4:84:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy3uqHdzZKJRqITVjAOwsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmEzNjMzNDZjMTJmODNjNjBkN2I1Y2ZkZWZlY2QzZTdm
ZjBlMmEwHhcNMjMwMTAyMTQyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAwYzQzY2ExZjc2OTBhOWFhODhkMDNjNWMxNTgxMmY3NDA0ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qVQlEqe+AUghqJz6WcRq+Vqc4iw
Noq+E1lc0XQuQiGuO2njgxLa49KLdKFAJEnK2BBEbyAgID9OF5nvF7uuE0A2TLoT
HcQiG4+GLpBK8yaPBX6u81yLxdWmR2GF7Oqko09zWf4D1jYoDT2Wkxh3sqLKX3RU
WoPUtcLV6NB024DtluNBq1BGwDQFN02nRxhAPLGy62gxxTV0J2kIbzqSSh1ID3Cd
+nzt9xVbg2v5tekpODZ5OyKNmE9MNcDjLlLd76VJxwVTV776PJhXVZH6Rnap3VtV
RMwpNtkKsCGj6omTW0IdyH5LVW2mUJlxSKKJU74Lc48ovCxXw7AjFR0UbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8AxDyh92kKmqiNA8XBWBL3QE8uMB8GA1UdIwQY
MBaAFL36NjNGwS+Dxg17XP3v7NPn/w4qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZvMk0wYkJMNFBHRFh0Y19lX3MwLWZfRGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kZGYwNmUtZGI4Yi00NTg5LWE2NTYt
MTcxNjE0NjY0NGU2LzEvYndERVBLSDNhUXFhcUkwRHhjRllFdmRBVHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kZGYwNmUtZGI4Yi00NTg5LWE2NTYtMTcxNjE0NjY0NGU2
LzEvdmZvMk0wYkJMNFBHRFh0Y19lX3MwLWZfRGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9z1AwQC
uSQMMA0GCSqGSIb3DQEBCwUAA4IBAQAyqPAJ70OJ5GKxExYIXATRXizLM2X5uzwv
iBhdhNj/6OvOLDub7StgzMNTQdSvSRWrZTYOataaaxIO9lIRK7ywuhBOAPSfd696
fqro/BgnmwlV/S8VsI/E1/yHRQcQRCY8s8W/2ADgjWFw+czUvqF0N+oFOC7AFPxg
LsL4OyqQ5YXj9uVWxalaBXIp0CY+nQhg4W/XY2VqFVoTYRpiAu5zLK8M2djPD6TQ
e7sTwbN5KqMo+dwKUX/bwNWOdchXsZ7FgWSr3h+j6h9Aa/A+7BVNbzggD8BBDnOF
gsAjagCPrA8Z7jXABe6T7VIojE/nJcuiqj1O9Ty7lW3EUChs5IR5
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:18 2024 by rpki-client on console.sobornost.net