Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/2IqQxE8SpLYz78xlg-mN-ptgEL8.roa
File: 2IqQxE8SpLYz78xlg-mN-ptgEL8.roa (raw, json)
Hash identifier: aviW4Fz6wO34JjOzVQzRGDEII1jbvjh+GGhF3michh4=
Subject key identifier: D8:8A:90:C4:4F:12:A4:B6:33:EF:CC:65:83:E9:8D:FA:9B:60:10:BF
Certificate issuer: /CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Certificate serial: 018570707EB56D82C1319440322C22FC86FC
Authority key identifier: 6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/2IqQxE8SpLYz78xlg-mN-ptgEL8.roa
Signing time: Mon 02 Jan 2023 03:04:58 +0000
ROA not before: Mon 02 Jan 2023 03:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200318
IP address blocks: 194.169.60.0/22 maxlen: 22
2a0d:d40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7e:b5:6d:82:c1:31:94:40:32:2c:22:fc:86:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c0946c081b32be848cb00d8d932e8c1f7179668
Validity
Not Before: Jan 2 03:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d88a90c44f12a4b633efcc6583e98dfa9b6010bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d3:a3:ac:39:93:c7:00:f6:ab:4f:58:c2:57:
ce:cb:36:9e:54:6c:42:43:2a:84:a6:2e:e6:01:0a:
57:9a:a9:9d:e6:b3:a7:71:ba:e8:e8:3b:c7:70:a5:
bb:d3:9e:e7:56:08:8b:88:85:a3:2b:c4:ca:05:f1:
b4:36:01:ff:55:ae:03:c3:8b:7d:91:15:ed:cd:fa:
bb:35:f5:c2:8f:ca:89:00:65:65:3f:18:e0:58:b1:
50:b2:38:1b:08:c4:35:f6:44:e3:fd:2e:e2:b1:23:
a2:a2:1b:10:3b:ba:e3:8b:51:d5:3b:8a:bb:67:e0:
bc:85:d7:b6:73:9e:8e:61:00:b6:70:02:53:9d:54:
c6:b7:8d:f9:d4:f5:62:f5:f0:54:7e:d5:a2:e3:d1:
8d:c5:69:7c:46:83:21:21:66:f3:1b:23:46:b2:5c:
4e:f2:a4:52:ba:8b:7f:9b:a7:ff:7e:37:9f:77:a8:
8f:37:f8:ae:42:1b:6f:1d:48:e5:66:07:81:ec:66:
8b:bb:3a:85:9f:b9:98:fe:e9:a1:5e:a6:49:70:b9:
b2:e6:fd:ef:66:1a:49:0c:28:fe:e5:32:ce:ae:d6:
f2:93:b4:b0:3a:a5:59:60:23:c8:bf:3d:69:68:e5:
66:60:20:2b:3f:dd:6f:82:96:9b:96:51:8c:e4:e6:
12:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8A:90:C4:4F:12:A4:B6:33:EF:CC:65:83:E9:8D:FA:9B:60:10:BF
X509v3 Authority Key Identifier:
keyid:6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/2IqQxE8SpLYz78xlg-mN-ptgEL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.60.0/22
IPv6:
2a0d:d40::/32
Signature Algorithm: sha256WithRSAEncryption
46:f2:ff:4a:12:ac:f4:72:2f:e6:09:b8:19:f1:16:66:7e:27:
3b:0e:8e:6f:21:bc:ab:c3:89:87:1b:4f:48:e3:0c:04:1b:d9:
3c:b1:43:e8:90:75:1d:b2:ff:9e:36:97:d3:5d:0e:8c:61:d6:
81:34:f9:67:9c:e4:ee:fe:83:b7:ab:e2:4c:00:86:0c:53:45:
7a:5d:a7:1f:e5:59:be:af:5c:34:28:03:bf:ec:bd:9a:59:b0:
ea:c1:cf:2b:27:81:87:8d:e8:a6:f3:2a:49:e8:a6:f8:54:7a:
8a:d2:bb:02:4d:40:83:3b:69:15:7a:08:49:d2:96:52:72:44:
8c:90:a7:e7:8a:4e:03:89:c9:b6:77:41:9b:69:ab:b7:b6:bf:
52:63:7b:38:f3:bc:2e:ad:80:74:07:04:54:36:03:4f:aa:b2:
14:40:37:e2:8c:7c:f7:f3:a6:4d:e9:b1:f6:35:e1:ca:ed:94:
71:29:c2:e2:92:da:e0:27:83:18:82:c2:57:65:cd:12:71:fa:
06:2d:b0:11:fe:88:c3:3a:f7:e3:0b:d4:64:8e:3b:80:47:93:
8c:49:52:ec:37:ee:b2:b1:94:f8:e8:81:94:d9:29:3c:41:a1:
ab:52:6f:39:db:dc:84:a7:3b:98:48:f7:dd:b4:36:76:04:27:
09:0f:38:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcH61bYLBMZRAMiwi/Ib8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDk0NmMwODFiMzJiZTg0OGNiMDBkOGQ5MzJlOGMxZjcx
Nzk2NjgwHhcNMjMwMTAyMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhhOTBjNDRmMTJhNGI2MzNlZmNjNjU4M2U5OGRmYTliNjAxMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNOjrDmTxwD2q09YwlfOyzaeVGxC
QyqEpi7mAQpXmqmd5rOncbro6DvHcKW7057nVgiLiIWjK8TKBfG0NgH/Va4Dw4t9
kRXtzfq7NfXCj8qJAGVlPxjgWLFQsjgbCMQ19kTj/S7isSOiohsQO7rji1HVO4q7
Z+C8hde2c56OYQC2cAJTnVTGt4351PVi9fBUftWi49GNxWl8RoMhIWbzGyNGslxO
8qRSuot/m6f/fjefd6iPN/iuQhtvHUjlZgeB7GaLuzqFn7mY/umhXqZJcLmy5v3v
ZhpJDCj+5TLOrtbyk7SwOqVZYCPIvz1paOVmYCArP91vgpabllGM5OYSWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNiKkMRPEqS2M+/MZYPpjfqbYBC/MB8GA1UdIwQY
MBaAFGwJRsCBsyvoSMsA2Nky6MH3F5ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMt
ZGYyYmJjOWQwNDczLzEvMklxUXhFOFNwTFl6Nzh4bGctbU4tcHRnRUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMtZGYyYmJjOWQwNDcz
LzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwqk8MA0E
AgACMAcDBQAqDQ1AMA0GCSqGSIb3DQEBCwUAA4IBAQBG8v9KEqz0ci/mCbgZ8RZm
fic7Do5vIbyrw4mHG09I4wwEG9k8sUPokHUdsv+eNpfTXQ6MYdaBNPlnnOTu/oO3
q+JMAIYMU0V6Xacf5Vm+r1w0KAO/7L2aWbDqwc8rJ4GHjeim8ypJ6Kb4VHqK0rsC
TUCDO2kVeghJ0pZSckSMkKfnik4Dicm2d0Gbaau3tr9SY3s487wurYB0BwRUNgNP
qrIUQDfijHz386ZN6bH2NeHK7ZRxKcLiktrgJ4MYgsJXZc0ScfoGLbAR/ojDOvfj
C9RkjjuAR5OMSVLsN+6ysZT46IGU2Sk8QaGrUm8529yEpzuYSPfdtDZ2BCcJDzh7
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:49 2024 by rpki-client on console.sobornost.net