Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a9091f-27a2-42a3-952b-9ed1804f3282/1/r06T47zCGVIocEPAioWanpYQa8c.roa
File: r06T47zCGVIocEPAioWanpYQa8c.roa (raw, json)
Hash identifier: EsPhAlIsAEsLBTyyeJBkW7o5yFxpMPrjc7iWpulOqb8=
Subject key identifier: AF:4E:93:E3:BC:C2:19:52:28:70:43:C0:8A:85:9A:9E:96:10:6B:C7
Certificate issuer: /CN=72d8dbea4023d69f47f89bd2082fffb2466dd2a5
Certificate serial: 01896EAE57692F4B62B56141A67021D6DDE5
Authority key identifier: 72:D8:DB:EA:40:23:D6:9F:47:F8:9B:D2:08:2F:FF:B2:46:6D:D2:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ctjb6kAj1p9H-JvSCC__skZt0qU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a9091f-27a2-42a3-952b-9ed1804f3282/1/r06T47zCGVIocEPAioWanpYQa8c.roa
Signing time: Wed 19 Jul 2023 15:04:26 +0000
ROA not before: Wed 19 Jul 2023 15:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204816
IP address blocks: 217.20.253.0/24 maxlen: 24
2a12:ffc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:ae:57:69:2f:4b:62:b5:61:41:a6:70:21:d6:dd:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72d8dbea4023d69f47f89bd2082fffb2466dd2a5
Validity
Not Before: Jul 19 15:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af4e93e3bcc21952287043c08a859a9e96106bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:77:d7:b6:88:0f:93:7d:2c:82:44:d0:64:48:
95:c2:5b:b5:05:1a:eb:55:18:fc:3b:e4:6c:e0:73:
7c:a9:69:4f:1c:42:7e:27:09:3c:a1:25:b0:43:c3:
e2:1d:0e:5e:45:e3:c8:67:3e:03:a8:24:5b:02:0f:
55:3b:99:51:c9:df:d2:a1:e7:c1:72:99:74:dc:02:
f2:3e:66:8b:06:40:29:2e:0d:e2:d5:a6:ad:fb:f1:
ee:8a:c6:4f:77:3b:61:82:81:c1:ed:e3:51:67:bc:
d9:c8:9c:8e:48:34:cb:39:23:10:33:7a:7f:ab:ce:
f0:6b:f4:d9:18:9e:25:b7:71:8d:da:59:b7:07:26:
47:5f:7e:e5:32:77:37:ca:5a:43:44:69:1b:42:cf:
61:cf:85:a6:03:9f:1e:88:94:14:01:4c:12:39:62:
e7:2d:ee:17:4f:68:20:63:42:c1:5f:cd:9a:7f:7d:
6f:12:65:74:c4:16:06:79:3f:3d:65:c6:a9:1c:53:
32:ad:c3:5c:44:04:1f:6d:af:17:48:c8:b2:02:67:
ed:8a:15:d4:c2:87:4e:95:5f:c2:4b:24:3b:8a:f6:
9a:bf:0b:8c:e4:2a:4e:23:bd:53:ac:2f:c0:be:da:
9b:02:11:37:b0:e6:57:55:f2:83:f2:31:1e:6e:f9:
f5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4E:93:E3:BC:C2:19:52:28:70:43:C0:8A:85:9A:9E:96:10:6B:C7
X509v3 Authority Key Identifier:
keyid:72:D8:DB:EA:40:23:D6:9F:47:F8:9B:D2:08:2F:FF:B2:46:6D:D2:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ctjb6kAj1p9H-JvSCC__skZt0qU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a9091f-27a2-42a3-952b-9ed1804f3282/1/r06T47zCGVIocEPAioWanpYQa8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a9091f-27a2-42a3-952b-9ed1804f3282/1/ctjb6kAj1p9H-JvSCC__skZt0qU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.253.0/24
IPv6:
2a12:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:68:76:14:f6:5e:9c:1e:c5:8e:f1:90:68:29:1a:12:5e:9a:
dc:dd:e3:ae:6a:fb:9a:88:6e:f4:4b:16:df:7f:90:60:f4:43:
c4:bd:45:0f:60:1b:ad:5d:5f:a3:9c:d4:da:95:f2:f1:cb:31:
88:7d:00:4d:52:2d:d0:79:f8:bc:e9:22:36:cf:7f:a4:84:cf:
14:b2:24:e2:36:60:57:0f:c5:eb:97:e9:8d:88:7e:dd:19:ca:
74:60:9e:1b:b1:75:11:0d:ec:40:50:fe:1d:11:b3:2d:f6:43:
8c:5c:0b:42:c0:52:8b:8d:f2:de:cd:99:72:23:a0:06:9d:b0:
ac:2d:e8:26:2e:81:f3:09:f5:78:ea:66:b5:36:1b:2e:60:e5:
9c:23:30:19:e9:91:df:20:bd:93:15:33:40:5f:26:6d:d9:9b:
ca:f5:2d:f2:d1:a1:76:87:e5:88:d6:a7:dd:96:cc:6a:b5:36:
83:bc:30:92:1b:52:c9:1f:77:47:21:a9:ea:86:94:b2:38:df:
a2:1f:f5:a7:82:e1:62:d7:a2:a2:9c:a9:67:78:d1:7e:16:33:
37:6b:27:1f:45:9b:4d:45:6d:6d:8f:f7:5a:dd:6f:1f:ac:3f:
7d:e1:ea:81:ea:e5:12:ae:1c:e9:b4:ef:d7:80:8f:58:c7:24:
f6:f8:ce:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlurldpL0titWFBpnAh1t3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZDhkYmVhNDAyM2Q2OWY0N2Y4OWJkMjA4MmZmZmIyNDY2
ZGQyYTUwHhcNMjMwNzE5MTUwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRlOTNlM2JjYzIxOTUyMjg3MDQzYzA4YTg1OWE5ZTk2MTA2YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynfXtogPk30sgkTQZEiVwlu1BRrr
VRj8O+Rs4HN8qWlPHEJ+Jwk8oSWwQ8PiHQ5eRePIZz4DqCRbAg9VO5lRyd/SoefB
cpl03ALyPmaLBkApLg3i1aat+/HuisZPdzthgoHB7eNRZ7zZyJyOSDTLOSMQM3p/
q87wa/TZGJ4lt3GN2lm3ByZHX37lMnc3ylpDRGkbQs9hz4WmA58eiJQUAUwSOWLn
Le4XT2ggY0LBX82af31vEmV0xBYGeT89ZcapHFMyrcNcRAQfba8XSMiyAmftihXU
wodOlV/CSyQ7ivaavwuM5CpOI71TrC/AvtqbAhE3sOZXVfKD8jEebvn1lwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK9Ok+O8whlSKHBDwIqFmp6WEGvHMB8GA1UdIwQY
MBaAFHLY2+pAI9afR/ib0ggv/7JGbdKlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3RqYjZrQWoxcDlILUp2U0NDX19za1p0MHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hOTA5MWYtMjdhMi00MmEzLTk1MmIt
OWVkMTgwNGYzMjgyLzEvcjA2VDQ3ekNHVklvY0VQQWlvV2FucFlRYThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hOTA5MWYtMjdhMi00MmEzLTk1MmItOWVkMTgwNGYzMjgy
LzEvY3RqYjZrQWoxcDlILUp2U0NDX19za1p0MHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RT9MA0E
AgACMAcDBQMqEv/AMA0GCSqGSIb3DQEBCwUAA4IBAQCiaHYU9l6cHsWO8ZBoKRoS
Xprc3eOuavuaiG70Sxbff5Bg9EPEvUUPYButXV+jnNTalfLxyzGIfQBNUi3Qefi8
6SI2z3+khM8UsiTiNmBXD8Xrl+mNiH7dGcp0YJ4bsXURDexAUP4dEbMt9kOMXAtC
wFKLjfLezZlyI6AGnbCsLegmLoHzCfV46ma1NhsuYOWcIzAZ6ZHfIL2TFTNAXyZt
2ZvK9S3y0aF2h+WI1qfdlsxqtTaDvDCSG1LJH3dHIanqhpSyON+iH/WnguFi16Ki
nKlneNF+FjM3aycfRZtNRW1tj/da3W8frD994eqB6uUSrhzptO/XgI9YxyT2+M65
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:09 2024 by rpki-client on console.sobornost.net