Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/1h5Tk4andCuy2S-xiBF-tUQxqBE.roa
File: 1h5Tk4andCuy2S-xiBF-tUQxqBE.roa (raw, json)
Hash identifier: G0ayKg7LhdtiomnwQgFQVGF6lkkm9WvATFdpGDVRprA=
Subject key identifier: D6:1E:53:93:86:A7:74:2B:B2:D9:2F:B1:88:11:7E:B5:44:31:A8:11
Certificate issuer: /CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Certificate serial: 018B39B7768DD5FEE42DB908A40B98751DC6
Authority key identifier: AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/1h5Tk4andCuy2S-xiBF-tUQxqBE.roa
Signing time: Mon 16 Oct 2023 18:20:06 +0000
ROA not before: Mon 16 Oct 2023 18:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12700
IP address blocks: 91.202.242.0/24 maxlen: 24
91.202.243.0/24 maxlen: 24
91.202.241.0/24 maxlen: 24
31.131.39.0/24 maxlen: 24
91.202.240.0/24 maxlen: 24
91.202.240.0/22 maxlen: 22
31.131.33.0/24 maxlen: 24
31.131.38.0/24 maxlen: 24
31.131.32.0/24 maxlen: 24
31.131.32.0/21 maxlen: 21
31.131.36.0/24 maxlen: 24
31.131.37.0/24 maxlen: 24
31.131.34.0/24 maxlen: 24
31.131.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:b7:76:8d:d5:fe:e4:2d:b9:08:a4:0b:98:75:1d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Validity
Not Before: Oct 16 18:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d61e539386a7742bb2d92fb188117eb54431a811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:d4:57:2a:99:ae:c1:56:a7:02:4d:d7:c9:
8a:74:3e:78:b3:29:6a:0b:01:dd:5d:df:50:97:5d:
64:cb:d0:4b:4f:ec:53:ad:39:fe:68:2b:81:b8:d1:
93:56:a4:f1:45:8b:f0:0e:2e:3a:d2:1a:4a:67:2e:
47:48:92:99:b1:5d:02:d9:e8:7d:4e:3f:41:01:36:
2b:11:49:89:30:41:09:43:ef:e3:ae:0d:55:58:c4:
00:47:1b:d7:94:20:73:a7:64:20:62:23:81:30:76:
8a:6b:01:a9:0c:4a:02:d0:62:c5:49:96:72:d6:6d:
0a:e3:ff:8e:6b:d9:77:3c:f3:4f:d4:92:6f:c5:4a:
b7:0c:cf:b3:0d:bb:00:88:c3:4c:d6:29:b0:b2:f2:
60:b8:82:9f:94:b7:31:a0:6f:8d:9f:a7:47:51:29:
07:eb:f0:08:95:57:f3:09:ae:4d:d3:32:d9:aa:bb:
fe:16:55:d5:db:b6:88:79:a9:ac:57:26:6b:d5:ed:
09:9b:10:c1:09:c8:fa:d6:fb:03:9a:a9:48:f6:c9:
55:e0:5b:6c:de:31:bc:d8:41:6b:bd:10:84:33:d0:
66:9c:6a:19:92:20:61:bd:b8:c6:86:b3:09:30:4b:
1d:6a:35:46:7f:a3:c9:75:b2:70:f0:9f:4d:1c:36:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1E:53:93:86:A7:74:2B:B2:D9:2F:B1:88:11:7E:B5:44:31:A8:11
X509v3 Authority Key Identifier:
keyid:AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/1h5Tk4andCuy2S-xiBF-tUQxqBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.32.0/21
91.202.240.0/22
Signature Algorithm: sha256WithRSAEncryption
61:b7:43:83:9b:fc:9a:2b:e8:a8:5a:d1:de:7c:ce:6b:20:85:
3d:0e:f4:d7:f7:f8:9e:c0:ba:29:5d:78:52:a4:5d:d7:c2:5f:
76:0c:08:1e:e8:22:0b:31:37:b6:f6:51:3d:c0:cd:50:31:c2:
b8:25:8b:80:58:40:7d:e9:a4:64:a9:05:96:66:90:6b:08:b7:
2d:c9:a7:8d:ce:0f:81:a7:7c:47:08:99:a7:43:d4:99:bc:b9:
29:0f:16:5c:9a:98:98:c7:3c:3d:60:5e:10:00:6b:9c:98:0d:
fd:67:61:72:22:e4:e6:f4:71:99:0c:ed:ad:d4:a6:0b:f0:11:
4f:1d:1f:9b:46:27:5d:ef:4e:bb:2b:59:bc:5f:b6:44:64:88:
7c:95:98:26:85:7d:f4:c2:22:d5:29:cc:93:44:88:59:62:0c:
4a:08:2f:b9:1f:91:22:00:6d:ea:98:0e:00:00:ea:f9:2b:14:
5a:58:84:84:d8:2f:aa:24:b2:0d:8b:48:47:ca:22:e4:68:65:
0f:60:3d:f0:36:22:1c:36:2c:3e:87:df:4d:f1:0c:6a:64:41:
09:88:4c:bb:f3:18:25:82:65:0b:e2:61:fa:18:a3:77:0a:44:
a5:f2:a3:da:d2:22:05:a9:b4:ce:c7:1e:cc:52:61:5a:13:31:
b2:ea:a0:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs5t3aN1f7kLbkIpAuYdR3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjNhNDdhY2RiYThlYzFjZDg1ZDRkNzlmMzZiMzViNjk4
ZTVmODkwHhcNMjMxMDE2MTgyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFlNTM5Mzg2YTc3NDJiYjJkOTJmYjE4ODExN2ViNTQ0MzFhODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml7UVyqZrsFWpwJN18mKdD54sylq
CwHdXd9Ql11ky9BLT+xTrTn+aCuBuNGTVqTxRYvwDi460hpKZy5HSJKZsV0C2eh9
Tj9BATYrEUmJMEEJQ+/jrg1VWMQARxvXlCBzp2QgYiOBMHaKawGpDEoC0GLFSZZy
1m0K4/+Oa9l3PPNP1JJvxUq3DM+zDbsAiMNM1imwsvJguIKflLcxoG+Nn6dHUSkH
6/AIlVfzCa5N0zLZqrv+FlXV27aIeamsVyZr1e0JmxDBCcj61vsDmqlI9slV4Fts
3jG82EFrvRCEM9BmnGoZkiBhvbjGhrMJMEsdajVGf6PJdbJw8J9NHDbmbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNYeU5OGp3QrstkvsYgRfrVEMagRMB8GA1UdIwQY
MBaAFK9jpHrNuo7BzYXU1582s1tpjl+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQt
ZmUzZTMxOGNhZTljLzEvMWg1VGs0YW5kQ3V5MlMteGlCRi10VVF4cUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQtZmUzZTMxOGNhZTlj
LzEvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH4MgAwQC
W8rwMA0GCSqGSIb3DQEBCwUAA4IBAQBht0ODm/yaK+ioWtHefM5rIIU9DvTX9/ie
wLopXXhSpF3Xwl92DAge6CILMTe29lE9wM1QMcK4JYuAWEB96aRkqQWWZpBrCLct
yaeNzg+Bp3xHCJmnQ9SZvLkpDxZcmpiYxzw9YF4QAGucmA39Z2FyIuTm9HGZDO2t
1KYL8BFPHR+bRidd7067K1m8X7ZEZIh8lZgmhX30wiLVKcyTRIhZYgxKCC+5H5Ei
AG3qmA4AAOr5KxRaWISE2C+qJLINi0hHyiLkaGUPYD3wNiIcNiw+h99N8QxqZEEJ
iEy78xglgmUL4mH6GKN3CkSl8qPa0iIFqbTOxx7MUmFaEzGy6qCv
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:41 2024 by rpki-client on console.sobornost.net