Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/a-hfkggg3brEz4BeQb4JyyVOINk.roa
File: a-hfkggg3brEz4BeQb4JyyVOINk.roa (raw, json)
Hash identifier: ZuhNKqghI7I+1pleX0pkST2M3jGqxnzYdULMmkF53o8=
Subject key identifier: 6B:E8:5F:92:08:20:DD:BA:C4:CF:80:5E:41:BE:09:CB:25:4E:20:D9
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 01856F021EF550688C7BCC44F397EEFFE5E2
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/a-hfkggg3brEz4BeQb4JyyVOINk.roa
Signing time: Sun 01 Jan 2023 20:24:48 +0000
ROA not before: Sun 01 Jan 2023 20:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209453
IP address blocks: 213.167.229.0/24 maxlen: 24
213.167.230.0/24 maxlen: 24
217.70.179.0/24 maxlen: 24
217.70.187.0/24 maxlen: 24
2001:4b98:abcb::/48 maxlen: 48
2001:4b98:aaab::/48 maxlen: 48
2001:4b98:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:1e:f5:50:68:8c:7b:cc:44:f3:97:ee:ff:e5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 1 20:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6be85f920820ddbac4cf805e41be09cb254e20d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:68:5d:bd:d7:6b:44:bd:b8:f7:c3:7a:9a:
37:5c:96:80:55:7b:3a:ef:29:1c:29:4d:7e:02:53:
01:23:79:f4:a4:49:37:40:a1:34:69:24:5b:95:03:
71:6c:44:1d:19:52:4f:06:b0:46:4b:91:f2:c3:e4:
72:71:9d:68:a5:f5:7e:b3:2c:65:23:51:dd:d6:f4:
6a:38:7f:6c:46:bd:17:50:e9:bd:70:90:55:73:23:
30:ff:30:f2:8e:2e:f4:24:de:26:f5:93:30:fe:a3:
6b:15:3d:ca:48:6d:2c:b9:68:f7:8d:e7:db:9f:99:
47:2f:be:70:81:67:08:76:e2:73:58:af:a6:a5:44:
60:91:12:d4:05:78:68:9a:26:36:db:9d:3a:a9:cf:
35:d0:fe:6a:84:27:cf:95:20:4b:63:97:dd:78:ef:
76:c8:29:48:04:01:f4:dd:25:65:26:d2:85:40:0e:
a7:08:c0:0f:cc:a0:4a:64:89:68:80:b1:b4:42:12:
a0:ec:58:c1:d8:06:11:08:13:9c:b8:1e:ae:5f:d4:
46:b4:15:1d:2a:de:28:c6:ba:51:e2:c5:ae:63:e4:
2c:b6:11:ea:da:7c:53:8a:22:58:4c:8c:95:f4:5d:
e2:1f:a0:75:60:31:27:89:4e:98:84:71:1f:fe:64:
7b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E8:5F:92:08:20:DD:BA:C4:CF:80:5E:41:BE:09:CB:25:4E:20:D9
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/a-hfkggg3brEz4BeQb4JyyVOINk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.229.0-213.167.230.255
217.70.179.0/24
217.70.187.0/24
IPv6:
2001:4b98:aaaa::/47
2001:4b98:abcb::/48
Signature Algorithm: sha256WithRSAEncryption
05:ec:8e:48:2a:de:6c:dd:ae:f3:a3:9f:0f:bd:87:c6:01:e9:
b3:b5:0c:7a:f8:a9:31:9b:c1:e5:9d:db:c3:60:2e:5e:86:ad:
7f:36:00:44:b1:d5:9d:4a:4e:fa:e3:96:80:9f:fa:10:18:c0:
54:62:27:f8:5f:6a:71:75:5c:e3:ed:07:b8:47:bc:f1:a0:50:
cc:09:56:c6:ef:77:6b:21:c7:11:d4:2b:b6:d0:01:51:76:d7:
77:56:61:a8:b9:60:8e:80:46:24:71:71:40:8a:a6:02:9c:a9:
05:9d:4a:ca:55:ab:b3:69:26:96:af:32:97:d4:d8:5f:b9:cb:
bc:94:b8:a6:8b:0d:c5:26:ff:69:7b:04:c5:d9:65:a4:a8:b0:
03:b9:f4:22:83:40:3c:92:e2:e5:15:09:81:21:3e:de:ec:68:
c5:72:5d:8b:7c:4a:28:6f:0c:ae:5f:d9:c2:46:02:19:5e:11:
31:fd:46:09:1b:60:c3:6a:e6:88:f4:e5:15:c2:b3:e1:c4:30:
ac:99:c4:fc:62:4f:80:29:c1:0b:ae:07:d1:6c:4d:05:25:6b:
6c:2a:f1:72:2f:ef:85:be:c9:ed:06:80:8c:2b:11:93:e4:1e:
12:99:48:54:04:97:9f:81:c5:19:b5:8b:75:b9:46:3d:4d:fe:
4f:90:cb:27
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVvAh71UGiMe8xE85fu/+XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYTBlYzU5NTY0MzI0MjM3NDIwZDUwNmI5YjQ5OGQ3NTJl
ZTIxNjgwHhcNMjMwMTAxMjAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU4NWY5MjA4MjBkZGJhYzRjZjgwNWU0MWJlMDljYjI1NGUyMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTxoXb3Xa0S9uPfDepo3XJaAVXs6
7ykcKU1+AlMBI3n0pEk3QKE0aSRblQNxbEQdGVJPBrBGS5Hyw+RycZ1opfV+syxl
I1Hd1vRqOH9sRr0XUOm9cJBVcyMw/zDyji70JN4m9ZMw/qNrFT3KSG0suWj3jefb
n5lHL75wgWcIduJzWK+mpURgkRLUBXhomiY22506qc810P5qhCfPlSBLY5fdeO92
yClIBAH03SVlJtKFQA6nCMAPzKBKZIlogLG0QhKg7FjB2AYRCBOcuB6uX9RGtBUd
Kt4oxrpR4sWuY+QsthHq2nxTiiJYTIyV9F3iH6B1YDEniU6YhHEf/mR70QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGvoX5IIIN26xM+AXkG+CcslTiDZMB8GA1UdIwQY
MBaAFLyg7FlWQyQjdCDVBrm0mNdS7iFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMt
N2M1NDlmMWVkMTZjLzEvYS1oZmtnZ2czYnJFejRCZVFiNEp5eVZPSU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMtN2M1NDlmMWVkMTZj
LzEvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaMAwDBADVp+UD
BADVp+YDBADZRrMDBADZRrswGAQCAAIwEgMHASABS5iqqgMHACABS5iryzANBgkq
hkiG9w0BAQsFAAOCAQEABeyOSCrebN2u86OfD72HxgHps7UMevipMZvB5Z3bw2Au
XoatfzYARLHVnUpO+uOWgJ/6EBjAVGIn+F9qcXVc4+0HuEe88aBQzAlWxu93ayHH
EdQrttABUXbXd1ZhqLlgjoBGJHFxQIqmApypBZ1KylWrs2kmlq8yl9TYX7nLvJS4
posNxSb/aXsExdllpKiwA7n0IoNAPJLi5RUJgSE+3uxoxXJdi3xKKG8Mrl/ZwkYC
GV4RMf1GCRtgw2rmiPTlFcKz4cQwrJnE/GJPgCnBC64H0WxNBSVrbCrxci/vhb7J
7QaAjCsRk+QeEplIVASXn4HFGbWLdblGPU3+T5DLJw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:14:56 2024 by rpki-client on console.sobornost.net