Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/LZxXPgSYRDRBMZ0TWwl_SBrDKss.roa
File: LZxXPgSYRDRBMZ0TWwl_SBrDKss.roa (raw, json)
Hash identifier: 1iTVhKsu0HXHSf3JvudexGrTszUb3Cwo0rCm/2l7Uw4=
Subject key identifier: 2D:9C:57:3E:04:98:44:34:41:31:9D:13:5B:09:7F:48:1A:C3:2A:CB
Certificate issuer: /CN=136c4831597fe16e9ee2882d7b5a0df8a76e4f7f
Certificate serial: 01856E2F9C2846600E18E99D69861E7BDF7C
Authority key identifier: 13:6C:48:31:59:7F:E1:6E:9E:E2:88:2D:7B:5A:0D:F8:A7:6E:4F:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2xIMVl_4W6e4ogte1oN-KduT38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/LZxXPgSYRDRBMZ0TWwl_SBrDKss.roa
Signing time: Sun 01 Jan 2023 16:34:51 +0000
ROA not before: Sun 01 Jan 2023 16:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50270
IP address blocks: 109.233.0.0/21 maxlen: 24
2a02:2368::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:9c:28:46:60:0e:18:e9:9d:69:86:1e:7b:df:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=136c4831597fe16e9ee2882d7b5a0df8a76e4f7f
Validity
Not Before: Jan 1 16:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d9c573e0498443441319d135b097f481ac32acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:01:2a:57:85:ad:b9:77:1f:46:84:e4:39:
b9:60:59:89:69:d9:eb:45:c4:87:19:2c:ec:de:18:
26:74:ec:be:a4:0b:e6:c0:75:2a:1c:8d:53:ca:ab:
cc:8f:66:26:91:85:a1:96:5e:09:a0:d8:3b:58:4f:
28:59:cc:24:c9:7b:6c:3b:ab:5f:33:a5:f4:8d:c8:
26:87:6a:aa:dd:10:71:87:94:1b:93:6a:de:a3:dc:
3b:cb:b8:6d:b0:5e:eb:a1:c9:f0:4b:e7:ed:6b:54:
2e:15:aa:da:a9:84:66:6d:17:98:f3:2a:db:c4:6f:
a7:95:47:b6:62:f7:cb:c9:e4:4e:1e:73:4b:e2:0f:
ce:1c:6d:92:30:30:16:15:df:e4:c7:cf:34:af:ad:
77:a1:43:d6:e3:ed:77:fa:66:9a:1d:98:fd:2a:83:
8f:87:35:21:32:62:d6:b3:20:cd:fb:0f:9b:36:11:
67:fd:5c:a3:2f:c1:af:69:63:1d:8c:01:e6:65:ce:
cd:c3:22:dc:e2:a0:f1:b9:a1:ae:f6:98:f6:3a:b9:
e1:fd:6c:a4:a4:6c:c4:d9:7e:86:c9:d6:2c:47:27:
34:92:d3:14:97:e1:44:09:a4:2c:42:d9:2b:2d:9e:
7d:7f:33:42:20:87:9b:f4:6d:93:02:6c:f4:08:a2:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9C:57:3E:04:98:44:34:41:31:9D:13:5B:09:7F:48:1A:C3:2A:CB
X509v3 Authority Key Identifier:
keyid:13:6C:48:31:59:7F:E1:6E:9E:E2:88:2D:7B:5A:0D:F8:A7:6E:4F:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2xIMVl_4W6e4ogte1oN-KduT38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/LZxXPgSYRDRBMZ0TWwl_SBrDKss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/40fe20-6ceb-45d6-aa11-ce59b0c54eea/1/E2xIMVl_4W6e4ogte1oN-KduT38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.0.0/21
IPv6:
2a02:2368::/32
Signature Algorithm: sha256WithRSAEncryption
32:ac:e7:a7:fd:19:f2:60:c8:48:e2:ab:40:78:bd:d1:4a:40:
e1:74:b5:b7:28:8a:d5:d0:4b:d2:6f:db:aa:63:82:b8:59:70:
68:da:e9:a5:3c:53:8c:86:11:70:17:ba:64:15:c9:a7:f8:73:
13:39:08:48:36:c2:fb:61:1b:b7:95:65:8c:83:ef:b4:07:db:
c2:70:d1:7f:69:f1:e1:3e:31:70:4c:d7:28:21:9b:90:94:c4:
3e:16:13:66:53:13:d5:4a:2b:68:6a:28:22:db:a2:27:39:dd:
d5:0d:8e:6f:d3:75:6e:94:99:79:8d:13:38:a8:06:fb:b3:d1:
7f:62:8c:fe:9f:a7:a1:41:93:87:be:d7:8b:7e:e4:01:09:4a:
8f:3a:8a:cb:d9:34:cd:8a:e4:0a:92:e2:90:83:7b:6d:31:a3:
bf:ce:42:48:f5:b1:ee:20:b3:3a:bc:4e:fc:ab:52:35:cf:87:
bc:70:ec:7f:89:10:4d:af:09:7e:f9:67:05:c7:27:37:c8:01:
a1:e3:5a:0f:14:40:3a:00:d8:d3:0b:ce:79:ee:41:8e:41:05:
e5:56:77:c2:c7:2d:0f:fe:21:c0:08:84:55:70:56:af:77:96:
41:1c:79:0a:28:e2:b5:fb:aa:bf:82:f2:7b:c0:90:51:35:f8:
b0:04:5a:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL5woRmAOGOmdaYYee998MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNmM0ODMxNTk3ZmUxNmU5ZWUyODgyZDdiNWEwZGY4YTc2
ZTRmN2YwHhcNMjMwMTAxMTYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDljNTczZTA0OTg0NDM0NDEzMTlkMTM1YjA5N2Y0ODFhYzMyYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ0BKleFrbl3H0aE5Dm5YFmJadnr
RcSHGSzs3hgmdOy+pAvmwHUqHI1TyqvMj2YmkYWhll4JoNg7WE8oWcwkyXtsO6tf
M6X0jcgmh2qq3RBxh5Qbk2reo9w7y7htsF7rocnwS+fta1QuFaraqYRmbReY8yrb
xG+nlUe2YvfLyeROHnNL4g/OHG2SMDAWFd/kx880r613oUPW4+13+maaHZj9KoOP
hzUhMmLWsyDN+w+bNhFn/VyjL8GvaWMdjAHmZc7NwyLc4qDxuaGu9pj2Ornh/Wyk
pGzE2X6GydYsRyc0ktMUl+FECaQsQtkrLZ59fzNCIIeb9G2TAmz0CKLwSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC2cVz4EmEQ0QTGdE1sJf0gawyrLMB8GA1UdIwQY
MBaAFBNsSDFZf+FunuKILXtaDfinbk9/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJ4SU1WbF80VzZlNG9ndGUxb04tS2R1VDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80MGZlMjAtNmNlYi00NWQ2LWFhMTEt
Y2U1OWIwYzU0ZWVhLzEvTFp4WFBnU1lSRFJCTVowVFd3bF9TQnJES3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80MGZlMjAtNmNlYi00NWQ2LWFhMTEtY2U1OWIwYzU0ZWVh
LzEvRTJ4SU1WbF80VzZlNG9ndGUxb04tS2R1VDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbekAMA0E
AgACMAcDBQAqAiNoMA0GCSqGSIb3DQEBCwUAA4IBAQAyrOen/RnyYMhI4qtAeL3R
SkDhdLW3KIrV0EvSb9uqY4K4WXBo2umlPFOMhhFwF7pkFcmn+HMTOQhINsL7YRu3
lWWMg++0B9vCcNF/afHhPjFwTNcoIZuQlMQ+FhNmUxPVSitoaigi26InOd3VDY5v
03VulJl5jRM4qAb7s9F/Yoz+n6ehQZOHvteLfuQBCUqPOorL2TTNiuQKkuKQg3tt
MaO/zkJI9bHuILM6vE78q1I1z4e8cOx/iRBNrwl++WcFxyc3yAGh41oPFEA6ANjT
C8557kGOQQXlVnfCxy0P/iHACIRVcFavd5ZBHHkKKOK1+6q/gvJ7wJBRNfiwBFqg
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:21 2024 by rpki-client on console.sobornost.net