Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/sBd-fbcNA8kJQyy0F8vsQB30UJw.roa
File: sBd-fbcNA8kJQyy0F8vsQB30UJw.roa (raw, json)
Hash identifier: XEHNHo5N/J+7k3tSSB10jSSOGI/06VlRCcLhtsay/p0=
Subject key identifier: B0:17:7E:7D:B7:0D:03:C9:09:43:2C:B4:17:CB:EC:40:1D:F4:50:9C
Certificate issuer: /CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Certificate serial: 01856CB818B79D6F08A8D01E53A0F7A31C90
Authority key identifier: 52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/sBd-fbcNA8kJQyy0F8vsQB30UJw.roa
Signing time: Sun 01 Jan 2023 09:44:42 +0000
ROA not before: Sun 01 Jan 2023 09:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47258
IP address blocks: 94.143.48.0/21 maxlen: 24
185.51.124.0/22 maxlen: 24
2a04:be20::/30 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:18:b7:9d:6f:08:a8:d0:1e:53:a0:f7:a3:1c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Validity
Not Before: Jan 1 09:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0177e7db70d03c909432cb417cbec401df4509c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8e:68:b6:2e:53:eb:63:fd:03:0c:d7:35:68:
bb:18:6e:01:5b:f9:8e:13:dd:e7:aa:84:da:71:70:
7a:f7:97:2c:41:90:b6:bb:d5:f8:70:37:76:69:9c:
ca:08:9c:e1:8f:c5:73:ec:4f:ad:53:a5:16:64:0e:
67:7c:c3:85:28:83:c1:0c:71:84:61:5c:06:19:2a:
41:fb:b5:bb:42:b6:c3:09:4f:3b:aa:cb:19:c6:0c:
19:8e:fd:cb:38:65:e8:6a:e5:fc:e5:15:01:4e:e8:
10:76:81:0c:06:55:6e:ed:21:68:35:6e:a4:e4:03:
08:49:68:d8:ca:81:76:6e:05:54:c7:ba:43:b6:05:
2f:ce:59:c8:35:fe:35:7d:e1:7f:98:ac:52:c9:b6:
c8:05:61:6d:09:68:5e:f5:49:1b:46:ae:6c:55:79:
6a:b5:42:6b:3b:0a:4c:24:f6:df:a2:ec:73:4f:57:
a9:f9:c1:29:85:d6:b8:f4:49:ec:b4:04:a7:40:d9:
cb:e5:cf:b5:ec:1b:09:2c:6f:1d:34:79:14:09:cb:
4b:6f:1d:39:92:d1:a6:7e:28:d2:63:51:b5:01:69:
76:df:c9:30:fb:42:c0:88:ba:89:8e:51:c4:21:45:
10:19:d7:62:69:ca:56:7d:6c:9d:dc:52:6b:8c:20:
26:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:17:7E:7D:B7:0D:03:C9:09:43:2C:B4:17:CB:EC:40:1D:F4:50:9C
X509v3 Authority Key Identifier:
keyid:52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/sBd-fbcNA8kJQyy0F8vsQB30UJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.48.0/21
185.51.124.0/22
IPv6:
2a04:be20::/30
Signature Algorithm: sha256WithRSAEncryption
37:de:dc:53:0c:cc:1c:e4:1b:1d:38:79:67:ab:68:5f:ce:90:
63:0b:3c:43:fe:d5:cc:4a:e9:b6:7e:57:eb:75:f2:1a:6d:43:
a7:78:49:ff:ed:a5:f6:c6:63:56:6b:62:1c:9f:cb:61:59:df:
50:ad:c8:89:16:5c:c5:82:49:6e:12:4f:6b:67:3b:4c:bf:fe:
f4:38:ee:49:08:35:49:a1:17:29:de:6a:6b:11:17:75:f7:74:
f9:19:a0:95:f5:91:06:b0:ea:a6:74:79:77:d9:eb:76:f8:64:
1c:71:e4:22:d1:02:b5:68:93:80:26:cf:5c:69:d4:44:ef:bb:
e5:cc:0b:61:dc:ff:cb:81:49:fc:0d:65:a2:88:0d:4b:1f:6a:
42:f3:b8:cd:e0:9e:10:0f:fc:fb:92:81:16:b9:55:12:6e:ca:
98:22:d5:56:4f:aa:94:ca:8b:1e:f2:6b:89:64:21:49:38:0a:
a8:2a:5d:21:7c:e0:b7:ee:ea:3f:86:6f:9c:ce:96:76:f8:c2:
ba:ad:5e:53:f9:04:e0:df:31:06:48:96:31:28:7b:24:1f:5e:
78:81:0b:67:30:b7:b0:1d:8e:24:03:6f:69:9a:13:8e:0b:88:
a4:1b:42:e4:9e:af:9b:8e:0b:10:81:62:f8:2a:01:14:fc:75:
0e:6d:bc:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsuBi3nW8IqNAeU6D3oxyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODliNmE4YmZhYWM1YzhjMDlhNDhjMDQyODE5ZGZjNWVh
NDUxMDQwHhcNMjMwMTAxMDk0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE3N2U3ZGI3MGQwM2M5MDk0MzJjYjQxN2NiZWM0MDFkZjQ1MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I5oti5T62P9AwzXNWi7GG4BW/mO
E93nqoTacXB695csQZC2u9X4cDd2aZzKCJzhj8Vz7E+tU6UWZA5nfMOFKIPBDHGE
YVwGGSpB+7W7QrbDCU87qssZxgwZjv3LOGXoauX85RUBTugQdoEMBlVu7SFoNW6k
5AMISWjYyoF2bgVUx7pDtgUvzlnINf41feF/mKxSybbIBWFtCWhe9UkbRq5sVXlq
tUJrOwpMJPbfouxzT1ep+cEphda49EnstASnQNnL5c+17BsJLG8dNHkUCctLbx05
ktGmfijSY1G1AWl238kw+0LAiLqJjlHEIUUQGddiacpWfWyd3FJrjCAmLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLAXfn23DQPJCUMstBfL7EAd9FCcMB8GA1UdIwQY
MBaAFFKJtqi/qsXIwJpIwEKBnfxepFEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMt
YjJkYTk3N2U0MDdkLzEvc0JkLWZiY05BOGtKUXl5MEY4dnNRQjMwVUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMtYjJkYTk3N2U0MDdk
LzEvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo8wAwQC
uTN8MA0EAgACMAcDBQIqBL4gMA0GCSqGSIb3DQEBCwUAA4IBAQA33txTDMwc5Bsd
OHlnq2hfzpBjCzxD/tXMSum2flfrdfIabUOneEn/7aX2xmNWa2Icn8thWd9QrciJ
FlzFgkluEk9rZztMv/70OO5JCDVJoRcp3mprERd193T5GaCV9ZEGsOqmdHl32et2
+GQcceQi0QK1aJOAJs9cadRE77vlzAth3P/LgUn8DWWiiA1LH2pC87jN4J4QD/z7
koEWuVUSbsqYItVWT6qUyose8muJZCFJOAqoKl0hfOC37uo/hm+czpZ2+MK6rV5T
+QTg3zEGSJYxKHskH154gQtnMLewHY4kA29pmhOOC4ikG0Lknq+bjgsQgWL4KgEU
/HUObbz+
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:17:13 2024 by rpki-client on console.sobornost.net