Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/tCfJhsL67t-tERLYTXQa5DPtxc4.roa
File: tCfJhsL67t-tERLYTXQa5DPtxc4.roa (raw, json)
Hash identifier: /N2PxVJE9xS3c2+kCyegD7p4awuWLvGwskcVuTyn9BE=
Subject key identifier: B4:27:C9:86:C2:FA:EE:DF:AD:11:12:D8:4D:74:1A:E4:33:ED:C5:CE
Certificate issuer: /CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Certificate serial: 01856E0AE836D5BE18C6D686732D84B9CA2F
Authority key identifier: 94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/tCfJhsL67t-tERLYTXQa5DPtxc4.roa
Signing time: Sun 01 Jan 2023 15:54:46 +0000
ROA not before: Sun 01 Jan 2023 15:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207463
IP address blocks: 94.231.206.0/24 maxlen: 24
2a10:1800:1::/48 maxlen: 48
2a10:1800:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:e8:36:d5:be:18:c6:d6:86:73:2d:84:b9:ca:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Validity
Not Before: Jan 1 15:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b427c986c2faeedfad1112d84d741ae433edc5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:30:f1:bb:3a:52:1f:d8:e2:44:00:75:f8:
6d:8a:51:c6:d0:6e:39:35:09:c0:d7:01:7d:d4:1a:
af:9b:dd:f0:ae:a6:63:25:e4:9b:14:fb:0f:f0:88:
1a:10:dd:5a:01:4a:12:ab:f8:c1:de:ae:dd:f2:c5:
2f:9b:b3:f2:df:96:da:e2:59:e2:d4:64:74:eb:22:
20:b5:ae:cd:57:7c:b3:d7:a5:b8:29:7b:56:c9:14:
c9:af:b8:20:60:24:02:ac:e3:87:e3:9d:3a:21:2f:
c0:16:e4:de:12:da:81:ce:ab:6f:cb:6e:00:4c:ff:
1b:31:70:7a:8a:64:25:70:78:98:d8:e1:e8:8c:2b:
f4:6a:43:8c:a1:9e:74:24:71:ce:44:ec:76:66:b9:
bf:94:0a:d8:c7:3d:35:b4:a8:34:ec:39:5f:d2:32:
9e:c5:f3:c5:db:19:3a:a9:73:a0:90:6d:39:a8:cd:
00:20:6b:d7:3d:b6:ea:8a:e5:dc:00:67:64:6d:c3:
09:9d:a2:c1:a7:d6:be:07:69:c1:b2:c7:76:49:cd:
a5:68:27:37:70:39:96:f5:f8:c5:68:34:29:89:ba:
42:10:d2:8e:f4:42:52:24:e3:6d:0c:d8:3b:f1:4b:
53:e5:c2:d9:ed:bc:78:c7:98:09:0d:f9:47:f3:9b:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:27:C9:86:C2:FA:EE:DF:AD:11:12:D8:4D:74:1A:E4:33:ED:C5:CE
X509v3 Authority Key Identifier:
keyid:94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/tCfJhsL67t-tERLYTXQa5DPtxc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.206.0/24
IPv6:
2a10:1800:1::-2a10:1800:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:fb:fa:cc:13:b4:2a:7d:2f:ef:3f:f0:ea:0c:48:13:7d:32:
ee:fc:6d:68:e2:d2:5c:c9:74:17:2a:fc:2d:2d:a2:1d:d4:71:
d2:fd:23:1e:6f:77:b1:25:79:d0:22:9d:2f:be:7c:c7:5e:3a:
85:0b:51:a0:72:98:00:e0:87:96:f8:b5:54:45:45:89:3e:42:
79:70:e6:0d:b0:a1:f0:a9:e6:cc:5f:1d:55:0e:ca:b2:56:de:
54:52:75:72:05:39:4d:2f:e9:e6:e6:1e:e8:eb:58:70:2e:af:
7c:6a:ee:eb:61:c9:90:a5:ad:71:9b:54:fb:34:3b:47:bc:3f:
6f:67:31:f6:1b:0b:c2:87:80:2b:6d:7e:77:d5:6d:2c:ba:8d:
78:f3:19:11:66:25:50:1d:5a:66:0d:9e:85:fb:6e:ed:aa:87:
3b:ce:0b:a2:43:92:79:1e:22:e1:c6:72:79:6b:28:72:ed:f2:
0b:be:ba:b7:6a:e2:1c:7b:79:f5:29:21:97:7a:b2:83:54:b8:
7c:6e:50:56:be:24:4b:35:ea:8d:db:6b:92:ba:17:df:4b:70:
ac:a8:55:89:c0:16:04:c7:5a:5b:1f:69:24:dc:f7:35:3a:1e:
3f:93:7d:bc:00:3c:bf:2a:41:a7:cb:83:a0:da:85:37:b6:5e:
e3:90:4d:5a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuCug21b4YxtaGcy2EucovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTZmYTZhOTBlZDk0ZTIyMWRiNjlkMjFmY2RkYTdjNjZk
MTNjOTEwHhcNMjMwMTAxMTU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI3Yzk4NmMyZmFlZWRmYWQxMTEyZDg0ZDc0MWFlNDMzZWRjNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoow8bs6Uh/Y4kQAdfhtilHG0G45
NQnA1wF91Bqvm93wrqZjJeSbFPsP8IgaEN1aAUoSq/jB3q7d8sUvm7Py35ba4lni
1GR06yIgta7NV3yz16W4KXtWyRTJr7ggYCQCrOOH4506IS/AFuTeEtqBzqtvy24A
TP8bMXB6imQlcHiY2OHojCv0akOMoZ50JHHOROx2Zrm/lArYxz01tKg07Dlf0jKe
xfPF2xk6qXOgkG05qM0AIGvXPbbqiuXcAGdkbcMJnaLBp9a+B2nBssd2Sc2laCc3
cDmW9fjFaDQpibpCENKO9EJSJONtDNg78UtT5cLZ7bx4x5gJDflH85t2ywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLQnyYbC+u7frRES2E10GuQz7cXOMB8GA1UdIwQY
MBaAFJQW+mqQ7ZTiIdtp0h/N2nxm0TyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYt
N2RlOTEwZTAwYmVkLzEvdENmSmhzTDY3dC10RVJMWVRYUWE1RFB0eGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYtN2RlOTEwZTAwYmVk
LzEvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAXufOMBoE
AgACMBQwEgMHACoQGAAAAQMHACoQGAAAAjANBgkqhkiG9w0BAQsFAAOCAQEAE/v6
zBO0Kn0v7z/w6gxIE30y7vxtaOLSXMl0Fyr8LS2iHdRx0v0jHm93sSV50CKdL758
x146hQtRoHKYAOCHlvi1VEVFiT5CeXDmDbCh8KnmzF8dVQ7KslbeVFJ1cgU5TS/p
5uYe6OtYcC6vfGru62HJkKWtcZtU+zQ7R7w/b2cx9hsLwoeAK21+d9VtLLqNePMZ
EWYlUB1aZg2ehftu7aqHO84LokOSeR4i4cZyeWsocu3yC766t2riHHt59Skhl3qy
g1S4fG5QVr4kSzXqjdtrkroX30twrKhVicAWBMdaWx9pJNz3NToeP5N9vAA8vypB
p8uDoNqFN7Ze45BNWg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:12 2024 by rpki-client on console.sobornost.net