Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/wA5GY6Aw8x1FyCnz2Z_GoNcvEJ0.roa
File: wA5GY6Aw8x1FyCnz2Z_GoNcvEJ0.roa (raw, json)
Hash identifier: 1jpnKtzair0uHlStmEze4TD38fVhcpDDeuku4sbLxTA=
Subject key identifier: C0:0E:46:63:A0:30:F3:1D:45:C8:29:F3:D9:9F:C6:A0:D7:2F:10:9D
Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Certificate serial: 01856F0B3B41204D37BFA600A2793855D216
Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/wA5GY6Aw8x1FyCnz2Z_GoNcvEJ0.roa
Signing time: Sun 01 Jan 2023 20:34:45 +0000
ROA not before: Sun 01 Jan 2023 20:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44850
IP address blocks: 91.203.33.0/24 maxlen: 24
91.203.34.0/24 maxlen: 24
91.203.34.0/23 maxlen: 23
91.203.35.0/24 maxlen: 24
91.203.32.0/23 maxlen: 23
91.203.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:3b:41:20:4d:37:bf:a6:00:a2:79:38:55:d2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Validity
Not Before: Jan 1 20:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00e4663a030f31d45c829f3d99fc6a0d72f109d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:41:2b:11:fe:9b:bc:ec:f6:a5:20:5c:24:23:
da:46:b2:3d:22:07:34:9e:24:8b:00:43:13:5c:4a:
57:70:2e:83:e0:ad:b9:45:7e:60:42:89:4e:85:6b:
69:58:09:ac:d4:74:9f:fd:ce:b2:95:dd:af:2b:16:
25:8b:7a:fe:a3:ae:c2:6d:99:31:c5:fe:ef:9c:56:
e9:a2:f9:81:09:b2:45:b3:c8:fb:62:f1:c8:3f:9f:
d7:36:f3:39:1e:81:ab:e9:85:7c:e5:57:46:36:3c:
d5:d1:1a:7a:ad:51:c6:6e:73:c3:2e:b3:aa:47:d2:
fc:41:86:f6:a4:cd:3b:83:82:f6:a6:01:9a:0d:57:
37:bd:e0:46:b8:ab:a4:fe:a6:4c:83:ab:ca:dd:b3:
83:fc:35:2a:49:03:cc:9c:62:9e:7d:71:4d:84:8b:
55:1e:e8:13:f1:8d:92:21:53:77:2e:35:13:a0:6f:
6f:07:dd:82:fc:c5:6e:d5:6a:bf:db:96:9e:60:ce:
4b:bb:4c:90:de:df:4e:30:bc:56:ea:e6:c3:75:88:
e4:13:66:2e:b1:a6:4b:dd:50:f4:62:97:c6:52:aa:
2c:47:ea:cf:ba:6b:23:86:02:7a:d2:9d:5e:b8:0e:
61:a0:14:e8:e9:3c:9a:32:52:2c:0c:79:a2:b5:86:
d0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0E:46:63:A0:30:F3:1D:45:C8:29:F3:D9:9F:C6:A0:D7:2F:10:9D
X509v3 Authority Key Identifier:
keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/wA5GY6Aw8x1FyCnz2Z_GoNcvEJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.32.0/22
Signature Algorithm: sha256WithRSAEncryption
32:76:5a:63:24:cd:1c:d8:b8:e3:87:f5:8a:2b:e8:2e:c9:1a:
21:62:1e:76:bc:b6:9b:1a:a4:39:5e:a7:b7:19:24:3f:7a:b9:
57:7b:fb:7f:0e:d8:d4:76:3f:a6:75:98:b9:5b:bd:4d:7e:bc:
e9:97:c2:3a:ff:93:0b:ee:17:d8:0a:51:e6:24:eb:6a:08:5c:
ee:0c:61:53:73:f5:ec:6f:02:00:f4:d1:52:bc:9d:93:96:27:
b9:15:3f:f8:8a:8a:59:8b:1e:eb:a6:46:9b:f7:bf:2d:67:d3:
a2:4e:d8:0b:5a:ee:31:8f:25:ab:73:a6:c3:49:52:b4:cb:d3:
0b:cd:d8:5d:ae:37:7c:51:ce:84:02:93:be:8c:45:39:d5:d0:
16:9d:76:3c:fa:a4:3d:bd:8a:52:63:22:bd:fe:23:8a:25:c0:
2a:4f:c5:2f:5d:3c:25:71:bf:7b:b0:e9:1c:38:7e:c7:61:6d:
c6:80:15:0b:6b:72:17:0a:6b:59:e4:c5:b8:6a:11:49:c7:18:
43:6f:c5:06:b8:3f:91:82:b1:34:97:05:37:3a:5b:77:16:50:
17:39:72:33:c9:a1:bc:f2:c9:a9:54:11:a8:68:02:6f:2f:4f:
32:6d:6e:2c:b1:74:6d:0c:4d:cf:5c:a7:f5:43:93:7d:7e:ae:
81:d1:84:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvCztBIE03v6YAonk4VdIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw
NzBkMzAwHhcNMjMwMTAxMjAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBlNDY2M2EwMzBmMzFkNDVjODI5ZjNkOTlmYzZhMGQ3MmYxMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUErEf6bvOz2pSBcJCPaRrI9Igc0
niSLAEMTXEpXcC6D4K25RX5gQolOhWtpWAms1HSf/c6yld2vKxYli3r+o67CbZkx
xf7vnFbpovmBCbJFs8j7YvHIP5/XNvM5HoGr6YV85VdGNjzV0Rp6rVHGbnPDLrOq
R9L8QYb2pM07g4L2pgGaDVc3veBGuKuk/qZMg6vK3bOD/DUqSQPMnGKefXFNhItV
HugT8Y2SIVN3LjUToG9vB92C/MVu1Wq/25aeYM5Lu0yQ3t9OMLxW6ubDdYjkE2Yu
saZL3VD0YpfGUqosR+rPumsjhgJ60p1euA5hoBTo6TyaMlIsDHmitYbQdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAORmOgMPMdRcgp89mfxqDXLxCdMB8GA1UdIwQY
MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt
NDA0NmEzMmQyN2E0LzEvd0E1R1k2QXc4eDFGeUNuejJaX0dvTmN2RUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0
LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8sgMA0G
CSqGSIb3DQEBCwUAA4IBAQAydlpjJM0c2Ljjh/WKK+guyRohYh52vLabGqQ5Xqe3
GSQ/erlXe/t/DtjUdj+mdZi5W71Nfrzpl8I6/5ML7hfYClHmJOtqCFzuDGFTc/Xs
bwIA9NFSvJ2Tlie5FT/4iopZix7rpkab978tZ9OiTtgLWu4xjyWrc6bDSVK0y9ML
zdhdrjd8Uc6EApO+jEU51dAWnXY8+qQ9vYpSYyK9/iOKJcAqT8UvXTwlcb97sOkc
OH7HYW3GgBULa3IXCmtZ5MW4ahFJxxhDb8UGuD+RgrE0lwU3Olt3FlAXOXIzyaG8
8smpVBGoaAJvL08ybW4ssXRtDE3PXKf1Q5N9fq6B0YT3
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:14 2024 by rpki-client on console.sobornost.net