Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Bnvf8OdoNjRVDzco5PINQvCQX7s.roa
File: Bnvf8OdoNjRVDzco5PINQvCQX7s.roa (raw, json)
Hash identifier: EXj1MZNgWrtuL00A6fZyZgwNBJ1F8zDiecK4kQUh16U=
Subject key identifier: 06:7B:DF:F0:E7:68:36:34:55:0F:37:28:E4:F2:0D:42:F0:90:5F:BB
Certificate issuer: /CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Certificate serial: 01856E38BA85C3F66DCDE0A009FD2052FC5D
Authority key identifier: 5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Bnvf8OdoNjRVDzco5PINQvCQX7s.roa
Signing time: Sun 01 Jan 2023 16:44:49 +0000
ROA not before: Sun 01 Jan 2023 16:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41327
IP address blocks: 45.67.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:ba:85:c3:f6:6d:cd:e0:a0:09:fd:20:52:fc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Validity
Not Before: Jan 1 16:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=067bdff0e7683634550f3728e4f20d42f0905fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:3e:f1:dd:a5:e6:a7:23:7a:65:59:83:de:
0a:48:50:b0:54:2b:59:c8:cb:ec:5f:3b:ed:d8:3a:
46:1f:8e:1e:07:8c:93:c9:5c:ab:6d:6e:22:76:be:
9b:23:35:91:48:31:b9:7e:95:23:7f:a2:b1:56:89:
88:f3:51:87:db:b7:60:cc:6c:45:3b:51:00:79:98:
7e:5d:9a:39:49:10:0f:58:bd:7f:f4:bd:00:cf:c0:
88:e5:f6:53:e6:1c:70:8a:2a:8c:6c:9f:c3:f9:90:
2e:a0:cc:f7:dc:23:bc:bc:0b:b7:a0:3b:d4:76:54:
fc:6b:b7:46:80:e6:2c:f6:37:75:4a:a4:83:79:41:
9e:89:91:95:49:62:93:0b:12:45:a5:ba:33:e9:ac:
86:11:86:ee:38:c7:99:aa:28:ed:c5:16:22:e7:cb:
5b:0b:09:da:a0:94:2b:8b:f1:ba:d9:a8:fd:21:16:
79:54:b7:72:79:f6:a4:77:42:ef:32:0f:68:26:db:
e0:c0:9a:88:d8:d6:6d:39:64:eb:03:d9:49:a9:53:
63:46:5f:c4:d2:0d:bd:ff:c0:39:f3:4a:d2:4b:94:
4d:48:4d:bf:05:40:59:7b:dc:f9:5f:ed:55:e4:d5:
66:7e:78:94:bb:da:56:cc:7a:f1:6b:87:94:b8:18:
68:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7B:DF:F0:E7:68:36:34:55:0F:37:28:E4:F2:0D:42:F0:90:5F:BB
X509v3 Authority Key Identifier:
keyid:5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Bnvf8OdoNjRVDzco5PINQvCQX7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.115.0/24
Signature Algorithm: sha256WithRSAEncryption
34:fc:11:65:ee:da:ef:73:44:7b:f9:e8:d6:ac:57:d9:64:37:
bb:b1:0b:bc:46:c4:88:1e:f5:c4:33:79:82:44:17:ff:b2:59:
64:be:50:e3:4f:9b:21:30:f1:c0:38:3d:52:62:18:f4:72:03:
81:a4:46:7b:2f:24:8f:60:de:d7:e5:dd:f7:b1:85:fb:f7:96:
93:95:ed:0e:ab:23:a2:cf:1b:0e:04:36:ee:e0:20:ec:81:e0:
f5:83:77:4a:91:30:d8:38:c7:4c:2e:7b:6f:73:f1:01:c7:d9:
cb:2a:c4:e8:2d:95:a3:42:f4:cb:39:44:2d:a2:bd:f7:d8:d7:
46:93:e7:35:75:df:46:e8:55:4b:07:d5:60:87:bd:95:33:cb:
05:a6:4e:4e:19:53:b5:21:0b:cc:3d:ad:11:1b:a1:04:d0:05:
be:69:55:fc:5d:4f:b0:dd:2b:33:47:c8:20:62:34:56:1c:e6:
04:24:d5:66:37:f8:6c:bc:11:1f:b7:93:c0:c5:6b:af:13:0b:
88:fe:53:e4:59:63:82:5b:61:41:ae:91:07:e2:8d:33:e7:03:
2d:e3:12:55:29:06:71:92:22:4d:c2:c7:b4:91:8a:72:74:bb:
40:f0:0b:a1:ce:ff:37:1b:03:a4:ba:a7:ac:82:c1:61:a7:f7:
4a:e9:a3:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOLqFw/ZtzeCgCf0gUvxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGY1MTZjOTVkZDZlYjJkMWQ5ZGQ0ZTBlMDMyODZjMTkx
MWY2ZTEwHhcNMjMwMTAxMTY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjdiZGZmMGU3NjgzNjM0NTUwZjM3MjhlNGYyMGQ0MmYwOTA1ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiic+8d2l5qcjemVZg94KSFCwVCtZ
yMvsXzvt2DpGH44eB4yTyVyrbW4idr6bIzWRSDG5fpUjf6KxVomI81GH27dgzGxF
O1EAeZh+XZo5SRAPWL1/9L0Az8CI5fZT5hxwiiqMbJ/D+ZAuoMz33CO8vAu3oDvU
dlT8a7dGgOYs9jd1SqSDeUGeiZGVSWKTCxJFpboz6ayGEYbuOMeZqijtxRYi58tb
CwnaoJQri/G62aj9IRZ5VLdyefakd0LvMg9oJtvgwJqI2NZtOWTrA9lJqVNjRl/E
0g29/8A580rSS5RNSE2/BUBZe9z5X+1V5NVmfniUu9pWzHrxa4eUuBhodwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZ73/DnaDY0VQ83KOTyDULwkF+7MB8GA1UdIwQY
MBaAFF/fUWyV3W6y0dndTg4DKGwZEfbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzct
YmYzZjc5NTFjNWVhLzEvQm52ZjhPZG9OalJWRHpjbzVQSU5RdkNRWDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzctYmYzZjc5NTFjNWVh
LzEvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUNzMA0G
CSqGSIb3DQEBCwUAA4IBAQA0/BFl7trvc0R7+ejWrFfZZDe7sQu8RsSIHvXEM3mC
RBf/sllkvlDjT5shMPHAOD1SYhj0cgOBpEZ7LySPYN7X5d33sYX795aTle0OqyOi
zxsOBDbu4CDsgeD1g3dKkTDYOMdMLntvc/EBx9nLKsToLZWjQvTLOUQtor332NdG
k+c1dd9G6FVLB9Vgh72VM8sFpk5OGVO1IQvMPa0RG6EE0AW+aVX8XU+w3SszR8gg
YjRWHOYEJNVmN/hsvBEft5PAxWuvEwuI/lPkWWOCW2FBrpEH4o0z5wMt4xJVKQZx
kiJNwse0kYpydLtA8Auhzv83GwOkuqesgsFhp/dK6aPt
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:34 2024 by rpki-client on console.sobornost.net