Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/Qfq6s98eArK4riDGC2i3--As9RA.roa
File: Qfq6s98eArK4riDGC2i3--As9RA.roa (raw, json)
Hash identifier: VDXQ8Pf96Ne71jVvuHIXy0+W3Ll1kV9QDyT/zLfxH8Y=
Subject key identifier: 41:FA:BA:B3:DF:1E:02:B2:B8:AE:20:C6:0B:68:B7:FB:E0:2C:F5:10
Certificate issuer: /CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Certificate serial: 01856DC1B6CC60BF9A0EC1B8F2EB93CA5F98
Authority key identifier: A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/Qfq6s98eArK4riDGC2i3--As9RA.roa
Signing time: Sun 01 Jan 2023 14:34:49 +0000
ROA not before: Sun 01 Jan 2023 14:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207878
IP address blocks: 160.20.229.0/24 maxlen: 24
95.215.172.0/24 maxlen: 24
176.110.101.0/24 maxlen: 24
160.238.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b6:cc:60:bf:9a:0e:c1:b8:f2:eb:93:ca:5f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d922e2fe24bd2cda793a2aadc13362500cd9b1
Validity
Not Before: Jan 1 14:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fabab3df1e02b2b8ae20c60b68b7fbe02cf510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fb:71:d7:69:cd:f0:5b:6c:5c:ff:d7:72:6f:
1b:03:b9:9c:61:4a:d5:f6:3d:11:04:82:51:74:cf:
e5:50:19:c1:64:6f:4b:21:35:89:3b:ac:32:38:27:
b9:e2:7f:c9:10:24:57:18:32:fa:1a:ea:f5:1a:9e:
fc:b6:5f:32:55:ce:c8:b9:86:4e:e5:05:92:d7:cb:
ff:71:22:5e:ad:bb:94:c9:9d:be:02:69:f0:2a:74:
58:9f:43:f0:d8:de:36:00:8a:b5:01:dc:c6:23:b3:
55:2a:61:b4:c5:14:9c:77:0e:7f:f7:04:41:3b:7d:
38:6b:d5:00:72:89:75:96:e1:6a:ff:fe:61:93:41:
1f:4c:31:f1:ed:66:3c:d9:4b:b2:9c:82:3e:e0:87:
f7:cb:33:7a:95:ec:fe:c1:23:d1:7b:75:2b:42:50:
37:70:31:ba:24:7f:46:d4:7f:f6:fa:e0:95:94:30:
e8:78:5f:e6:84:e6:1d:4d:ca:b5:65:60:37:36:21:
f9:f7:59:99:e5:77:7d:23:5c:af:80:2f:7e:8d:2d:
07:6a:36:08:79:94:83:2f:96:1a:e8:91:81:98:e5:
8d:b0:f8:7e:29:e9:42:c9:19:e3:e9:54:52:f8:7b:
99:b8:8c:31:48:a5:a5:04:97:79:2c:b5:27:0c:9f:
da:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FA:BA:B3:DF:1E:02:B2:B8:AE:20:C6:0B:68:B7:FB:E0:2C:F5:10
X509v3 Authority Key Identifier:
keyid:A0:D9:22:E2:FE:24:BD:2C:DA:79:3A:2A:AD:C1:33:62:50:0C:D9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNki4v4kvSzaeToqrcEzYlAM2bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/Qfq6s98eArK4riDGC2i3--As9RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d4fc4c-4815-4e56-bf73-4a6ace26b972/1/oNki4v4kvSzaeToqrcEzYlAM2bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.172.0/24
160.20.229.0/24
160.238.21.0/24
176.110.101.0/24
Signature Algorithm: sha256WithRSAEncryption
45:27:05:9d:fe:30:ec:55:86:42:9d:60:f7:ed:01:ef:c9:52:
ee:99:36:6f:4d:e3:75:6f:e4:f0:22:41:bd:a4:20:7c:c1:1b:
f1:34:3a:aa:ec:3d:71:ea:4b:44:82:9b:35:27:6b:c6:9e:fe:
0c:16:98:64:87:d2:35:d5:de:dd:6e:35:b1:e5:1a:d3:d7:2c:
f5:23:e2:6c:b1:59:4c:bf:c5:59:11:87:53:3c:6f:15:fc:eb:
ab:71:5e:4c:a6:db:2f:3e:26:41:75:9f:bf:a6:71:21:10:3f:
ca:2d:b3:52:d5:6c:36:6c:ee:5c:05:e4:fb:e5:65:5b:7e:f9:
b2:b7:f2:32:e2:01:33:7d:9f:3c:7f:38:f0:77:cc:43:95:e7:
92:c1:a2:0c:eb:4f:28:b3:1b:ee:66:50:6f:09:17:0d:98:4b:
ff:db:90:ad:23:71:63:19:60:e9:ed:7f:07:45:02:82:f1:9b:
c7:ab:a5:d7:7b:14:53:66:2d:2d:13:27:c6:95:25:da:ae:e9:
9c:55:b0:c3:91:75:36:6c:3b:84:b9:2e:09:33:2b:69:9f:f0:
29:fb:8c:fb:4a:49:5a:ac:77:d6:a5:d0:60:c5:6a:2e:f5:20:
26:1f:b0:bc:4f:6c:31:a8:7a:8c:ff:49:9f:b2:74:a5:af:65:
9b:a8:07:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtwbbMYL+aDsG48uuTyl+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDkyMmUyZmUyNGJkMmNkYTc5M2EyYWFkYzEzMzYyNTAw
Y2Q5YjEwHhcNMjMwMTAxMTQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZhYmFiM2RmMWUwMmIyYjhhZTIwYzYwYjY4YjdmYmUwMmNmNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvtx12nN8FtsXP/Xcm8bA7mcYUrV
9j0RBIJRdM/lUBnBZG9LITWJO6wyOCe54n/JECRXGDL6Gur1Gp78tl8yVc7IuYZO
5QWS18v/cSJerbuUyZ2+AmnwKnRYn0Pw2N42AIq1AdzGI7NVKmG0xRScdw5/9wRB
O304a9UAcol1luFq//5hk0EfTDHx7WY82UuynII+4If3yzN6lez+wSPRe3UrQlA3
cDG6JH9G1H/2+uCVlDDoeF/mhOYdTcq1ZWA3NiH591mZ5Xd9I1yvgC9+jS0HajYI
eZSDL5Ya6JGBmOWNsPh+KelCyRnj6VRS+HuZuIwxSKWlBJd5LLUnDJ/aOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEH6urPfHgKyuK4gxgtot/vgLPUQMB8GA1UdIwQY
MBaAFKDZIuL+JL0s2nk6Kq3BM2JQDNmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMt
NGE2YWNlMjZiOTcyLzEvUWZxNnM5OGVBcks0cmlER0MyaTMtLUFzOVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kNGZjNGMtNDgxNS00ZTU2LWJmNzMtNGE2YWNlMjZiOTcy
LzEvb05raTR2NGt2U3phZVRvcXJjRXpZbEFNMmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX9esAwQA
oBTlAwQAoO4VAwQAsG5lMA0GCSqGSIb3DQEBCwUAA4IBAQBFJwWd/jDsVYZCnWD3
7QHvyVLumTZvTeN1b+TwIkG9pCB8wRvxNDqq7D1x6ktEgps1J2vGnv4MFphkh9I1
1d7dbjWx5RrT1yz1I+JssVlMv8VZEYdTPG8V/OurcV5MptsvPiZBdZ+/pnEhED/K
LbNS1Ww2bO5cBeT75WVbfvmyt/Iy4gEzfZ88fzjwd8xDleeSwaIM608osxvuZlBv
CRcNmEv/25CtI3FjGWDp7X8HRQKC8ZvHq6XXexRTZi0tEyfGlSXarumcVbDDkXU2
bDuEuS4JMytpn/Ap+4z7SklarHfWpdBgxWou9SAmH7C8T2wxqHqM/0mfsnSlr2Wb
qAc9
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:25 2024 by rpki-client on console.sobornost.net