Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa
File: aLtGpEAjEk98ooPYFwTtxdVHjqg.roa (raw, json)
Hash identifier: NXonGBNqPSTv+hmw+cSe8s76gAWavAuJrZiA56dj5+o=
Subject key identifier: 68:BB:46:A4:40:23:12:4F:7C:A2:83:D8:17:04:ED:C5:D5:47:8E:A8
Certificate issuer: /CN=532d1e41424819bcc0cd637d8ee141fea585d00d
Certificate serial: 018ACB19C0B7037B33A2DFED28B02B346155
Authority key identifier: 53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa
Signing time: Mon 25 Sep 2023 06:49:37 +0000
ROA not before: Mon 25 Sep 2023 06:49:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201404
IP address blocks: 185.49.49.0/24 maxlen: 24
2a04:b700:ca75::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:19:c0:b7:03:7b:33:a2:df:ed:28:b0:2b:34:61:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=532d1e41424819bcc0cd637d8ee141fea585d00d
Validity
Not Before: Sep 25 06:49:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68bb46a44023124f7ca283d81704edc5d5478ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6b:02:5d:10:2e:7e:5f:62:99:b5:50:0e:b0:
39:90:fc:de:d4:6c:73:cf:a7:06:cc:2f:5b:ac:de:
f0:86:80:34:4d:ea:8f:6a:50:51:8c:6d:13:66:99:
0c:a3:57:7a:82:fd:79:3f:d9:02:83:60:9d:cf:c2:
e8:55:b0:3b:ae:83:28:cd:13:f7:ee:36:f2:96:b5:
c1:c2:b6:b9:30:3f:34:c4:a3:69:5b:7e:4f:63:87:
63:7c:09:69:1f:9f:78:73:13:15:cb:96:26:95:64:
0f:45:fa:bb:1c:2b:4e:77:44:70:7c:b2:f1:ed:89:
72:de:c9:18:c4:a5:94:21:20:08:a8:66:aa:53:fd:
79:8f:e0:62:38:17:19:e1:21:33:f6:24:87:a4:0d:
bc:01:e0:6a:da:d5:01:d6:f9:ab:1b:dc:d3:41:84:
f9:c4:c6:8f:7a:1b:b2:05:aa:79:28:e4:39:29:34:
a3:e7:e4:84:63:47:b3:9a:b9:94:36:41:ee:f7:5f:
e3:72:8b:09:f1:13:ea:7b:d6:6e:e3:c2:39:a3:b7:
87:b4:64:c6:9e:1c:2e:8d:b8:22:24:b1:e6:28:e6:
6f:fc:f2:be:81:d1:26:ce:5a:8c:57:de:1a:90:bd:
dd:82:16:d5:f8:6d:84:00:a9:c5:a6:e3:a3:52:64:
2c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BB:46:A4:40:23:12:4F:7C:A2:83:D8:17:04:ED:C5:D5:47:8E:A8
X509v3 Authority Key Identifier:
keyid:53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/Uy0eQUJIGbzAzWN9juFB_qWF0A0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.49.0/24
IPv6:
2a04:b700:ca75::/48
Signature Algorithm: sha256WithRSAEncryption
57:ba:32:ce:8a:d4:54:f9:a1:96:db:a7:76:46:40:38:5a:45:
ce:60:b6:20:6c:14:89:23:60:6d:63:be:d6:dc:3b:36:ec:9e:
8a:0a:02:63:1e:20:92:c9:8b:5e:82:c0:02:bb:68:82:5f:13:
5f:cf:fd:6f:37:0d:51:4b:72:b9:86:9c:f2:1a:59:58:31:6f:
cd:ae:61:cb:a1:9a:26:c1:10:f9:d6:ab:8a:ec:8f:9f:ae:76:
ff:25:b8:7c:9b:62:13:50:d0:a8:00:4f:05:d6:a3:65:d9:85:
cd:1a:9a:10:88:13:b8:f4:08:0d:a5:1a:48:95:de:82:61:36:
a0:04:ed:ab:23:17:7d:87:e7:a3:ed:eb:32:05:1a:a3:fb:fa:
bc:7b:64:2a:f8:0d:7d:55:38:9e:5d:53:2f:ce:c0:c4:a3:1a:
48:62:99:18:ee:19:e2:ed:5e:a9:e0:6e:b9:ed:6b:4e:7b:bd:
d8:3c:8f:af:e6:d0:96:7a:0e:5c:e8:ba:e7:d3:6e:f2:7a:56:
ec:a7:57:7a:d0:eb:36:3a:37:e0:3e:9e:cd:1a:b0:3e:47:8e:
bd:a0:7b:41:6b:94:2a:29:ae:de:8d:49:79:13:3a:28:55:a4:
0b:13:42:4e:84:c0:d5:51:57:0f:dd:41:90:e8:73:4c:26:6e:
07:08:53:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrLGcC3A3szot/tKLArNGFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmQxZTQxNDI0ODE5YmNjMGNkNjM3ZDhlZTE0MWZlYTU4
NWQwMGQwHhcNMjMwOTI1MDY0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJiNDZhNDQwMjMxMjRmN2NhMjgzZDgxNzA0ZWRjNWQ1NDc4ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWsCXRAufl9imbVQDrA5kPze1Gxz
z6cGzC9brN7whoA0TeqPalBRjG0TZpkMo1d6gv15P9kCg2Cdz8LoVbA7roMozRP3
7jbylrXBwra5MD80xKNpW35PY4djfAlpH594cxMVy5YmlWQPRfq7HCtOd0RwfLLx
7Yly3skYxKWUISAIqGaqU/15j+BiOBcZ4SEz9iSHpA28AeBq2tUB1vmrG9zTQYT5
xMaPehuyBap5KOQ5KTSj5+SEY0ezmrmUNkHu91/jcosJ8RPqe9Zu48I5o7eHtGTG
nhwujbgiJLHmKOZv/PK+gdEmzlqMV94akL3dghbV+G2EAKnFpuOjUmQsEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGi7RqRAIxJPfKKD2BcE7cXVR46oMB8GA1UdIwQY
MBaAFFMtHkFCSBm8wM1jfY7hQf6lhdANMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQt
MTA3NzdmOWUzNjg1LzEvYUx0R3BFQWpFazk4b29QWUZ3VHR4ZFZIanFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQtMTA3NzdmOWUzNjg1
LzEvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuTExMA8E
AgACMAkDBwAqBLcAynUwDQYJKoZIhvcNAQELBQADggEBAFe6Ms6K1FT5oZbbp3ZG
QDhaRc5gtiBsFIkjYG1jvtbcOzbsnooKAmMeIJLJi16CwAK7aIJfE1/P/W83DVFL
crmGnPIaWVgxb82uYcuhmibBEPnWq4rsj5+udv8luHybYhNQ0KgATwXWo2XZhc0a
mhCIE7j0CA2lGkiV3oJhNqAE7asjF32H56Pt6zIFGqP7+rx7ZCr4DX1VOJ5dUy/O
wMSjGkhimRjuGeLtXqngbrnta057vdg8j6/m0JZ6DlzouufTbvJ6VuynV3rQ6zY6
N+A+ns0asD5Hjr2ge0FrlCoprt6NSXkTOihVpAsTQk6EwNVRVw/dQZDoc0wmbgcI
U4Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:10 2024 by rpki-client on console.sobornost.net