Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/fROKaNWVi1ZyJwhMACdquLCHzMw.roa
File: fROKaNWVi1ZyJwhMACdquLCHzMw.roa (raw, json)
Hash identifier: XDIajk9ZquMKDQ6Ft8uIFG2lHrs3v9ipiXG83TLYNtY=
Subject key identifier: 7D:13:8A:68:D5:95:8B:56:72:27:08:4C:00:27:6A:B8:B0:87:CC:CC
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01856B80FB2132D539DA6362DC18B8EB5F4D
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/fROKaNWVi1ZyJwhMACdquLCHzMw.roa
Signing time: Sun 01 Jan 2023 04:04:53 +0000
ROA not before: Sun 01 Jan 2023 04:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209677
IP address blocks: 192.109.145.0/24 maxlen: 24
159.151.64.0/18 maxlen: 18
2a07:8142::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:fb:21:32:d5:39:da:63:62:dc:18:b8:eb:5f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 04:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d138a68d5958b567227084c00276ab8b087cccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:47:40:18:b5:28:50:b4:28:63:70:9a:ac:
e3:5f:d9:a3:fe:03:7f:0b:67:e4:ff:33:66:f9:e0:
b1:1e:26:d5:75:ef:60:02:a2:b3:87:61:0d:cc:90:
1b:37:f0:f7:77:11:2a:05:48:63:81:ab:86:64:1f:
99:6c:ec:f7:d6:3a:ad:61:40:e6:0c:21:dc:d1:ae:
be:ee:4b:d3:aa:b1:06:68:c8:0f:36:1a:23:12:79:
3f:bf:50:4f:3f:6c:40:05:7b:81:11:48:97:30:47:
18:0c:ef:1f:b3:44:25:2d:12:47:e7:97:65:cb:13:
0f:d7:61:80:02:06:15:c6:96:9a:c7:6c:c5:b6:37:
16:61:67:ad:c9:3f:c7:c9:4c:50:b9:9f:48:9f:35:
3a:a0:a7:a1:c2:b8:6b:ce:b6:7f:f8:76:a9:af:22:
f7:de:62:28:1c:d7:80:e0:da:57:15:39:3f:24:ed:
05:b9:c1:7c:dc:61:a9:4a:a7:10:cc:9f:ef:2b:36:
7e:3c:12:21:04:2b:75:7a:f6:9a:81:89:09:04:b4:
0e:b6:79:0d:c3:a2:f7:4f:e2:7f:58:79:86:51:4c:
62:27:84:74:98:9d:0a:4d:87:e3:c5:25:d9:40:1e:
d4:ca:35:8d:c6:1b:22:18:54:8e:c8:6c:c6:0d:08:
08:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:13:8A:68:D5:95:8B:56:72:27:08:4C:00:27:6A:B8:B0:87:CC:CC
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/fROKaNWVi1ZyJwhMACdquLCHzMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.64.0/18
192.109.145.0/24
IPv6:
2a07:8142::/36
Signature Algorithm: sha256WithRSAEncryption
50:66:2c:e8:98:b6:16:78:0d:9b:ec:fe:9e:8d:5f:99:9d:e7:
30:f9:00:53:80:ee:3c:92:98:78:4f:0d:4f:a5:da:4e:12:a1:
2b:aa:c5:79:03:30:df:22:5b:9d:43:05:ce:07:02:0c:6b:42:
65:77:bf:f8:e0:79:a3:3d:e4:c9:fd:a6:01:be:ca:27:0a:cd:
50:90:4b:e2:d1:67:72:a2:2a:90:af:55:e7:b9:3d:fc:b0:bb:
4d:9a:f7:a5:43:26:07:05:66:71:c6:cc:39:e6:40:f9:a1:e0:
97:81:8f:91:21:a8:55:ad:c9:c9:28:93:1e:53:ce:6f:5e:4f:
8f:16:6e:ce:e8:07:2e:d5:9f:3a:d8:40:f6:df:ff:99:e0:7a:
31:14:91:2f:2d:b8:6f:e1:87:8d:b5:6f:29:f4:00:4b:a3:b8:
91:ce:60:d7:87:a6:0c:80:96:53:bf:87:39:dd:1d:76:e6:e5:
e8:f2:2d:37:58:f1:bf:f2:7a:f6:5c:2b:99:b2:8a:82:60:e7:
14:af:c8:4b:c9:e2:b3:4a:c8:58:8d:c0:20:5e:27:98:32:af:
8f:c4:88:b2:d1:59:de:d0:50:04:2a:a8:f7:f5:52:fc:99:52:
29:81:fd:cf:f4:95:87:7b:d1:7b:4c:38:eb:37:95:ee:3f:86:
a3:21:2a:c8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVrgPshMtU52mNi3Bi4619NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjMwMTAxMDQwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDEzOGE2OGQ1OTU4YjU2NzIyNzA4NGMwMDI3NmFiOGIwODdjY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6ZHQBi1KFC0KGNwmqzjX9mj/gN/
C2fk/zNm+eCxHibVde9gAqKzh2ENzJAbN/D3dxEqBUhjgauGZB+ZbOz31jqtYUDm
DCHc0a6+7kvTqrEGaMgPNhojEnk/v1BPP2xABXuBEUiXMEcYDO8fs0QlLRJH55dl
yxMP12GAAgYVxpaax2zFtjcWYWetyT/HyUxQuZ9InzU6oKehwrhrzrZ/+HapryL3
3mIoHNeA4NpXFTk/JO0FucF83GGpSqcQzJ/vKzZ+PBIhBCt1evaagYkJBLQOtnkN
w6L3T+J/WHmGUUxiJ4R0mJ0KTYfjxSXZQB7UyjWNxhsiGFSOyGzGDQgIGwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH0TimjVlYtWcicITAAnariwh8zMMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvZlJPS2FOV1ZpMVp5SndoTUFDZHF1TENIek13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQGn5dAAwQA
wG2RMA4EAgACMAgDBgQqB4FCADANBgkqhkiG9w0BAQsFAAOCAQEAUGYs6Ji2FngN
m+z+no1fmZ3nMPkAU4DuPJKYeE8NT6XaThKhK6rFeQMw3yJbnUMFzgcCDGtCZXe/
+OB5oz3kyf2mAb7KJwrNUJBL4tFncqIqkK9V57k9/LC7TZr3pUMmBwVmccbMOeZA
+aHgl4GPkSGoVa3JySiTHlPOb15PjxZuzugHLtWfOthA9t//meB6MRSRLy24b+GH
jbVvKfQAS6O4kc5g14emDICWU7+HOd0ddubl6PItN1jxv/J69lwrmbKKgmDnFK/I
S8nis0rIWI3AIF4nmDKvj8SIstFZ3tBQBCqo9/VS/JlSKYH9z/SVh3vRe0w46zeV
7j+GoyEqyA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:44 2024 by rpki-client on console.sobornost.net