Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/jYAsFXiUtlTMAjxOef8AC6Y3d7I.roa
File: jYAsFXiUtlTMAjxOef8AC6Y3d7I.roa (raw, json)
Hash identifier: CDrGhFqMxaolTyPPne/0VeRvdws7l1EP2sbSZZg1aOM=
Subject key identifier: 8D:80:2C:15:78:94:B6:54:CC:02:3C:4E:79:FF:00:0B:A6:37:77:B2
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 0185715561814A89F1811FED1B71CBA9DF71
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/jYAsFXiUtlTMAjxOef8AC6Y3d7I.roa
Signing time: Mon 02 Jan 2023 07:14:58 +0000
ROA not before: Mon 02 Jan 2023 07:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47443
IP address blocks: 87.232.134.0/24 maxlen: 24
37.26.72.0/23 maxlen: 24
2a01:14f::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:61:81:4a:89:f1:81:1f:ed:1b:71:cb:a9:df:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 2 07:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d802c157894b654cc023c4e79ff000ba63777b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:77:7f:de:29:69:17:f1:4f:f1:08:1f:9f:
68:f5:b5:e9:60:98:14:25:c7:02:b3:11:e1:a8:3f:
7e:6a:80:2c:67:22:b0:14:1d:76:00:73:ba:de:de:
ce:96:0f:f4:1b:1f:8a:8b:b3:3f:b8:6c:ad:e6:cf:
ef:74:15:fc:38:ba:aa:32:23:cf:8b:82:b7:bd:0e:
a9:99:d8:e7:ef:e0:c8:33:22:cf:a6:08:b6:ec:a1:
7d:5f:b6:39:d0:37:ce:a2:20:92:d5:e2:09:82:e3:
f6:70:52:cf:32:ea:84:35:b0:18:52:d6:45:50:27:
40:c6:be:24:48:3f:51:39:c9:0d:f0:c8:ef:3b:74:
c9:5a:07:18:a2:9a:de:32:89:66:82:4d:a9:b9:71:
4e:f7:a7:8b:a4:bf:aa:95:f3:13:e1:ba:64:95:33:
f6:ac:76:93:b8:a6:0a:c0:48:4d:91:71:e8:b0:13:
72:73:a7:2a:f2:0a:fc:a9:32:79:8c:77:ad:59:12:
d2:da:a8:bb:20:e5:1e:80:c8:0a:cb:1e:b9:7a:18:
81:17:a5:e1:5f:0c:02:83:44:2a:bd:1f:1f:16:83:
af:4c:1d:7a:6c:2c:76:fd:1b:0a:89:93:8b:7c:42:
86:6c:b2:06:f5:0c:cd:3f:3e:4b:24:e4:a9:3a:6d:
d4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:80:2C:15:78:94:B6:54:CC:02:3C:4E:79:FF:00:0B:A6:37:77:B2
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/jYAsFXiUtlTMAjxOef8AC6Y3d7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.72.0/23
87.232.134.0/24
IPv6:
2a01:14f::/32
Signature Algorithm: sha256WithRSAEncryption
99:db:a4:90:fc:99:61:56:0f:dd:d3:2c:bb:6b:d1:55:77:cd:
57:3e:a1:3c:82:3c:c4:f0:d4:fe:90:77:79:57:5f:97:32:aa:
7a:bf:8a:52:d2:33:74:d9:d3:0b:38:45:4b:ad:07:0a:33:7a:
04:2c:e9:6b:85:05:43:e0:bd:64:5e:ff:27:99:b1:e3:23:93:
30:a7:5c:aa:3d:f3:7d:cc:d7:6e:22:9d:51:92:ca:dc:b5:97:
33:bb:c9:a9:82:5b:c5:79:d5:c3:20:68:d9:77:c4:d3:9c:75:
27:8a:91:6e:8f:7e:df:c6:a4:5b:d0:11:de:df:65:d0:b5:71:
2d:18:05:44:0e:d3:c2:ab:b6:12:f9:63:5a:29:fd:7e:3e:c6:
2d:66:0c:fc:ee:20:9d:a4:af:70:0b:ba:32:aa:64:4d:ea:74:
53:c5:49:13:1d:e9:9e:69:08:81:2e:76:9b:a4:4f:cd:c0:35:
a6:13:46:b0:b8:05:b2:d7:fd:70:bd:a1:ab:e5:c9:83:27:a5:
b5:8e:ac:dc:0f:08:8e:a5:1c:b5:91:98:40:38:90:64:ac:3a:
c2:e3:68:d7:4d:c3:63:3f:a6:16:81:af:cf:f9:9c:60:b0:ab:
a3:4b:7a:d3:ad:3a:15:0c:0a:8d:16:78:93:40:ca:44:b1:95:
70:f2:79:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxVWGBSonxgR/tG3HLqd9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjMwMTAyMDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDgwMmMxNTc4OTRiNjU0Y2MwMjNjNGU3OWZmMDAwYmE2Mzc3N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmR3f94paRfxT/EIH59o9bXpYJgU
JccCsxHhqD9+aoAsZyKwFB12AHO63t7Olg/0Gx+Ki7M/uGyt5s/vdBX8OLqqMiPP
i4K3vQ6pmdjn7+DIMyLPpgi27KF9X7Y50DfOoiCS1eIJguP2cFLPMuqENbAYUtZF
UCdAxr4kSD9ROckN8MjvO3TJWgcYopreMolmgk2puXFO96eLpL+qlfMT4bpklTP2
rHaTuKYKwEhNkXHosBNyc6cq8gr8qTJ5jHetWRLS2qi7IOUegMgKyx65ehiBF6Xh
XwwCg0QqvR8fFoOvTB16bCx2/RsKiZOLfEKGbLIG9QzNPz5LJOSpOm3UoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI2ALBV4lLZUzAI8Tnn/AAumN3eyMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvallBc0ZYaVV0bFRNQWp4T2VmOEFDNlkzZDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBJRpIAwQA
V+iGMA0EAgACMAcDBQAqAQFPMA0GCSqGSIb3DQEBCwUAA4IBAQCZ26SQ/JlhVg/d
0yy7a9FVd81XPqE8gjzE8NT+kHd5V1+XMqp6v4pS0jN02dMLOEVLrQcKM3oELOlr
hQVD4L1kXv8nmbHjI5Mwp1yqPfN9zNduIp1RksrctZczu8mpglvFedXDIGjZd8TT
nHUnipFuj37fxqRb0BHe32XQtXEtGAVEDtPCq7YS+WNaKf1+PsYtZgz87iCdpK9w
C7oyqmRN6nRTxUkTHemeaQiBLnabpE/NwDWmE0awuAWy1/1wvaGr5cmDJ6W1jqzc
DwiOpRy1kZhAOJBkrDrC42jXTcNjP6YWga/P+ZxgsKujS3rTrToVDAqNFniTQMpE
sZVw8nmi
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:02 2024 by rpki-client on console.sobornost.net