Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/XSVCy13JSptvZ846fMziRDYlfFA.roa
File: XSVCy13JSptvZ846fMziRDYlfFA.roa (raw, json)
Hash identifier: Zz/1wE5Hu6R10iG6hCz9S7eRC4Q3bpBrHEZbwN/PoOA=
Subject key identifier: 5D:25:42:CB:5D:C9:4A:9B:6F:67:CE:3A:7C:CC:E2:44:36:25:7C:50
Certificate issuer: /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial: 01856F1DA3CAF22C980D312136E6807D82A7
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/XSVCy13JSptvZ846fMziRDYlfFA.roa
Signing time: Sun 01 Jan 2023 20:54:51 +0000
ROA not before: Sun 01 Jan 2023 20:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43109
IP address blocks: 193.243.156.0/23 maxlen: 23
91.196.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a3:ca:f2:2c:98:0d:31:21:36:e6:80:7d:82:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
Validity
Not Before: Jan 1 20:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d2542cb5dc94a9b6f67ce3a7ccce24436257c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e6:87:ef:fe:b7:4c:ce:36:85:ce:f4:48:ba:
af:1d:b6:97:97:b1:47:2b:a8:92:74:23:46:cd:fe:
39:c3:4a:5f:a3:fd:59:8b:0a:28:3f:6a:a3:50:02:
60:c3:21:fd:bb:a6:32:1b:63:6d:8a:18:ed:80:9d:
d5:73:81:b2:f1:47:fd:04:f6:05:50:bb:cf:7b:29:
b1:9e:e2:4d:ab:da:6d:73:f7:f4:16:c5:59:1e:e7:
7c:3d:21:29:f2:cd:1f:95:d1:98:22:1a:cc:7f:64:
12:83:13:5e:91:9e:75:64:84:0c:c0:aa:12:71:cf:
29:39:01:7d:ad:b0:84:04:f5:c3:66:00:dd:41:38:
57:68:4b:07:b3:bf:2b:5d:a5:ee:97:21:d4:1e:97:
ec:58:56:f3:5f:1a:c4:b1:ce:f7:e6:6e:c5:13:e2:
b4:8e:8c:8d:ce:6d:c0:d6:42:91:ac:d7:5b:5f:94:
ec:89:0e:c8:f2:cb:9b:13:3a:87:a7:18:d9:e1:79:
6f:68:d2:ac:e7:f6:14:ac:a6:0a:95:ed:73:3e:50:
13:17:8d:7e:98:36:67:53:b3:58:a0:a7:15:94:0a:
58:5d:bf:ba:53:45:53:da:14:1a:c6:d1:c9:35:03:
ef:58:60:fa:2d:30:02:c3:2f:46:cf:00:e0:10:ef:
61:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:42:CB:5D:C9:4A:9B:6F:67:CE:3A:7C:CC:E2:44:36:25:7C:50
X509v3 Authority Key Identifier:
keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/XSVCy13JSptvZ846fMziRDYlfFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.96.0/22
193.243.156.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:2c:ff:85:4f:d4:53:61:57:e8:96:03:2a:9d:b4:81:28:a8:
da:46:e7:4d:90:a5:de:32:c2:31:3f:9e:f5:09:ab:3f:2f:e7:
fe:f0:70:e1:f5:c0:b2:67:7d:94:0c:36:fe:d3:cc:a4:9d:e1:
d8:08:2c:62:49:7b:03:68:23:68:a2:3c:b0:37:85:5f:7c:40:
26:27:d0:cc:a8:56:0f:a1:19:9f:77:7c:d1:a3:ea:e1:fe:5a:
7b:f3:cd:48:84:d2:98:0c:9e:43:fb:cf:1e:f0:99:ff:c6:2b:
da:50:a7:26:22:1b:c6:bc:c1:9d:02:f6:bc:69:49:61:7d:d3:
a4:5e:a6:54:a3:3e:2e:9c:d3:dc:42:cb:c5:41:40:2c:d7:c9:
a6:3a:60:f2:b5:2f:0d:77:90:fa:a8:cb:be:75:c2:c6:21:d8:
e0:b6:5b:5d:ce:d9:87:4b:5e:85:42:02:c8:38:9f:29:3f:bf:
11:63:bb:d6:7a:b5:fc:95:0d:7f:e7:f2:d8:00:e5:10:88:b8:
ac:ab:9f:45:db:d0:9a:b3:4a:f3:9f:a1:22:78:9c:d0:ab:4d:
c0:41:bb:92:6b:b1:f5:a9:7f:15:d5:39:f4:6e:76:47:77:ed:
b2:ee:91:5f:e3:ea:30:c3:3d:96:13:2a:c6:8c:e9:03:06:2e:
a1:8f:d2:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHaPK8iyYDTEhNuaAfYKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4
M2I3M2UwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI1NDJjYjVkYzk0YTliNmY2N2NlM2E3Y2NjZTI0NDM2MjU3YzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+aH7/63TM42hc70SLqvHbaXl7FH
K6iSdCNGzf45w0pfo/1ZiwooP2qjUAJgwyH9u6YyG2NtihjtgJ3Vc4Gy8Uf9BPYF
ULvPeymxnuJNq9ptc/f0FsVZHud8PSEp8s0fldGYIhrMf2QSgxNekZ51ZIQMwKoS
cc8pOQF9rbCEBPXDZgDdQThXaEsHs78rXaXulyHUHpfsWFbzXxrEsc735m7FE+K0
joyNzm3A1kKRrNdbX5TsiQ7I8subEzqHpxjZ4XlvaNKs5/YUrKYKle1zPlATF41+
mDZnU7NYoKcVlApYXb+6U0VT2hQaxtHJNQPvWGD6LTACwy9GzwDgEO9hbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF0lQstdyUqbb2fOOnzM4kQ2JXxQMB8GA1UdIwQY
MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt
Zjk4ZWM5ZDE2MmJlLzEvWFNWQ3kxM0pTcHR2Wjg0NmZNemlSRFlsZkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl
LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8RgAwQB
wfOcMA0GCSqGSIb3DQEBCwUAA4IBAQBLLP+FT9RTYVfolgMqnbSBKKjaRudNkKXe
MsIxP571Cas/L+f+8HDh9cCyZ32UDDb+08ykneHYCCxiSXsDaCNoojywN4VffEAm
J9DMqFYPoRmfd3zRo+rh/lp7881IhNKYDJ5D+88e8Jn/xivaUKcmIhvGvMGdAva8
aUlhfdOkXqZUoz4unNPcQsvFQUAs18mmOmDytS8Nd5D6qMu+dcLGIdjgtltdztmH
S16FQgLIOJ8pP78RY7vWerX8lQ1/5/LYAOUQiLisq59F29Cas0rzn6EieJzQq03A
QbuSa7H1qX8V1Tn0bnZHd+2y7pFf4+owwz2WEyrGjOkDBi6hj9Ke
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:36:33 2024 by rpki-client on console.sobornost.net