Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/7b03d1-0e68-444f-9188-76e5ceb03fd9/1/okIwLdcTpFHFHWs0xcWj1OtIMKc.roa
File: okIwLdcTpFHFHWs0xcWj1OtIMKc.roa (raw, json)
Hash identifier: ArZGOptpghBeQM104auM3+bHIwA67yumkv7SdEaCLVg=
Subject key identifier: A2:42:30:2D:D7:13:A4:51:C5:1D:6B:34:C5:C5:A3:D4:EB:48:30:A7
Certificate issuer: /CN=1b3554498f3c8dd539c25a9d85348fab817eda23
Certificate serial: 01857030752EC37BC06A02577025AC61168B
Authority key identifier: 1B:35:54:49:8F:3C:8D:D5:39:C2:5A:9D:85:34:8F:AB:81:7E:DA:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzVUSY88jdU5wlqdhTSPq4F-2iM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/7b03d1-0e68-444f-9188-76e5ceb03fd9/1/okIwLdcTpFHFHWs0xcWj1OtIMKc.roa
Signing time: Mon 02 Jan 2023 01:55:01 +0000
ROA not before: Mon 02 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60305
IP address blocks: 194.113.252.0/24 maxlen: 24
194.113.253.0/24 maxlen: 24
194.113.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:75:2e:c3:7b:c0:6a:02:57:70:25:ac:61:16:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b3554498f3c8dd539c25a9d85348fab817eda23
Validity
Not Before: Jan 2 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a242302dd713a451c51d6b34c5c5a3d4eb4830a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:33:bf:64:ce:77:46:2f:d9:93:aa:7e:28:57:
a1:e2:1b:01:b5:7d:bf:95:72:83:ef:8a:3f:09:c3:
05:9d:1c:08:53:d7:8e:54:59:28:b2:88:96:84:dd:
31:40:69:a7:a6:62:4f:65:78:35:01:36:f7:a2:0d:
40:83:25:c5:57:da:81:d8:46:1b:46:2a:ee:cb:dd:
49:73:c5:d9:fe:57:bd:eb:47:42:9c:f3:88:1f:f7:
e5:58:87:ac:19:8d:1c:25:31:1b:00:b3:f6:fe:ce:
e4:41:29:4a:a0:e6:c3:a9:7c:0f:b6:d8:d3:3d:ff:
df:b3:c1:bb:02:fb:84:85:0f:34:23:04:46:66:5e:
e5:8e:18:39:d1:cf:dc:f6:77:51:c8:c1:51:0a:cc:
25:af:0d:8f:76:fb:9c:0b:57:2a:e6:ca:4a:49:5f:
5c:a8:ae:28:3e:0e:05:54:54:3c:9a:fa:0a:31:fe:
39:79:55:48:3f:ee:e4:04:b9:82:f9:8f:b3:cb:97:
a1:e7:2f:b9:4d:38:0a:b6:95:a6:c5:27:68:9b:12:
dc:92:05:c3:f3:99:ca:72:f7:6c:30:88:65:85:b1:
42:16:49:5d:e9:67:ae:b6:49:ea:ba:92:ee:c6:7d:
6c:17:ca:4c:5b:de:54:a2:eb:3b:7d:01:eb:c5:ba:
af:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:42:30:2D:D7:13:A4:51:C5:1D:6B:34:C5:C5:A3:D4:EB:48:30:A7
X509v3 Authority Key Identifier:
keyid:1B:35:54:49:8F:3C:8D:D5:39:C2:5A:9D:85:34:8F:AB:81:7E:DA:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzVUSY88jdU5wlqdhTSPq4F-2iM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/7b03d1-0e68-444f-9188-76e5ceb03fd9/1/okIwLdcTpFHFHWs0xcWj1OtIMKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/7b03d1-0e68-444f-9188-76e5ceb03fd9/1/GzVUSY88jdU5wlqdhTSPq4F-2iM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.252.0/22
Signature Algorithm: sha256WithRSAEncryption
38:3a:15:06:ff:f3:58:10:8a:81:d1:b0:ae:fb:84:4d:27:5d:
9e:29:08:e5:5c:09:57:f7:a7:f4:f1:e8:09:48:3c:95:ad:09:
65:52:4f:dc:d3:2a:f1:f5:a1:cb:5a:b7:4d:db:54:e8:ef:8a:
1b:bc:32:33:66:fa:49:6d:62:01:20:cb:e3:b5:31:63:8d:af:
14:ed:fd:46:65:44:2e:e4:ee:5f:8d:78:bd:08:f3:8e:73:c6:
81:7c:77:70:21:33:fc:01:ae:21:99:38:21:e6:5b:37:0a:d9:
4e:29:f1:f5:e3:b2:f0:b8:6a:97:e6:ee:87:13:b9:2a:38:1f:
65:10:1b:ba:91:a8:0e:0d:48:26:78:10:f3:1b:22:df:27:3f:
78:81:f6:00:a7:62:e8:14:d6:b7:3d:ea:57:6d:27:34:18:f4:
63:0e:0d:f6:0f:5e:15:7d:8b:af:28:0b:8a:fd:f8:07:69:10:
4b:4b:37:6d:76:b3:86:19:9c:b8:12:08:f2:cd:a2:f5:25:3a:
3f:e5:21:7a:01:22:26:5a:80:0a:ea:9c:88:54:e3:1e:b9:76:
4d:56:1d:0e:0c:e9:51:f2:5e:43:af:20:fe:22:e5:10:01:05:
46:06:f7:ce:79:a5:df:b6:b7:3e:23:28:c3:98:29:27:e0:33:
eb:b6:98:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMHUuw3vAagJXcCWsYRaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzU1NDQ5OGYzYzhkZDUzOWMyNWE5ZDg1MzQ4ZmFiODE3
ZWRhMjMwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQyMzAyZGQ3MTNhNDUxYzUxZDZiMzRjNWM1YTNkNGViNDgzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTO/ZM53Ri/Zk6p+KFeh4hsBtX2/
lXKD74o/CcMFnRwIU9eOVFkosoiWhN0xQGmnpmJPZXg1ATb3og1AgyXFV9qB2EYb
Riruy91Jc8XZ/le960dCnPOIH/flWIesGY0cJTEbALP2/s7kQSlKoObDqXwPttjT
Pf/fs8G7AvuEhQ80IwRGZl7ljhg50c/c9ndRyMFRCswlrw2PdvucC1cq5spKSV9c
qK4oPg4FVFQ8mvoKMf45eVVIP+7kBLmC+Y+zy5eh5y+5TTgKtpWmxSdomxLckgXD
85nKcvdsMIhlhbFCFkld6WeutknqupLuxn1sF8pMW95Uous7fQHrxbqv0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJCMC3XE6RRxR1rNMXFo9TrSDCnMB8GA1UdIwQY
MBaAFBs1VEmPPI3VOcJanYU0j6uBftojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3pWVVNZODhqZFU1d2xxZGhUU1BxNEYtMmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy83YjAzZDEtMGU2OC00NDRmLTkxODgt
NzZlNWNlYjAzZmQ5LzEvb2tJd0xkY1RwRkhGSFdzMHhjV2oxT3RJTUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy83YjAzZDEtMGU2OC00NDRmLTkxODgtNzZlNWNlYjAzZmQ5
LzEvR3pWVVNZODhqZFU1d2xxZGhUU1BxNEYtMmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnH8MA0G
CSqGSIb3DQEBCwUAA4IBAQA4OhUG//NYEIqB0bCu+4RNJ12eKQjlXAlX96f08egJ
SDyVrQllUk/c0yrx9aHLWrdN21To74obvDIzZvpJbWIBIMvjtTFjja8U7f1GZUQu
5O5fjXi9CPOOc8aBfHdwITP8Aa4hmTgh5ls3CtlOKfH147LwuGqX5u6HE7kqOB9l
EBu6kagODUgmeBDzGyLfJz94gfYAp2LoFNa3PepXbSc0GPRjDg32D14VfYuvKAuK
/fgHaRBLSzdtdrOGGZy4EgjyzaL1JTo/5SF6ASImWoAK6pyIVOMeuXZNVh0ODOlR
8l5DryD+IuUQAQVGBvfOeaXftrc+IyjDmCkn4DPrtpil
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:02 2024 by rpki-client on console.sobornost.net