Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/o8gehxZ3AENaQehAtEZFH0bTeK4.roa
File: o8gehxZ3AENaQehAtEZFH0bTeK4.roa (raw, json)
Hash identifier: Ce2sZoBK+sVvaSp8Cd+0d5kWlatOXkxg3dHvBjmafm0=
Subject key identifier: A3:C8:1E:87:16:77:00:43:5A:41:E8:40:B4:46:45:1F:46:D3:78:AE
Certificate issuer: /CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Certificate serial: 01856D93EFFFE27F8AB5F9BE731A7A40AC66
Authority key identifier: 13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/o8gehxZ3AENaQehAtEZFH0bTeK4.roa
Signing time: Sun 01 Jan 2023 13:44:49 +0000
ROA not before: Sun 01 Jan 2023 13:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211417
IP address blocks: 185.144.92.0/22 maxlen: 24
2a03:a920::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:ef:ff:e2:7f:8a:b5:f9:be:73:1a:7a:40:ac:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Validity
Not Before: Jan 1 13:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3c81e87167700435a41e840b446451f46d378ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:9b:b0:73:d2:3e:2e:07:ba:8f:d8:9d:7f:
66:63:ee:49:b6:12:55:84:f7:00:66:3d:ed:05:91:
7c:1b:c7:d1:14:a2:a9:b5:2b:73:02:31:81:b6:2b:
d9:2e:9e:c6:ad:25:3b:22:e2:5f:ed:56:43:d6:46:
dc:cc:ac:5d:00:ae:6a:51:61:75:a7:1b:0f:a1:e6:
5a:ae:62:04:3a:2e:06:b6:05:f7:37:b1:a6:48:52:
30:a3:10:ea:3b:64:40:94:4b:17:f4:92:8f:d1:cc:
e4:f7:7c:32:11:38:f2:b2:b0:84:dc:2d:da:d7:18:
19:fd:76:43:50:1c:54:4f:48:8b:7d:32:00:b3:18:
8a:10:c5:67:ff:e0:fa:b3:ee:c2:c7:de:ad:b7:1c:
9e:bf:d7:e0:1a:4c:95:d4:ef:0d:d8:7a:66:b5:09:
5b:72:1a:af:33:9b:c8:43:57:e7:f2:a4:cd:26:98:
dd:3c:af:bf:b1:a3:e5:d1:22:81:9e:67:ed:1f:a0:
df:49:dc:e0:d9:b7:27:d7:7e:0b:53:06:21:c3:9e:
e8:b6:0f:20:11:77:f7:83:c7:35:6f:14:b9:a9:fe:
a2:3b:2a:7e:8f:82:58:ad:6a:32:96:00:53:b5:5d:
10:2a:ee:ab:0b:e2:70:ac:8e:d9:df:96:27:6a:00:
ab:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C8:1E:87:16:77:00:43:5A:41:E8:40:B4:46:45:1F:46:D3:78:AE
X509v3 Authority Key Identifier:
keyid:13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/o8gehxZ3AENaQehAtEZFH0bTeK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/E6-mzmVC4btSPh0DvQCk0it_2u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.92.0/22
IPv6:
2a03:a920::/32
Signature Algorithm: sha256WithRSAEncryption
3e:54:68:db:39:44:59:09:bc:b8:bc:49:5b:d2:b1:ae:18:da:
04:82:39:7b:cd:7a:75:1b:aa:e9:1e:56:38:a6:fd:a9:25:06:
95:c3:db:c7:da:2a:0e:8a:e3:0b:20:a7:bb:e0:22:47:08:5f:
d4:a6:63:b3:c7:b1:e7:ca:f9:aa:3c:e1:18:64:d1:52:71:43:
03:d9:91:97:ba:b4:53:69:e5:3f:bb:46:5b:2f:76:74:c5:c0:
03:6e:71:13:7d:d4:c2:70:a1:08:6e:e6:7e:27:a9:05:73:7e:
bf:9a:76:8b:ff:5c:b9:aa:45:12:e3:c3:83:eb:58:5b:9d:cb:
c0:d1:de:82:ce:5a:0e:23:f6:ff:fd:20:84:f8:c1:09:27:3d:
4b:c2:ef:a9:6c:c2:28:10:a9:d3:01:be:13:fa:f4:5a:ce:a5:
8d:59:1d:14:be:bf:1d:5e:ba:0d:44:87:84:d9:f2:cd:7f:56:
90:2b:23:e6:3e:1b:2e:c1:68:70:6d:54:1e:7f:f8:fc:47:e5:
f3:72:15:d7:6a:ce:a3:df:3e:8b:ca:ce:d9:99:6e:d3:96:b1:
aa:35:b8:05:7b:54:e5:a5:c4:d5:7a:69:fd:f3:e6:a4:2b:0a:
c0:79:19:f9:8a:af:e3:4f:c1:31:16:52:d7:35:13:c8:dc:8b:
4b:26:8e:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtk+//4n+Ktfm+cxp6QKxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYWZhNmNlNjU0MmUxYmI1MjNlMWQwM2JkMDBhNGQyMmI3
ZmRhZWQwHhcNMjMwMTAxMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M4MWU4NzE2NzcwMDQzNWE0MWU4NDBiNDQ2NDUxZjQ2ZDM3OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCWbsHPSPi4Huo/YnX9mY+5JthJV
hPcAZj3tBZF8G8fRFKKptStzAjGBtivZLp7GrSU7IuJf7VZD1kbczKxdAK5qUWF1
pxsPoeZarmIEOi4GtgX3N7GmSFIwoxDqO2RAlEsX9JKP0czk93wyETjysrCE3C3a
1xgZ/XZDUBxUT0iLfTIAsxiKEMVn/+D6s+7Cx96ttxyev9fgGkyV1O8N2HpmtQlb
chqvM5vIQ1fn8qTNJpjdPK+/saPl0SKBnmftH6DfSdzg2bcn134LUwYhw57otg8g
EXf3g8c1bxS5qf6iOyp+j4JYrWoylgBTtV0QKu6rC+JwrI7Z35YnagCrRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKPIHocWdwBDWkHoQLRGRR9G03iuMB8GA1UdIwQY
MBaAFBOvps5lQuG7Uj4dA70ApNIrf9rtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTYtbXptVkM0YnRTUGgwRHZRQ2swaXRfMnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS83MzFjN2MtOWExNy00YmNhLTk4NGMt
YzdmYmZjNGRjOWRjLzEvbzhnZWh4WjNBRU5hUWVoQXRFWkZIMGJUZUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS83MzFjN2MtOWExNy00YmNhLTk4NGMtYzdmYmZjNGRjOWRj
LzEvRTYtbXptVkM0YnRTUGgwRHZRQ2swaXRfMnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZBcMA0E
AgACMAcDBQAqA6kgMA0GCSqGSIb3DQEBCwUAA4IBAQA+VGjbOURZCby4vElb0rGu
GNoEgjl7zXp1G6rpHlY4pv2pJQaVw9vH2ioOiuMLIKe74CJHCF/UpmOzx7Hnyvmq
POEYZNFScUMD2ZGXurRTaeU/u0ZbL3Z0xcADbnETfdTCcKEIbuZ+J6kFc36/mnaL
/1y5qkUS48OD61hbncvA0d6CzloOI/b//SCE+MEJJz1Lwu+pbMIoEKnTAb4T+vRa
zqWNWR0Uvr8dXroNRIeE2fLNf1aQKyPmPhsuwWhwbVQef/j8R+XzchXXas6j3z6L
ys7ZmW7TlrGqNbgFe1TlpcTVemn98+akKwrAeRn5iq/jT8ExFlLXNRPI3ItLJo57
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:03 2024 by rpki-client on console.sobornost.net