Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/xvMBxgst0hm7cOli3CZIf6gtnAo.roa
File: xvMBxgst0hm7cOli3CZIf6gtnAo.roa (raw, json)
Hash identifier: mjsbXnFHzk1uFfSF7eI2oV+DYoRdIYIcGfVNQUYL7+o=
Subject key identifier: C6:F3:01:C6:0B:2D:D2:19:BB:70:E9:62:DC:26:48:7F:A8:2D:9C:0A
Certificate issuer: /CN=c00a88d7e5a565ea719cfc40d8bb63ee1671856a
Certificate serial: 018EA3EB6D7DC5A692C37F1E7AE7B7084C09
Authority key identifier: C0:0A:88:D7:E5:A5:65:EA:71:9C:FC:40:D8:BB:63:EE:16:71:85:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wAqI1-WlZepxnPxA2Ltj7hZxhWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/xvMBxgst0hm7cOli3CZIf6gtnAo.roa
Signing time: Wed 03 Apr 2024 12:24:58 +0000
ROA not before: Wed 03 Apr 2024 12:24:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202515
IP address blocks: 193.57.28.0/24 maxlen: 24
193.57.29.0/24 maxlen: 24
193.57.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 06:41:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:eb:6d:7d:c5:a6:92:c3:7f:1e:7a:e7:b7:08:4c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00a88d7e5a565ea719cfc40d8bb63ee1671856a
Validity
Not Before: Apr 3 12:24:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6f301c60b2dd219bb70e962dc26487fa82d9c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3f:5a:ce:39:d9:23:67:c7:94:42:87:b7:8e:
8f:86:af:0a:bd:11:be:6a:34:e4:15:67:49:8a:04:
b1:8e:57:8a:94:3b:8c:61:cb:13:e1:53:33:22:21:
1f:0d:9f:55:da:06:46:c9:0e:33:87:cc:e2:40:de:
f5:71:94:e4:6d:9b:38:83:86:fc:cb:f5:35:68:22:
7e:4a:ea:d7:8b:85:49:d4:0b:59:67:76:df:1c:f2:
ce:5f:a2:a4:a9:dd:c6:8e:9d:c9:09:99:fe:78:49:
ff:0d:8a:10:e4:77:11:a3:03:e8:6f:06:f3:a3:78:
a7:e6:f4:e5:82:d8:82:0a:8a:5c:45:c9:80:95:0c:
e6:a0:39:c7:45:78:68:0d:82:17:48:5f:3b:76:3d:
e4:bf:4c:34:83:e0:a3:ac:9c:23:11:e4:6a:7d:33:
2e:92:a4:ff:d6:d1:68:70:ac:7e:d9:31:87:ac:3c:
86:c1:49:78:a9:a5:35:e8:f7:d2:ab:29:e1:c4:80:
d4:5b:51:b6:ed:25:8c:db:8f:37:9d:88:cf:16:fb:
c9:67:d9:50:19:2a:0f:c9:22:49:e5:54:27:6f:d1:
b1:70:f2:b2:54:bf:eb:5e:55:38:88:8b:88:38:55:
12:2b:f3:5d:68:53:d6:3a:23:49:d3:81:3e:c5:2f:
c1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F3:01:C6:0B:2D:D2:19:BB:70:E9:62:DC:26:48:7F:A8:2D:9C:0A
X509v3 Authority Key Identifier:
keyid:C0:0A:88:D7:E5:A5:65:EA:71:9C:FC:40:D8:BB:63:EE:16:71:85:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wAqI1-WlZepxnPxA2Ltj7hZxhWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/xvMBxgst0hm7cOli3CZIf6gtnAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/wAqI1-WlZepxnPxA2Ltj7hZxhWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.28.0-193.57.30.255
Signature Algorithm: sha256WithRSAEncryption
30:47:c9:2c:7e:0d:5a:5b:f2:8e:1d:18:eb:34:a2:83:b7:01:
6a:c2:22:13:72:eb:3c:91:ba:17:03:9a:f5:00:56:dd:c1:50:
91:25:f1:62:82:5b:3d:36:53:3e:8d:18:1b:22:ed:41:ca:50:
b4:92:eb:c4:c1:81:a0:46:9d:02:00:d8:9c:7c:81:90:83:d7:
5c:98:30:dd:f1:82:7f:da:9a:df:5d:19:72:a5:98:97:e5:05:
27:d6:d0:44:b5:2c:1b:f0:16:77:e9:46:76:ca:d7:34:b3:c0:
d2:26:b9:a7:ff:15:00:c7:47:56:52:cd:51:a5:1c:84:8d:90:
31:9c:ce:34:87:fe:a7:8e:90:71:63:a7:1b:c7:33:b8:80:7c:
dd:bf:ee:20:cc:c1:c3:6f:f3:b2:a9:05:ab:ea:aa:da:eb:6a:
e7:02:74:d0:2e:04:68:02:ad:fd:5c:89:4e:09:96:fa:c9:fe:
19:38:f2:29:df:3d:17:6e:a1:5f:89:86:99:22:14:8e:e7:e3:
b3:12:8f:1c:18:e3:f9:e7:6c:32:dd:f8:c8:ba:bc:58:db:09:
79:9e:8a:12:3e:87:88:d4:88:c3:89:26:6e:57:84:ba:41:4d:
8e:95:c2:f7:0d:60:15:49:95:e4:6e:5a:71:cd:40:fc:d0:8c:
40:bf:3a:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6j6219xaaSw38eeue3CEwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGE4OGQ3ZTVhNTY1ZWE3MTljZmM0MGQ4YmI2M2VlMTY3
MTg1NmEwHhcNMjQwNDAzMTIyNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmYzMDFjNjBiMmRkMjE5YmI3MGU5NjJkYzI2NDg3ZmE4MmQ5YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT9azjnZI2fHlEKHt46Phq8KvRG+
ajTkFWdJigSxjleKlDuMYcsT4VMzIiEfDZ9V2gZGyQ4zh8ziQN71cZTkbZs4g4b8
y/U1aCJ+SurXi4VJ1AtZZ3bfHPLOX6Kkqd3Gjp3JCZn+eEn/DYoQ5HcRowPobwbz
o3in5vTlgtiCCopcRcmAlQzmoDnHRXhoDYIXSF87dj3kv0w0g+CjrJwjEeRqfTMu
kqT/1tFocKx+2TGHrDyGwUl4qaU16PfSqynhxIDUW1G27SWM2483nYjPFvvJZ9lQ
GSoPySJJ5VQnb9GxcPKyVL/rXlU4iIuIOFUSK/NdaFPWOiNJ04E+xS/BRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMbzAcYLLdIZu3DpYtwmSH+oLZwKMB8GA1UdIwQY
MBaAFMAKiNflpWXqcZz8QNi7Y+4WcYVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FxSTEtV2xaZXB4blB4QTJMdGo3aFp4aFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zNGI0OGYtNzBjMC00MDA0LWJhMGYt
ZGUzYzhkOTUzZWM1LzEveHZNQnhnc3QwaG03Y09saTNDWklmNmd0bkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zNGI0OGYtNzBjMC00MDA0LWJhMGYtZGUzYzhkOTUzZWM1
LzEvd0FxSTEtV2xaZXB4blB4QTJMdGo3aFp4aFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBORwD
BADBOR4wDQYJKoZIhvcNAQELBQADggEBADBHySx+DVpb8o4dGOs0ooO3AWrCIhNy
6zyRuhcDmvUAVt3BUJEl8WKCWz02Uz6NGBsi7UHKULSS68TBgaBGnQIA2Jx8gZCD
11yYMN3xgn/amt9dGXKlmJflBSfW0ES1LBvwFnfpRnbK1zSzwNImuaf/FQDHR1ZS
zVGlHISNkDGczjSH/qeOkHFjpxvHM7iAfN2/7iDMwcNv87KpBavqqtrraucCdNAu
BGgCrf1ciU4JlvrJ/hk48infPRduoV+JhpkiFI7n47MSjxwY4/nnbDLd+Mi6vFjb
CXmeihI+h4jUiMOJJm5XhLpBTY6VwvcNYBVJleRuWnHNQPzQjEC/Otg=
-----END CERTIFICATE-----
Generated at Tue Apr 9 10:07:51 2024 by rpki-client on console.sobornost.net