Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e9a7a1-e9fe-47d4-ae32-df0a44800aa5/1/3CFZ88jSy7YxRml-BgAIoDqEBc4.roa
File: 3CFZ88jSy7YxRml-BgAIoDqEBc4.roa (raw, json)
Hash identifier: dpLOieWsSLKsEAo6PuuHaQukXhzYH2UR/d3cpqEbcMc=
Subject key identifier: DC:21:59:F3:C8:D2:CB:B6:31:46:69:7E:06:00:08:A0:3A:84:05:CE
Certificate issuer: /CN=9052dec7b7617fe39c8550ee20c382201ab9af2a
Certificate serial: 01856FF9546147288F88DF3BBD183A199DF0
Authority key identifier: 90:52:DE:C7:B7:61:7F:E3:9C:85:50:EE:20:C3:82:20:1A:B9:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFLex7dhf-OchVDuIMOCIBq5ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/e9a7a1-e9fe-47d4-ae32-df0a44800aa5/1/3CFZ88jSy7YxRml-BgAIoDqEBc4.roa
Signing time: Mon 02 Jan 2023 00:54:48 +0000
ROA not before: Mon 02 Jan 2023 00:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211492
IP address blocks: 5.8.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:54:61:47:28:8f:88:df:3b:bd:18:3a:19:9d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9052dec7b7617fe39c8550ee20c382201ab9af2a
Validity
Not Before: Jan 2 00:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc2159f3c8d2cbb63146697e060008a03a8405ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:38:83:b5:13:da:09:7a:9a:9f:c4:d8:84:af:
dc:26:f8:6e:e7:b1:c5:4e:62:84:e5:77:3a:51:a6:
12:4f:3f:f5:a6:8e:3d:bd:70:48:80:e3:65:17:9e:
21:ac:0b:1b:9c:f1:3d:64:c5:dd:b5:68:c8:e6:38:
5b:02:91:9e:8c:f1:cf:b8:06:e8:a8:4e:d3:c7:cb:
50:2f:ae:85:7f:3a:6a:4b:2c:cc:23:4d:0b:49:43:
89:08:f5:b4:7d:48:a2:f8:a8:15:58:08:dc:33:98:
9e:2f:39:86:c4:55:4c:88:fe:d3:0f:15:0a:78:05:
37:3a:b7:e2:b9:54:bb:e6:ec:94:e2:a6:0e:fb:84:
60:f7:1d:6a:b6:33:0c:28:85:e2:7b:d9:98:ab:0e:
be:ab:c5:a3:18:44:72:55:fc:85:e1:38:60:8e:88:
d6:74:51:ad:fc:45:6c:e0:7f:5a:75:21:bb:19:94:
f7:bf:7f:d9:bf:0a:8d:57:b6:9c:69:96:4a:9e:83:
b8:bd:ad:8e:8c:94:65:de:12:c5:2d:b0:03:ff:5e:
01:a8:d6:2d:10:0d:cc:b9:3c:f5:5d:70:fb:10:39:
fb:02:d5:bd:6c:7e:59:a3:65:e0:0b:c6:ed:1f:e5:
9f:33:6e:fe:00:e1:c8:eb:75:f4:a4:e0:99:16:ea:
41:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:21:59:F3:C8:D2:CB:B6:31:46:69:7E:06:00:08:A0:3A:84:05:CE
X509v3 Authority Key Identifier:
keyid:90:52:DE:C7:B7:61:7F:E3:9C:85:50:EE:20:C3:82:20:1A:B9:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFLex7dhf-OchVDuIMOCIBq5ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e9a7a1-e9fe-47d4-ae32-df0a44800aa5/1/3CFZ88jSy7YxRml-BgAIoDqEBc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e9a7a1-e9fe-47d4-ae32-df0a44800aa5/1/kFLex7dhf-OchVDuIMOCIBq5ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:aa:0b:88:62:01:67:34:d3:89:25:5b:a1:44:33:4d:ce:5c:
ce:f3:e4:ba:39:b2:1b:1a:4b:86:5b:0c:bc:82:2c:57:ef:41:
77:d4:83:fe:96:47:7a:e5:23:17:02:ff:b3:85:d6:a2:03:91:
40:2a:90:0d:7f:8e:03:f5:4c:e5:2a:96:21:67:a4:bf:5a:6e:
fc:29:1e:99:42:3d:ad:56:90:6f:1a:a3:7d:9a:11:90:91:10:
63:df:62:a7:f4:09:7f:61:85:a0:31:81:e3:d1:16:d7:a9:59:
3d:1f:9d:fd:f8:18:ca:20:62:9b:e4:83:e9:28:b3:ae:d2:73:
ec:0c:a3:5d:5b:0e:a5:71:62:1c:fe:f1:6f:2e:4e:f6:8d:8c:
af:98:c5:14:1d:b5:63:fe:b0:ab:51:6e:7b:af:b0:48:c1:5d:
59:de:ee:7c:01:af:fd:a4:f3:38:54:0a:a2:ef:aa:ee:00:40:
4a:0e:ae:68:20:ae:40:be:f2:d0:44:5c:86:b2:a1:86:2d:33:
c9:3c:39:d6:1d:d0:72:8c:ba:8f:c8:51:1d:5a:b0:e2:7f:12:
e2:b9:3a:f0:78:f4:11:75:aa:53:bd:ac:d6:fe:49:0e:72:50:
38:c5:48:52:4c:8b:20:62:b1:20:fc:97:b0:d7:09:8a:55:09:
07:1f:d0:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+VRhRyiPiN87vRg6GZ3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNTJkZWM3Yjc2MTdmZTM5Yzg1NTBlZTIwYzM4MjIwMWFi
OWFmMmEwHhcNMjMwMTAyMDA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIxNTlmM2M4ZDJjYmI2MzE0NjY5N2UwNjAwMDhhMDNhODQwNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsziDtRPaCXqan8TYhK/cJvhu57HF
TmKE5Xc6UaYSTz/1po49vXBIgONlF54hrAsbnPE9ZMXdtWjI5jhbApGejPHPuAbo
qE7Tx8tQL66FfzpqSyzMI00LSUOJCPW0fUii+KgVWAjcM5ieLzmGxFVMiP7TDxUK
eAU3OrfiuVS75uyU4qYO+4Rg9x1qtjMMKIXie9mYqw6+q8WjGERyVfyF4ThgjojW
dFGt/EVs4H9adSG7GZT3v3/ZvwqNV7acaZZKnoO4va2OjJRl3hLFLbAD/14BqNYt
EA3MuTz1XXD7EDn7AtW9bH5Zo2XgC8btH+WfM27+AOHI63X0pOCZFupB/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwhWfPI0su2MUZpfgYACKA6hAXOMB8GA1UdIwQY
MBaAFJBS3se3YX/jnIVQ7iDDgiAaua8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZMZXg3ZGhmLU9jaFZEdUlNT0NJQnE1cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lOWE3YTEtZTlmZS00N2Q0LWFlMzIt
ZGYwYTQ0ODAwYWE1LzEvM0NGWjg4alN5N1l4Um1sLUJnQUlvRHFFQmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lOWE3YTEtZTlmZS00N2Q0LWFlMzItZGYwYTQ0ODAwYWE1
LzEva0ZMZXg3ZGhmLU9jaFZEdUlNT0NJQnE1cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQj5MA0G
CSqGSIb3DQEBCwUAA4IBAQA9qguIYgFnNNOJJVuhRDNNzlzO8+S6ObIbGkuGWwy8
gixX70F31IP+lkd65SMXAv+zhdaiA5FAKpANf44D9UzlKpYhZ6S/Wm78KR6ZQj2t
VpBvGqN9mhGQkRBj32Kn9Al/YYWgMYHj0RbXqVk9H539+BjKIGKb5IPpKLOu0nPs
DKNdWw6lcWIc/vFvLk72jYyvmMUUHbVj/rCrUW57r7BIwV1Z3u58Aa/9pPM4VAqi
76ruAEBKDq5oIK5AvvLQRFyGsqGGLTPJPDnWHdByjLqPyFEdWrDifxLiuTrwePQR
dapTvazW/kkOclA4xUhSTIsgYrEg/Jew1wmKVQkHH9DI
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:10 2024 by rpki-client on console.sobornost.net