Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xBRnGHNVlA452gRTXsY-LOz-BoM.roa
File: xBRnGHNVlA452gRTXsY-LOz-BoM.roa (raw, json)
Hash identifier: JG6fs2aXrjcn/1M+pVrFWoBHKQUJ2XzPRZXB4xe8gyA=
Subject key identifier: C4:14:67:18:73:55:94:0E:39:DA:04:53:5E:C6:3E:2C:EC:FE:06:83
Certificate issuer: /CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Certificate serial: 01856CF842BA140FA86D625239595F18C1B5
Authority key identifier: 6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xBRnGHNVlA452gRTXsY-LOz-BoM.roa
Signing time: Sun 01 Jan 2023 10:54:47 +0000
ROA not before: Sun 01 Jan 2023 10:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2799
IP address blocks: 147.186.0.0/17 maxlen: 17
147.186.128.0/17 maxlen: 17
147.186.171.0/24 maxlen: 24
2001:67c:49c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:42:ba:14:0f:a8:6d:62:52:39:59:5f:18:c1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Validity
Not Before: Jan 1 10:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c41467187355940e39da04535ec63e2cecfe0683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:36:42:e7:c4:39:f5:10:ca:67:9f:55:55:
77:d6:6d:3a:d6:37:1b:16:a7:dd:fe:b5:ad:c1:90:
75:9f:37:d3:75:58:a8:30:f8:1c:0f:98:be:ac:44:
67:61:9a:c8:7e:a1:81:4b:c2:d5:8a:0a:b1:43:ac:
67:29:4b:cb:3b:11:62:12:46:ce:54:68:33:1d:db:
d6:47:a0:9d:8d:5b:72:9d:41:42:18:9c:f1:70:b8:
8d:df:19:59:a8:e9:d7:9c:21:3c:d1:5b:40:77:76:
32:9e:53:46:6a:cb:29:83:e5:35:58:97:17:f6:07:
3f:0c:4a:fd:4c:cf:20:38:6a:6b:b1:d1:40:89:e8:
30:3b:fe:3d:a6:21:04:f9:4d:5c:ad:09:7d:54:95:
a5:6a:74:2b:92:ba:55:78:41:40:70:21:5c:09:b1:
3d:57:ef:ac:48:53:2f:d3:56:53:6e:0f:43:be:3d:
be:38:30:64:cd:51:2f:ab:f1:e6:26:ae:02:60:09:
8a:8f:8d:0a:17:e0:0f:75:23:aa:ce:94:90:62:a0:
38:22:1a:d4:43:5e:15:ab:2b:01:65:64:15:8a:f3:
d5:d4:bd:79:0b:38:75:07:81:ef:60:43:9d:9a:a9:
55:3e:c9:c1:35:9b:fb:16:ef:3d:85:bd:3c:c2:40:
b5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:14:67:18:73:55:94:0E:39:DA:04:53:5E:C6:3E:2C:EC:FE:06:83
X509v3 Authority Key Identifier:
keyid:6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xBRnGHNVlA452gRTXsY-LOz-BoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.186.0.0/16
IPv6:
2001:67c:49c::/48
Signature Algorithm: sha256WithRSAEncryption
7a:53:e7:a9:92:c6:8b:5a:20:35:c4:68:54:43:6c:8b:08:3b:
e6:40:58:b3:72:d4:11:92:87:61:4f:56:96:4b:d7:ce:86:05:
7f:4c:81:01:de:78:d3:20:a2:41:db:8f:92:0d:80:53:47:ee:
63:ad:32:7f:a9:9e:ad:93:79:c7:c6:81:6c:54:3f:6d:8f:99:
06:47:2e:36:32:9e:d0:b6:d8:d5:9c:13:10:e1:cd:b9:40:8a:
16:de:12:f5:3d:ae:e5:1f:77:2a:cf:44:da:b1:3e:52:18:11:
93:73:02:f0:51:76:91:2b:ac:0e:da:a2:2a:f3:83:3f:19:01:
73:8f:50:c1:4c:71:9a:7c:c0:14:0c:6c:35:fc:d9:01:75:c8:
e7:80:85:f7:42:2a:e0:27:9b:0c:ad:f0:af:f2:6a:a6:3c:98:
ed:5a:0b:69:92:5f:63:dd:2e:28:55:94:19:1a:bb:20:ed:08:
7b:84:af:70:98:bc:19:52:b7:07:73:de:7a:75:0c:60:aa:eb:
01:cb:45:b6:eb:26:aa:72:01:60:ef:b7:3d:d8:1e:09:31:27:
4d:02:5c:a8:95:dd:d2:aa:a8:e6:1e:5b:52:45:02:7a:c1:e8:
10:3e:76:cf:3e:c8:80:af:0b:2b:71:7e:f7:e8:91:52:2d:81:
11:09:b2:47
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVs+EK6FA+obWJSOVlfGMG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmIwZjliZGMzYTJmYWU0N2I0N2U3MDIxODk5M2M5MTlm
MTBmYjAwHhcNMjMwMTAxMTA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE0NjcxODczNTU5NDBlMzlkYTA0NTM1ZWM2M2UyY2VjZmUwNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo42QufEOfUQymefVVV31m061jcb
Fqfd/rWtwZB1nzfTdVioMPgcD5i+rERnYZrIfqGBS8LVigqxQ6xnKUvLOxFiEkbO
VGgzHdvWR6CdjVtynUFCGJzxcLiN3xlZqOnXnCE80VtAd3YynlNGasspg+U1WJcX
9gc/DEr9TM8gOGprsdFAiegwO/49piEE+U1crQl9VJWlanQrkrpVeEFAcCFcCbE9
V++sSFMv01ZTbg9Dvj2+ODBkzVEvq/HmJq4CYAmKj40KF+APdSOqzpSQYqA4IhrU
Q14VqysBZWQVivPV1L15Czh1B4HvYEOdmqlVPsnBNZv7Fu89hb08wkC1qQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMQUZxhzVZQOOdoEU17GPizs/gaDMB8GA1UdIwQY
MBaAFG/7D5vcOi+uR7R+cCGJk8kZ8Q+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYt
ZjlhYjNiMDUyMzQ5LzEveEJSbkdITlZsQTQ1MmdSVFhzWS1MT3otQm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYtZjlhYjNiMDUyMzQ5
LzEvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAk7owDwQC
AAIwCQMHACABBnwEnDANBgkqhkiG9w0BAQsFAAOCAQEAelPnqZLGi1ogNcRoVENs
iwg75kBYs3LUEZKHYU9WlkvXzoYFf0yBAd540yCiQduPkg2AU0fuY60yf6merZN5
x8aBbFQ/bY+ZBkcuNjKe0LbY1ZwTEOHNuUCKFt4S9T2u5R93Ks9E2rE+UhgRk3MC
8FF2kSusDtqiKvODPxkBc49QwUxxmnzAFAxsNfzZAXXI54CF90Iq4CebDK3wr/Jq
pjyY7VoLaZJfY90uKFWUGRq7IO0Ie4SvcJi8GVK3B3PeenUMYKrrActFtusmqnIB
YO+3PdgeCTEnTQJcqJXd0qqo5h5bUkUCesHoED52zz7IgK8LK3F+9+iRUi2BEQmy
Rw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:01 2024 by rpki-client on console.sobornost.net