Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/5UUjGjc6p4TQKdl8r6V611M8L-E.roa
File: 5UUjGjc6p4TQKdl8r6V611M8L-E.roa (raw, json)
Hash identifier: X7jUjj287ZC7U5PLWBwA+uyXb6uwnLaL2DAyaSkcraU=
Subject key identifier: E5:45:23:1A:37:3A:A7:84:D0:29:D9:7C:AF:A5:7A:D7:53:3C:2F:E1
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 01857183189119FD24791D580E7DBCBDD113
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/5UUjGjc6p4TQKdl8r6V611M8L-E.roa
Signing time: Mon 02 Jan 2023 08:04:54 +0000
ROA not before: Mon 02 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.142.244.0/24 maxlen: 24
195.142.245.0/24 maxlen: 24
195.142.246.0/24 maxlen: 24
195.142.247.0/24 maxlen: 24
195.142.202.0/24 maxlen: 24
195.142.203.0/24 maxlen: 24
195.142.200.0/24 maxlen: 24
195.142.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:18:91:19:fd:24:79:1d:58:0e:7d:bc:bd:d1:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 2 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e545231a373aa784d029d97cafa57ad7533c2fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dc:82:e2:61:7d:73:82:35:18:15:2b:b9:14:
f8:75:6c:f3:29:bb:e5:ca:74:ff:1f:9c:45:0e:c7:
ca:8c:c4:63:b1:b0:8e:a4:18:fb:55:2d:67:e1:0f:
18:ff:cd:2c:05:83:ba:af:78:90:d6:6f:3e:81:68:
a9:a5:e9:cb:de:51:05:fa:81:54:f6:fb:a2:be:e4:
80:51:70:e4:51:a4:fc:a1:b9:49:e3:78:b1:1c:6d:
d5:c4:ec:13:2f:39:bc:d3:70:33:d2:2e:86:6e:6d:
67:7f:f8:9f:3c:27:b1:69:a1:e5:43:31:33:ee:9b:
e6:77:bf:13:f1:75:e6:bb:90:71:47:de:fd:0c:a4:
01:71:e3:e9:2a:1d:5b:8f:11:12:d3:58:2a:84:63:
5e:8c:16:1b:5a:4a:69:e9:25:c8:c1:a5:87:ed:9b:
fc:35:a7:7c:b0:e4:25:a1:91:2c:1a:a7:98:00:d1:
66:85:e7:77:a1:02:1f:0e:ee:4c:c6:17:91:05:3b:
9c:cf:57:42:a4:2f:22:23:03:b2:45:9e:73:c8:d5:
6e:cc:5c:cd:6f:35:f8:16:4a:b5:9a:f2:0b:95:85:
1a:55:7f:74:48:1b:9d:b2:db:bf:9e:31:79:8b:2c:
82:76:29:d1:3a:b8:97:d6:e6:44:65:89:b3:f6:21:
44:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:45:23:1A:37:3A:A7:84:D0:29:D9:7C:AF:A5:7A:D7:53:3C:2F:E1
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/5UUjGjc6p4TQKdl8r6V611M8L-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:05:d0:76:17:aa:06:1b:b5:62:8a:39:b8:b8:8d:e9:44:55:
bb:f1:09:1a:19:70:7b:87:3d:8e:9c:84:57:e2:c7:84:eb:ac:
50:ec:d3:6a:60:26:e3:ad:26:a0:c4:30:17:8b:e6:8b:48:40:
2e:f0:de:4c:13:71:38:8b:ea:90:3e:11:a5:20:f2:47:2f:58:
07:ec:6d:09:46:7f:cc:e8:eb:44:fb:d8:6b:56:12:14:58:60:
b1:38:59:82:77:14:6a:2f:91:e0:98:0d:78:47:f3:26:41:43:
22:57:9e:73:8c:c7:27:2b:be:f0:29:ae:20:48:c0:8a:fc:d8:
6e:6b:3f:77:49:3e:66:76:f2:22:93:87:19:8a:db:6a:12:30:
ec:60:25:03:df:eb:4c:7e:bf:b8:b4:7c:de:5b:ab:c1:ad:3e:
b3:70:e3:64:e0:17:f7:cf:cf:e0:d3:0d:e7:ee:4e:65:20:a4:
ef:a1:0f:4a:34:7c:d0:4d:f1:a9:bd:e5:46:28:85:7d:b7:1d:
b3:c3:72:e5:2b:37:d0:b1:d6:29:9d:d2:59:ae:bd:22:a5:95:
03:cd:d7:d5:dd:04:49:53:bb:d1:a4:4c:91:50:99:22:e3:20:
c9:6f:e2:83:0d:2a:88:b5:c8:8e:60:44:8a:ce:fc:55:4f:56:
7a:46:43:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxgxiRGf0keR1YDn28vdETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYzZGIxZWQzMzRhN2M1MjgwYWI5ODU0NzQyOTE0YWUw
YzRjNTIwHhcNMjMwMTAyMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ1MjMxYTM3M2FhNzg0ZDAyOWQ5N2NhZmE1N2FkNzUzM2MyZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtyC4mF9c4I1GBUruRT4dWzzKbvl
ynT/H5xFDsfKjMRjsbCOpBj7VS1n4Q8Y/80sBYO6r3iQ1m8+gWippenL3lEF+oFU
9vuivuSAUXDkUaT8oblJ43ixHG3VxOwTLzm803Az0i6Gbm1nf/ifPCexaaHlQzEz
7pvmd78T8XXmu5BxR979DKQBcePpKh1bjxES01gqhGNejBYbWkpp6SXIwaWH7Zv8
Nad8sOQloZEsGqeYANFmhed3oQIfDu5MxheRBTucz1dCpC8iIwOyRZ5zyNVuzFzN
bzX4Fkq1mvILlYUaVX90SBudstu/njF5iyyCdinROriX1uZEZYmz9iFEwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOVFIxo3OqeE0CnZfK+letdTPC/hMB8GA1UdIwQY
MBaAFEF2PbHtM0p8UoCrmFR0KRSuDExSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMt
NDljOTVlZWFjODEyLzEvNVVVakdqYzZwNFRRS2RsOHI2VjYxMU04TC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMtNDljOTVlZWFjODEy
LzEvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw47IAwQC
w470MA0GCSqGSIb3DQEBCwUAA4IBAQCLBdB2F6oGG7Viijm4uI3pRFW78QkaGXB7
hz2OnIRX4seE66xQ7NNqYCbjrSagxDAXi+aLSEAu8N5ME3E4i+qQPhGlIPJHL1gH
7G0JRn/M6OtE+9hrVhIUWGCxOFmCdxRqL5HgmA14R/MmQUMiV55zjMcnK77wKa4g
SMCK/Nhuaz93ST5mdvIik4cZittqEjDsYCUD3+tMfr+4tHzeW6vBrT6zcONk4Bf3
z8/g0w3n7k5lIKTvoQ9KNHzQTfGpveVGKIV9tx2zw3LlKzfQsdYpndJZrr0ipZUD
zdfV3QRJU7vRpEyRUJki4yDJb+KDDSqItciOYESKzvxVT1Z6RkMZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:50 2024 by rpki-client on console.sobornost.net