Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/1j3ciu3MM0rIuw7J4LMM_t4NRLI.roa
File: 1j3ciu3MM0rIuw7J4LMM_t4NRLI.roa (raw, json)
Hash identifier: So1sabyirOzVnZyTC4HRchptkmfO+Zz8LUY44hGWnLY=
Subject key identifier: D6:3D:DC:8A:ED:CC:33:4A:C8:BB:0E:C9:E0:B3:0C:FE:DE:0D:44:B2
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 0185715560FD84B8E8B96C06C1ABF8C105DA
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/1j3ciu3MM0rIuw7J4LMM_t4NRLI.roa
Signing time: Mon 02 Jan 2023 07:14:58 +0000
ROA not before: Mon 02 Jan 2023 07:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34254
IP address blocks: 37.26.72.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:60:fd:84:b8:e8:b9:6c:06:c1:ab:f8:c1:05:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 2 07:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d63ddc8aedcc334ac8bb0ec9e0b30cfede0d44b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:86:15:3b:69:e8:4a:d7:ca:76:fa:d0:68:92:
16:f9:f3:e3:b3:ae:f9:f9:1b:8f:ee:e2:1d:0b:0e:
c8:71:b8:5b:d7:b6:6a:91:0e:79:be:ff:b8:4d:16:
60:15:a0:31:ab:c4:1f:94:87:75:72:e1:c4:f1:d7:
f6:9f:b7:b9:32:50:46:87:71:b8:13:b8:9f:07:6f:
82:cc:91:34:1a:02:a6:ae:8d:05:59:0f:34:8c:7e:
50:8f:32:c4:c9:54:f5:a9:15:fe:fd:48:42:f3:67:
1d:ea:2e:7b:84:20:a2:86:3b:9a:9b:5f:a9:e1:68:
87:e5:fd:e7:c2:6d:0e:96:60:6a:fd:93:28:46:8d:
03:3d:34:2d:a7:6f:9d:ab:be:1f:ba:b2:ea:f9:f1:
96:18:b0:1e:a9:e4:31:a1:bf:9f:44:6d:86:de:2e:
75:01:51:97:0d:94:c2:d5:84:f7:d0:cf:a0:bb:f8:
aa:06:35:01:04:14:37:89:b5:57:1b:f2:f6:67:94:
02:a9:26:5c:29:e0:f9:37:f0:af:1c:b2:c1:7e:f1:
6f:71:92:35:24:8a:f7:fb:f6:46:76:90:69:38:4e:
d1:5d:3e:54:86:21:93:5a:c2:16:36:d3:ac:aa:f2:
7f:2b:d8:71:a4:fe:ca:c9:ff:b6:9d:6c:69:e8:66:
5b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3D:DC:8A:ED:CC:33:4A:C8:BB:0E:C9:E0:B3:0C:FE:DE:0D:44:B2
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/1j3ciu3MM0rIuw7J4LMM_t4NRLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.72.0/23
Signature Algorithm: sha256WithRSAEncryption
96:6c:8b:f0:3c:57:29:0d:1b:bb:7c:ef:2e:a2:22:98:46:0f:
52:25:93:d7:0e:2c:97:8a:18:e7:9e:af:48:2a:1f:8d:2d:f5:
c9:e1:a1:32:75:4a:1f:15:93:ca:36:72:58:78:51:02:ea:00:
ea:f4:32:d6:89:be:01:62:4c:f9:e3:70:db:ac:31:84:78:30:
03:fe:45:80:d4:48:cd:33:ef:20:4d:38:ec:6e:75:95:7d:0d:
7c:c8:12:c9:a2:09:8d:c1:48:39:59:41:9d:d3:9b:6a:da:1f:
8a:fa:f1:a5:54:71:73:18:11:75:e2:e6:79:1e:ad:b7:07:63:
58:0a:91:c7:dc:9e:e1:31:dd:c3:84:2d:e2:59:ab:71:0e:bb:
2c:0a:dd:4c:7e:ae:45:fb:a7:17:91:48:b1:15:73:ad:75:c7:
0e:ed:ed:46:31:ab:02:62:05:6e:3b:2b:3c:6f:29:f5:ae:9d:
a9:90:76:73:d0:0a:34:13:fb:b4:f3:04:f7:fe:92:63:ff:15:
e6:eb:04:f9:1d:7e:de:90:1f:8f:7d:af:27:76:9f:25:49:71:
9f:83:08:3e:55:79:09:9e:76:2b:b1:8c:9a:29:39:47:a6:ca:
60:16:84:a3:c2:96:fa:c2:e5:e5:f7:9f:ae:7b:09:41:39:9f:
d8:e6:c6:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVWD9hLjouWwGwav4wQXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjMwMTAyMDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNkZGM4YWVkY2MzMzRhYzhiYjBlYzllMGIzMGNmZWRlMGQ0NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYYVO2noStfKdvrQaJIW+fPjs675
+RuP7uIdCw7Icbhb17ZqkQ55vv+4TRZgFaAxq8QflId1cuHE8df2n7e5MlBGh3G4
E7ifB2+CzJE0GgKmro0FWQ80jH5QjzLEyVT1qRX+/UhC82cd6i57hCCihjuam1+p
4WiH5f3nwm0OlmBq/ZMoRo0DPTQtp2+dq74furLq+fGWGLAeqeQxob+fRG2G3i51
AVGXDZTC1YT30M+gu/iqBjUBBBQ3ibVXG/L2Z5QCqSZcKeD5N/CvHLLBfvFvcZI1
JIr3+/ZGdpBpOE7RXT5UhiGTWsIWNtOsqvJ/K9hxpP7Kyf+2nWxp6GZbcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNY93IrtzDNKyLsOyeCzDP7eDUSyMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvMWozY2l1M01NMHJJdXc3SjRMTU1fdDROUkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJRpIMA0G
CSqGSIb3DQEBCwUAA4IBAQCWbIvwPFcpDRu7fO8uoiKYRg9SJZPXDiyXihjnnq9I
Kh+NLfXJ4aEydUofFZPKNnJYeFEC6gDq9DLWib4BYkz543DbrDGEeDAD/kWA1EjN
M+8gTTjsbnWVfQ18yBLJogmNwUg5WUGd05tq2h+K+vGlVHFzGBF14uZ5Hq23B2NY
CpHH3J7hMd3DhC3iWatxDrssCt1Mfq5F+6cXkUixFXOtdccO7e1GMasCYgVuOys8
byn1rp2pkHZz0Ao0E/u08wT3/pJj/xXm6wT5HX7ekB+Pfa8ndp8lSXGfgwg+VXkJ
nnYrsYyaKTlHpspgFoSjwpb6wuXl95+uewlBOZ/Y5sYJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:02 2024 by rpki-client on console.sobornost.net