Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/t1jSQBnzyMqmp1KcMAGzLgSliws.roa
File: t1jSQBnzyMqmp1KcMAGzLgSliws.roa (raw, json)
Hash identifier: vAtj7hb1MH8oj6Hw79Yr5tTsj1s7X774tHa05TaYgpM=
Subject key identifier: B7:58:D2:40:19:F3:C8:CA:A6:A7:52:9C:30:01:B3:2E:04:A5:8B:0B
Certificate issuer: /CN=3c86ec321e72fd46c98dcc0cd7c70bcad557d59c
Certificate serial: 0189CEE36C5FBDE4CF7526DEDE2E260C622B
Authority key identifier: 3C:86:EC:32:1E:72:FD:46:C9:8D:CC:0C:D7:C7:0B:CA:D5:57:D5:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIbsMh5y_UbJjcwM18cLytVX1Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/t1jSQBnzyMqmp1KcMAGzLgSliws.roa
Signing time: Mon 07 Aug 2023 07:25:58 +0000
ROA not before: Mon 07 Aug 2023 07:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209097
IP address blocks: 5.182.144.0/22 maxlen: 24
45.149.56.0/22 maxlen: 24
2a0e:5c00::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:e3:6c:5f:bd:e4:cf:75:26:de:de:2e:26:0c:62:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c86ec321e72fd46c98dcc0cd7c70bcad557d59c
Validity
Not Before: Aug 7 07:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b758d24019f3c8caa6a7529c3001b32e04a58b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:63:17:a2:2a:c8:c0:9e:3b:01:9c:d9:67:16:
31:39:21:1c:38:73:2d:c7:08:01:ab:b4:fb:45:fa:
5e:8d:03:81:93:58:ae:91:38:9c:5c:0a:83:14:ec:
09:0b:2e:68:4b:68:f1:03:84:28:e4:83:db:58:22:
3c:ba:3e:73:1d:f9:45:2d:6e:83:3f:9d:60:92:0b:
3c:98:67:0c:51:83:af:0e:50:7f:e9:35:16:f1:41:
9b:81:c7:a5:ed:e6:9a:97:85:3a:d3:53:57:e6:43:
3f:7d:56:f2:e2:d1:11:5c:e1:36:bb:89:40:b5:b9:
a6:d4:2f:6d:68:e7:ea:d3:da:bf:c3:4f:bc:08:49:
07:8d:fe:0c:c7:ce:22:2f:aa:30:6d:3b:b7:67:68:
b6:e7:38:fe:97:c3:c4:54:cc:c1:6d:0a:b3:92:42:
b9:d9:ac:df:d5:0e:6f:c3:61:bf:42:fa:84:c0:de:
9f:3f:a6:c1:67:f2:9e:fb:44:01:78:73:f6:b5:d5:
e2:08:aa:e8:61:f0:e5:c1:f8:e7:47:62:cc:c7:c0:
7f:2e:b8:68:77:1e:f8:88:6d:e0:11:36:a7:aa:f7:
89:02:61:29:15:77:3b:3a:60:fa:5a:44:84:42:c6:
61:0f:b7:e8:10:c2:ee:9f:6e:81:37:f6:4f:5b:f0:
b7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:58:D2:40:19:F3:C8:CA:A6:A7:52:9C:30:01:B3:2E:04:A5:8B:0B
X509v3 Authority Key Identifier:
keyid:3C:86:EC:32:1E:72:FD:46:C9:8D:CC:0C:D7:C7:0B:CA:D5:57:D5:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIbsMh5y_UbJjcwM18cLytVX1Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/t1jSQBnzyMqmp1KcMAGzLgSliws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/PIbsMh5y_UbJjcwM18cLytVX1Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.144.0/22
45.149.56.0/22
IPv6:
2a0e:5c00::/29
Signature Algorithm: sha256WithRSAEncryption
bf:8b:43:2f:f1:e5:9b:0e:bc:32:2d:b0:da:9d:73:01:26:c0:
dc:4a:dc:3e:a6:0f:e9:1d:5d:06:44:96:8a:dc:93:0f:e3:d8:
e7:46:e4:62:4b:14:5f:7f:a3:65:20:83:b2:f3:ce:a0:e6:a8:
e3:5e:66:87:29:69:90:97:29:41:10:15:cb:78:1c:5b:f7:e1:
32:52:a1:03:f3:1c:1a:56:5b:6c:f6:20:68:07:e2:8b:e7:a1:
57:69:9d:4a:85:22:81:15:d5:c0:37:5e:fb:5e:4e:da:99:d4:
3e:0d:9c:21:0c:e0:0a:10:3d:71:9e:f6:35:69:82:8f:1c:ff:
db:cc:7a:7d:e5:26:2b:63:d6:a1:e9:a2:3f:5a:15:5c:1f:61:
e3:1b:0e:a4:a9:a0:65:07:d8:0d:bd:5f:5f:92:1e:77:cf:21:
de:fc:92:91:45:80:5c:d1:a7:2a:6c:46:1c:cf:c8:9d:e5:35:
aa:ad:a0:50:51:8c:b4:9d:54:36:54:29:92:43:f8:cf:67:55:
7d:2d:75:d7:35:ea:15:f1:40:31:74:7e:67:1e:94:fb:f1:d2:
5c:17:e8:94:51:e1:f3:3e:4e:22:20:b4:8f:d8:d4:3e:fb:b0:
1f:cf:4c:5c:6d:02:34:2e:98:78:2f:7e:ff:d8:2e:af:03:1a:
fe:b9:45:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnO42xfveTPdSbe3i4mDGIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODZlYzMyMWU3MmZkNDZjOThkY2MwY2Q3YzcwYmNhZDU1
N2Q1OWMwHhcNMjMwODA3MDcyNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU4ZDI0MDE5ZjNjOGNhYTZhNzUyOWMzMDAxYjMyZTA0YTU4YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWMXoirIwJ47AZzZZxYxOSEcOHMt
xwgBq7T7RfpejQOBk1iukTicXAqDFOwJCy5oS2jxA4Qo5IPbWCI8uj5zHflFLW6D
P51gkgs8mGcMUYOvDlB/6TUW8UGbgcel7eaal4U601NX5kM/fVby4tERXOE2u4lA
tbmm1C9taOfq09q/w0+8CEkHjf4Mx84iL6owbTu3Z2i25zj+l8PEVMzBbQqzkkK5
2azf1Q5vw2G/QvqEwN6fP6bBZ/Ke+0QBeHP2tdXiCKroYfDlwfjnR2LMx8B/Lrho
dx74iG3gETanqveJAmEpFXc7OmD6WkSEQsZhD7foEMLun26BN/ZPW/C3dwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLdY0kAZ88jKpqdSnDABsy4EpYsLMB8GA1UdIwQY
MBaAFDyG7DIecv1GyY3MDNfHC8rVV9WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElic01oNXlfVWJKamN3TTE4Y0x5dFZYMVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81YzBmZDItNjc0My00NjgyLTk2N2It
NWYxNWJlYWZhOWIxLzEvdDFqU1FCbnp5TXFtcDFLY01BR3pMZ1NsaXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81YzBmZDItNjc0My00NjgyLTk2N2ItNWYxNWJlYWZhOWIx
LzEvUElic01oNXlfVWJKamN3TTE4Y0x5dFZYMVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbaQAwQC
LZU4MA0EAgACMAcDBQMqDlwAMA0GCSqGSIb3DQEBCwUAA4IBAQC/i0Mv8eWbDrwy
LbDanXMBJsDcStw+pg/pHV0GRJaK3JMP49jnRuRiSxRff6NlIIOy886g5qjjXmaH
KWmQlylBEBXLeBxb9+EyUqED8xwaVlts9iBoB+KL56FXaZ1KhSKBFdXAN177Xk7a
mdQ+DZwhDOAKED1xnvY1aYKPHP/bzHp95SYrY9ah6aI/WhVcH2HjGw6kqaBlB9gN
vV9fkh53zyHe/JKRRYBc0acqbEYcz8id5TWqraBQUYy0nVQ2VCmSQ/jPZ1V9LXXX
NeoV8UAxdH5nHpT78dJcF+iUUeHzPk4iILSP2NQ++7Afz0xcbQI0Lph4L37/2C6v
Axr+uUW9
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:00 2023 by rpki-client on console.sobornost.net