Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/kfOg2FzGld7nL1ErHUkqmcTxleY.roa
File: kfOg2FzGld7nL1ErHUkqmcTxleY.roa (raw, json)
Hash identifier: w3QuYm73GGDZNKaCHlkze2NsBuppSguHqn9iK8iZ13I=
Subject key identifier: 91:F3:A0:D8:5C:C6:95:DE:E7:2F:51:2B:1D:49:2A:99:C4:F1:95:E6
Certificate issuer: /CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Certificate serial: 0185DD507B0855A4B73D1C6644E0C75CF06C
Authority key identifier: B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/kfOg2FzGld7nL1ErHUkqmcTxleY.roa
Signing time: Mon 23 Jan 2023 06:28:36 +0000
ROA not before: Mon 23 Jan 2023 06:28:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34196
IP address blocks: 185.156.168.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:50:7b:08:55:a4:b7:3d:1c:66:44:e0:c7:5c:f0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Validity
Not Before: Jan 23 06:28:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f3a0d85cc695dee72f512b1d492a99c4f195e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:91:87:4e:0f:20:6f:93:b9:c4:fa:13:0f:
69:b9:f4:bc:55:de:15:66:77:4a:ce:98:ad:2d:84:
ad:1f:c0:45:0f:47:2e:50:35:cf:04:0a:30:a5:e4:
dc:d2:4b:5c:37:e3:6e:5a:97:a8:7d:dc:11:f3:86:
9f:59:13:a4:7f:03:c4:25:01:db:ac:57:68:02:41:
f1:ec:f1:69:2a:9a:11:ad:ed:72:dd:c1:8b:17:92:
9e:8d:37:57:d7:31:b1:ba:f3:e7:7a:e8:ef:c8:3b:
e6:cd:92:5e:74:85:9e:d6:5c:04:af:db:f8:37:7d:
29:cd:94:29:75:d2:14:52:a7:bb:f7:8e:82:10:b9:
ba:f7:9d:27:b7:4f:39:af:bb:42:44:84:ad:a9:8c:
52:b6:80:24:b6:d5:82:a4:0b:fb:af:d1:20:5c:58:
61:c8:26:6a:0e:a7:86:ae:3f:9e:69:b8:28:e1:08:
57:fd:10:75:0e:98:a6:4a:64:5f:7b:92:e1:8b:6e:
fc:8a:fe:dd:e1:a2:12:49:73:c2:8a:03:3b:56:87:
f1:e0:bf:1a:f8:a0:a5:d5:5b:2e:90:87:8e:64:24:
44:e6:92:72:d2:2e:b2:03:b1:25:36:00:da:b7:e8:
d7:0b:2c:6f:59:67:f6:9c:37:3d:67:16:90:81:12:
cf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:A0:D8:5C:C6:95:DE:E7:2F:51:2B:1D:49:2A:99:C4:F1:95:E6
X509v3 Authority Key Identifier:
keyid:B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/kfOg2FzGld7nL1ErHUkqmcTxleY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/slLdonImonXj55s3TI8mPNLY7NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.168.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:f7:27:cd:4d:1b:ba:5e:39:72:6c:1d:ff:f9:42:f9:62:d4:
a9:75:63:28:3d:d7:e8:f1:c9:ac:f9:c9:df:b7:5e:66:ce:6b:
b2:54:ef:8b:b4:fa:6e:df:84:32:68:9b:d7:bc:89:bc:1a:55:
ed:dd:89:52:aa:9f:ee:cb:1c:35:2e:ca:92:3d:08:a7:8c:9e:
3c:53:a5:0d:17:2a:4d:2c:e8:c5:e3:72:8e:f3:c0:f8:c1:86:
11:03:b6:0b:9c:e1:4a:bc:ee:aa:d1:7d:8e:a4:25:a3:ca:3b:
c4:01:60:98:d3:0d:38:dc:73:be:ad:c8:e7:d8:47:eb:83:97:
ca:dc:e8:3a:96:8e:5f:d8:24:26:0a:4c:22:07:46:46:1f:04:
71:48:03:f8:6d:85:d9:ab:e8:e3:cb:2f:03:28:dc:a2:d0:bd:
65:7b:0c:47:b6:b3:36:16:30:35:6c:6a:75:af:1e:66:fd:c1:
23:0f:c5:64:2c:2c:e2:e1:0f:4a:f5:7c:e8:81:c5:0b:d4:74:
a9:b9:9b:40:10:a6:07:61:a0:b8:dd:65:40:ef:45:19:a3:4f:
75:cf:17:06:8c:65:bb:d2:c1:bc:2d:d4:07:a8:d3:dd:b2:7a:
f6:99:77:af:b1:4b:30:1f:08:b2:d3:0f:88:6d:39:c2:1b:a7:
b1:e8:c3:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXdUHsIVaS3PRxmRODHXPBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNTJkZGEyNzIyNmEyNzVlM2U3OWIzNzRjOGYyNjNjZDJk
OGVjZDEwHhcNMjMwMTIzMDYyODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYzYTBkODVjYzY5NWRlZTcyZjUxMmIxZDQ5MmE5OWM0ZjE5NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqyRh04PIG+TucT6Ew9pufS8Vd4V
ZndKzpitLYStH8BFD0cuUDXPBAowpeTc0ktcN+NuWpeofdwR84afWROkfwPEJQHb
rFdoAkHx7PFpKpoRre1y3cGLF5KejTdX1zGxuvPneujvyDvmzZJedIWe1lwEr9v4
N30pzZQpddIUUqe7946CELm6950nt085r7tCRIStqYxStoAkttWCpAv7r9EgXFhh
yCZqDqeGrj+eabgo4QhX/RB1DpimSmRfe5Lhi278iv7d4aISSXPCigM7Vofx4L8a
+KCl1VsukIeOZCRE5pJy0i6yA7ElNgDat+jXCyxvWWf2nDc9ZxaQgRLPfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHzoNhcxpXe5y9RKx1JKpnE8ZXmMB8GA1UdIwQY
MBaAFLJS3aJyJqJ14+ebN0yPJjzS2OzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2xMZG9uSW1vblhqNTVzM1RJOG1QTkxZN05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDVhMmUtYzI4MS00ZGFiLTgzNzMt
YTE3Nzk5MDRiMWM1LzEva2ZPZzJGekdsZDduTDFFckhVa3FtY1R4bGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDVhMmUtYzI4MS00ZGFiLTgzNzMtYTE3Nzk5MDRiMWM1
LzEvc2xMZG9uSW1vblhqNTVzM1RJOG1QTkxZN05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZyoMA0G
CSqGSIb3DQEBCwUAA4IBAQDO9yfNTRu6XjlybB3/+UL5YtSpdWMoPdfo8cms+cnf
t15mzmuyVO+LtPpu34QyaJvXvIm8GlXt3YlSqp/uyxw1LsqSPQinjJ48U6UNFypN
LOjF43KO88D4wYYRA7YLnOFKvO6q0X2OpCWjyjvEAWCY0w043HO+rcjn2Efrg5fK
3Og6lo5f2CQmCkwiB0ZGHwRxSAP4bYXZq+jjyy8DKNyi0L1lewxHtrM2FjA1bGp1
rx5m/cEjD8VkLCzi4Q9K9XzogcUL1HSpuZtAEKYHYaC43WVA70UZo091zxcGjGW7
0sG8LdQHqNPdsnr2mXevsUswHwiy0w+IbTnCG6ex6MMz
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:58 2024 by rpki-client on console.sobornost.net