Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/4pppAsZh5V4C-vqQxbmVUqiPkRo.roa
File: 4pppAsZh5V4C-vqQxbmVUqiPkRo.roa (raw, json)
Hash identifier: FWxqXvYdwI6FeVwGXl2tgJ0HqfRhvlUCJiMUeRpjm2w=
Subject key identifier: E2:9A:69:02:C6:61:E5:5E:02:FA:FA:90:C5:B9:95:52:A8:8F:91:1A
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01856B80F58D86B0DC06A433B55C722C0A5E
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/4pppAsZh5V4C-vqQxbmVUqiPkRo.roa
Signing time: Sun 01 Jan 2023 04:04:51 +0000
ROA not before: Sun 01 Jan 2023 04:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3549
IP address blocks: 192.109.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:f5:8d:86:b0:dc:06:a4:33:b5:5c:72:2c:0a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 04:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e29a6902c661e55e02fafa90c5b99552a88f911a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:7a:0d:21:5b:1b:b2:8a:16:12:aa:05:10:
bd:cf:2c:a3:05:17:29:ba:79:25:f6:54:e0:c8:96:
30:81:d6:48:27:7c:4d:14:32:e8:5b:8e:5c:10:82:
a6:9b:41:49:1f:31:a8:5e:2a:3c:0d:10:c7:cf:46:
dc:e1:a8:00:70:14:7c:9f:2b:fb:10:c3:62:a2:97:
be:fd:be:9c:20:9f:97:5f:a4:64:bc:8a:db:a0:e4:
dc:64:50:27:58:f4:57:ab:59:db:da:88:02:ea:3f:
83:21:0a:6c:aa:6b:5c:0b:34:3f:1b:cb:92:28:b5:
32:11:50:5d:d5:19:b5:e6:68:1e:c2:29:2f:6c:d6:
47:b7:08:67:c7:6d:3f:54:b1:1f:bc:97:22:15:c7:
b8:d0:60:42:09:6d:9e:64:c5:d0:62:fc:e9:d0:8c:
11:59:b1:fb:50:0c:67:d5:06:09:0e:4e:c0:4b:3e:
f1:c9:13:9d:63:b5:00:d6:10:20:ab:c6:eb:fb:f5:
0f:38:b0:9a:03:b6:a9:79:9d:c2:9e:3a:24:4a:2c:
21:ad:d6:ea:ef:62:93:d1:69:28:bb:db:3e:b5:ae:
fa:6e:b1:7b:7b:39:e5:86:0b:fd:1e:30:a6:e7:eb:
61:c3:c4:76:fc:5b:da:0d:ad:bb:69:08:8f:0b:a6:
30:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9A:69:02:C6:61:E5:5E:02:FA:FA:90:C5:B9:95:52:A8:8F:91:1A
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/4pppAsZh5V4C-vqQxbmVUqiPkRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.148.0/24
Signature Algorithm: sha256WithRSAEncryption
92:33:2e:2b:54:ae:a3:42:4f:c4:c6:06:07:64:6d:fc:c5:e8:
d4:bc:d5:48:6a:bf:b5:76:a9:29:97:e3:c0:66:31:eb:96:e2:
92:bf:8e:c4:84:0c:2a:7d:fb:5a:31:11:12:da:9c:5a:af:91:
4a:ef:13:f4:e2:a1:b5:bf:ed:d6:46:33:89:72:0f:d4:d9:85:
e4:35:11:b1:47:4f:3b:ba:9e:29:3a:65:eb:7f:56:74:dc:13:
fd:7c:bf:c7:8a:4b:ba:c6:c8:53:91:93:24:58:b4:3f:0e:16:
d2:db:54:b3:5a:bf:44:ed:08:8b:38:49:22:17:4c:58:08:93:
54:12:ea:21:a5:16:42:3f:2b:43:94:aa:88:ca:b7:09:2c:cd:
12:7e:c0:82:19:10:fa:c2:0c:de:1c:9a:a1:3e:f8:2f:92:e0:
e1:83:1b:b5:40:a6:f2:3d:76:f5:4a:53:46:8f:ad:d2:16:2d:
27:68:86:70:78:2d:01:ac:56:3e:66:28:be:3c:05:25:93:92:
d7:d6:45:d7:97:c6:da:6b:af:e9:c9:f2:cc:00:01:68:4b:2b:
57:7a:99:ce:0b:32:2a:c6:10:d1:44:12:88:6d:45:ca:19:27:
59:f4:12:c8:ef:09:ce:3c:33:2e:40:73:21:93:01:b1:f0:46:
15:c9:ab:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgPWNhrDcBqQztVxyLApeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjMwMTAxMDQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjlhNjkwMmM2NjFlNTVlMDJmYWZhOTBjNWI5OTU1MmE4OGY5MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolR6DSFbG7KKFhKqBRC9zyyjBRcp
unkl9lTgyJYwgdZIJ3xNFDLoW45cEIKmm0FJHzGoXio8DRDHz0bc4agAcBR8nyv7
EMNiope+/b6cIJ+XX6RkvIrboOTcZFAnWPRXq1nb2ogC6j+DIQpsqmtcCzQ/G8uS
KLUyEVBd1Rm15mgewikvbNZHtwhnx20/VLEfvJciFce40GBCCW2eZMXQYvzp0IwR
WbH7UAxn1QYJDk7ASz7xyROdY7UA1hAgq8br+/UPOLCaA7apeZ3CnjokSiwhrdbq
72KT0Wkou9s+ta76brF7eznlhgv9HjCm5+thw8R2/FvaDa27aQiPC6YwJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKaaQLGYeVeAvr6kMW5lVKoj5EaMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvNHBwcEFzWmg1VjRDLXZxUXhibVZVcWlQa1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2UMA0G
CSqGSIb3DQEBCwUAA4IBAQCSMy4rVK6jQk/ExgYHZG38xejUvNVIar+1dqkpl+PA
ZjHrluKSv47EhAwqfftaMRES2pxar5FK7xP04qG1v+3WRjOJcg/U2YXkNRGxR087
up4pOmXrf1Z03BP9fL/Hiku6xshTkZMkWLQ/DhbS21SzWr9E7QiLOEkiF0xYCJNU
EuohpRZCPytDlKqIyrcJLM0SfsCCGRD6wgzeHJqhPvgvkuDhgxu1QKbyPXb1SlNG
j63SFi0naIZweC0BrFY+Zii+PAUlk5LX1kXXl8baa6/pyfLMAAFoSytXepnOCzIq
xhDRRBKIbUXKGSdZ9BLI7wnOPDMuQHMhkwGx8EYVyau+
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:44 2024 by rpki-client on console.sobornost.net