Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/khHVsEMF-_7SrjQSTDzMdm-GYZY.roa
File: khHVsEMF-_7SrjQSTDzMdm-GYZY.roa (raw, json)
Hash identifier: XJCFRANs6eyXXACI3M8uo1UJX5xXHrJX5NoT+gC4ahg=
Subject key identifier: 92:11:D5:B0:43:05:FB:FE:D2:AE:34:12:4C:3C:CC:76:6F:86:61:96
Certificate issuer: /CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Certificate serial: 01856E41C8EF0446F2297DE749474CE49BFB
Authority key identifier: 6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/khHVsEMF-_7SrjQSTDzMdm-GYZY.roa
Signing time: Sun 01 Jan 2023 16:54:43 +0000
ROA not before: Sun 01 Jan 2023 16:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44439
IP address blocks: 91.231.184.0/24 maxlen: 24
185.70.228.0/22 maxlen: 22
2a05:2cc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:c8:ef:04:46:f2:29:7d:e7:49:47:4c:e4:9b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Validity
Not Before: Jan 1 16:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9211d5b04305fbfed2ae34124c3ccc766f866196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:e0:cf:3f:0e:82:ab:f0:02:c9:cd:57:4a:
d4:d2:4f:81:63:6f:c4:a4:fc:63:76:a6:45:6c:1c:
c1:3b:10:3d:8f:9f:e8:f4:f6:a4:ce:6a:f8:22:e1:
43:d2:81:a4:4f:2b:ea:42:af:a4:b0:f4:1a:e5:c8:
50:0e:ba:8e:2a:e0:70:db:6e:2b:78:d5:07:18:75:
af:04:cb:7a:a1:e5:bb:b6:87:00:2c:ed:95:73:4e:
df:89:6a:d6:c8:ce:d4:5d:06:44:b4:29:69:4a:cb:
0f:ba:7b:03:54:3d:c9:c8:c1:3b:ff:7a:99:d7:58:
bb:3c:31:1f:59:ea:90:a8:1d:cf:22:e5:52:99:f3:
6e:a4:78:0d:21:fe:65:ab:32:5e:a8:01:1f:63:0d:
0d:f0:46:2c:29:bf:5d:29:f1:4b:16:64:e8:c3:09:
e7:96:e7:9b:a6:55:e8:32:9d:0d:fc:df:07:c4:24:
e0:22:55:dc:b8:fd:e5:c7:21:85:da:5c:af:56:b9:
3b:9e:3d:81:a6:9e:1a:dd:5b:6b:a8:53:eb:16:dc:
f9:e0:3b:5f:13:12:4d:ce:65:88:68:f3:e0:a3:fd:
84:89:50:b4:ec:c7:18:cb:2d:75:a3:dd:71:cb:ea:
e1:65:f4:bc:a9:f4:27:8c:e1:b5:68:f9:b3:1a:53:
80:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:11:D5:B0:43:05:FB:FE:D2:AE:34:12:4C:3C:CC:76:6F:86:61:96
X509v3 Authority Key Identifier:
keyid:6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/khHVsEMF-_7SrjQSTDzMdm-GYZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.184.0/24
185.70.228.0/22
IPv6:
2a05:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
13:e5:98:55:99:17:31:fe:a9:a5:2d:33:71:12:64:b5:f1:06:
49:d6:ec:59:4d:93:0e:01:e2:4e:61:3c:28:3d:63:87:bd:da:
5b:e1:c3:a1:da:1c:8e:aa:a1:93:2a:97:96:b7:09:fb:13:8c:
01:ee:35:e9:35:9e:27:54:d4:92:36:3d:39:af:1c:73:13:a3:
32:59:da:d4:04:0d:72:73:40:ba:60:e0:65:26:80:cc:78:49:
a2:6e:50:71:f4:d0:23:67:d0:c9:6f:ea:a1:34:cd:cb:48:89:
c0:3b:5f:5d:82:d9:d2:ee:75:f2:33:88:74:8b:19:c1:01:2f:
26:26:27:35:69:ec:74:a0:1d:fe:92:1a:ac:4e:07:cc:fa:bc:
54:bd:14:12:32:a3:63:a5:0d:ec:1b:e2:78:f2:c5:a9:b5:74:
cf:b2:55:a6:78:24:ac:71:92:a1:1a:74:9c:cb:55:9d:bb:06:
10:c6:84:66:59:28:72:6a:66:93:ad:7b:dc:fc:fc:c8:5a:ea:
96:77:a0:ad:e4:5e:18:76:5e:cc:9e:78:10:4a:4a:fc:6b:9f:
88:d4:f5:0e:89:a9:01:3d:31:4b:01:f0:fe:ab:f3:95:70:a2:
24:df:ca:e6:21:3b:dc:63:01:4d:7a:06:77:ae:d4:53:fc:23:
2e:65:e9:f4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuQcjvBEbyKX3nSUdM5Jv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmQzNjA3MzZmMWZhNmM5NzcwZmNiNDhiZTU5NGJlNjA5
ZTViM2UwHhcNMjMwMTAxMTY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjExZDViMDQzMDVmYmZlZDJhZTM0MTI0YzNjY2M3NjZmODY2MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtPgzz8OgqvwAsnNV0rU0k+BY2/E
pPxjdqZFbBzBOxA9j5/o9Pakzmr4IuFD0oGkTyvqQq+ksPQa5chQDrqOKuBw224r
eNUHGHWvBMt6oeW7tocALO2Vc07fiWrWyM7UXQZEtClpSssPunsDVD3JyME7/3qZ
11i7PDEfWeqQqB3PIuVSmfNupHgNIf5lqzJeqAEfYw0N8EYsKb9dKfFLFmTowwnn
luebplXoMp0N/N8HxCTgIlXcuP3lxyGF2lyvVrk7nj2Bpp4a3VtrqFPrFtz54Dtf
ExJNzmWIaPPgo/2EiVC07McYyy11o91xy+rhZfS8qfQnjOG1aPmzGlOAMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJIR1bBDBfv+0q40Ekw8zHZvhmGWMB8GA1UdIwQY
MBaAFGz9Ngc28fpsl3D8tIvllL5gnls+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgt
ZWFmNjhiNTllNTk5LzEva2hIVnNFTUYtXzdTcmpRU1REek1kbS1HWVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgtZWFmNjhiNTllNTk5
LzEvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+e4AwQC
uUbkMA0EAgACMAcDBQMqBSzAMA0GCSqGSIb3DQEBCwUAA4IBAQAT5ZhVmRcx/qml
LTNxEmS18QZJ1uxZTZMOAeJOYTwoPWOHvdpb4cOh2hyOqqGTKpeWtwn7E4wB7jXp
NZ4nVNSSNj05rxxzE6MyWdrUBA1yc0C6YOBlJoDMeEmiblBx9NAjZ9DJb+qhNM3L
SInAO19dgtnS7nXyM4h0ixnBAS8mJic1aex0oB3+khqsTgfM+rxUvRQSMqNjpQ3s
G+J48sWptXTPslWmeCSscZKhGnScy1WduwYQxoRmWShyamaTrXvc/PzIWuqWd6Ct
5F4Ydl7MnngQSkr8a5+I1PUOiakBPTFLAfD+q/OVcKIk38rmITvcYwFNegZ3rtRT
/CMuZen0
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:50 2024 by rpki-client on console.sobornost.net