Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0cWkX09Wddriff2k1I2lcXreJLE.roa
File: 0cWkX09Wddriff2k1I2lcXreJLE.roa (raw, json)
Hash identifier: YsWBduC/pjZs9wXWPpy1CH6HUrW5A1y5NLClUaAatIc=
Subject key identifier: D1:C5:A4:5F:4F:56:75:DA:E2:7D:FD:A4:D4:8D:A5:71:7A:DE:24:B1
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01856B80FB71B34F31C7F302C96A3C65A949
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0cWkX09Wddriff2k1I2lcXreJLE.roa
Signing time: Sun 01 Jan 2023 04:04:53 +0000
ROA not before: Sun 01 Jan 2023 04:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211846
IP address blocks: 159.151.255.0/24 maxlen: 24
192.109.142.0/24 maxlen: 24
2a07:8147:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:fb:71:b3:4f:31:c7:f3:02:c9:6a:3c:65:a9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 04:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1c5a45f4f5675dae27dfda4d48da5717ade24b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f7:c4:4e:6a:aa:2b:cd:23:e8:bd:e9:d1:8f:
7c:e1:c9:1a:2a:38:69:43:50:47:d3:7f:ff:fa:79:
cb:ee:e5:b1:15:27:cd:c0:9d:28:da:73:99:b3:8b:
f6:c5:07:ac:d9:98:7f:49:72:f9:59:9f:78:bc:84:
29:55:15:f4:64:fd:71:0a:d7:60:ce:dc:4e:9b:58:
1b:d7:b4:33:b6:f4:b6:61:95:7b:32:16:47:6d:d8:
2b:6e:31:a7:23:28:bb:88:7c:db:b3:b6:44:28:55:
9f:9c:1f:54:98:d0:a5:44:eb:64:cb:92:1c:ba:a8:
3a:75:cb:e9:e1:0e:50:86:6d:1e:3c:3b:62:5f:90:
b1:a4:c2:8e:a0:85:7a:80:56:b4:a1:30:4c:38:76:
2a:d1:de:77:cd:01:36:78:de:21:87:55:36:b7:29:
d6:5f:d1:f7:a7:8c:02:9d:14:56:35:74:a9:b0:1f:
aa:8f:b0:f5:cf:bb:53:16:3a:58:23:4b:45:ec:2c:
44:2b:26:6e:d5:8d:da:c9:de:52:ee:e0:30:23:90:
9f:58:e3:b1:a4:5c:24:bb:39:43:f0:2f:40:55:08:
78:6d:ed:b1:f5:a2:f6:dc:10:93:52:4f:5f:e7:0b:
96:bc:b3:a4:ed:dc:e0:e1:a8:72:96:c0:ef:e7:89:
dd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C5:A4:5F:4F:56:75:DA:E2:7D:FD:A4:D4:8D:A5:71:7A:DE:24:B1
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0cWkX09Wddriff2k1I2lcXreJLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.255.0/24
192.109.142.0/24
IPv6:
2a07:8147:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
77:84:05:55:28:2a:67:c9:51:f6:1e:16:0a:ff:1a:09:1a:ce:
3a:96:19:d0:4a:64:c9:ef:ef:2f:c4:99:dd:5b:9e:8e:75:73:
77:e9:f3:5e:3b:fc:af:8d:3e:17:02:16:55:1d:67:57:21:13:
24:24:d9:fc:1a:d0:46:28:dc:32:8f:6a:f8:2c:ce:93:db:b0:
9b:77:b0:f3:76:ce:4b:68:3b:4f:c0:bf:df:18:89:15:8f:65:
33:cd:70:66:1c:e5:c6:14:a6:11:74:0e:d2:89:68:06:f9:ba:
b7:3b:82:fe:a0:62:c6:08:4c:9f:db:f1:af:67:97:2a:7a:db:
0f:a3:01:ba:fc:f2:2e:a7:f5:01:ac:f7:8d:d4:64:68:a9:78:
d6:e4:50:22:c1:88:b3:97:51:d4:ae:d0:44:6c:4f:c1:be:71:
0c:d5:a6:24:93:f3:d3:ce:47:d2:14:5f:31:92:04:22:af:60:
e4:74:1d:28:17:08:e9:db:a0:1a:27:cc:2f:7f:3c:33:5c:9c:
cf:91:da:7b:ac:1b:a6:56:f1:57:ec:7f:bb:df:41:56:a7:d2:
f6:ca:4b:a1:74:db:4e:b3:88:a7:87:f1:2b:6d:bf:da:6b:e5:
3e:2b:9e:58:1a:d2:6e:dd:9a:d4:a3:da:b8:50:2b:8f:c7:38:
32:91:4a:d2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVrgPtxs08xx/MCyWo8ZalJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjMwMTAxMDQwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM1YTQ1ZjRmNTY3NWRhZTI3ZGZkYTRkNDhkYTU3MTdhZGUyNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PfETmqqK80j6L3p0Y984ckaKjhp
Q1BH03//+nnL7uWxFSfNwJ0o2nOZs4v2xQes2Zh/SXL5WZ94vIQpVRX0ZP1xCtdg
ztxOm1gb17QztvS2YZV7MhZHbdgrbjGnIyi7iHzbs7ZEKFWfnB9UmNClROtky5Ic
uqg6dcvp4Q5Qhm0ePDtiX5CxpMKOoIV6gFa0oTBMOHYq0d53zQE2eN4hh1U2tynW
X9H3p4wCnRRWNXSpsB+qj7D1z7tTFjpYI0tF7CxEKyZu1Y3ayd5S7uAwI5CfWOOx
pFwkuzlD8C9AVQh4be2x9aL23BCTUk9f5wuWvLOk7dzg4ahylsDv54ndfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNHFpF9PVnXa4n39pNSNpXF63iSxMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvMGNXa1gwOVdkZHJpZmYyazFJMmxjWHJlSkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAn5f/AwQA
wG2OMA8EAgACMAkDBwAqB4FH//8wDQYJKoZIhvcNAQELBQADggEBAHeEBVUoKmfJ
UfYeFgr/GgkazjqWGdBKZMnv7y/Emd1bno51c3fp8147/K+NPhcCFlUdZ1chEyQk
2fwa0EYo3DKPavgszpPbsJt3sPN2zktoO0/Av98YiRWPZTPNcGYc5cYUphF0DtKJ
aAb5urc7gv6gYsYITJ/b8a9nlyp62w+jAbr88i6n9QGs943UZGipeNbkUCLBiLOX
UdSu0ERsT8G+cQzVpiST89POR9IUXzGSBCKvYOR0HSgXCOnboBonzC9/PDNcnM+R
2nusG6ZW8Vfsf7vfQVan0vbKS6F0206ziKeH8Sttv9pr5T4rnlga0m7dmtSj2rhQ
K4/HODKRStI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:44 2024 by rpki-client on console.sobornost.net