Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/7b67fb-c8ba-462c-b064-7c65aec6f2bd/1/1-XhrG8KQxsOa78y9GRG-SuGQmh4.roa
File: 1-XhrG8KQxsOa78y9GRG-SuGQmh4.roa (raw, json)
Hash identifier: Ml4BZlDzhOmCJtjugZ8LcPn8eTrIMvcKG4A8PNbKzn0=
Subject key identifier: F9:78:6B:1B:C2:90:C6:C3:9A:EF:CC:BD:19:11:BE:4A:E1:90:9A:1E
Certificate issuer: /CN=4aa5e35c05c2ab54be758b6c867186cee159bd63
Certificate serial: 018570703FF7B140415033F43FB637E201BE
Authority key identifier: 4A:A5:E3:5C:05:C2:AB:54:BE:75:8B:6C:86:71:86:CE:E1:59:BD:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqXjXAXCq1S-dYtshnGGzuFZvWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/7b67fb-c8ba-462c-b064-7c65aec6f2bd/1/1-XhrG8KQxsOa78y9GRG-SuGQmh4.roa
Signing time: Mon 02 Jan 2023 03:04:42 +0000
ROA not before: Mon 02 Jan 2023 03:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60973
IP address blocks: 91.223.238.0/24 maxlen: 24
91.237.33.0/24 maxlen: 24
2001:67c:1124::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:3f:f7:b1:40:41:50:33:f4:3f:b6:37:e2:01:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aa5e35c05c2ab54be758b6c867186cee159bd63
Validity
Not Before: Jan 2 03:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9786b1bc290c6c39aefccbd1911be4ae1909a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a2:70:18:f8:eb:0a:47:3d:21:61:5d:38:19:
45:7d:55:bb:06:76:fb:27:57:fa:09:d6:df:bf:ce:
e8:95:35:69:81:36:59:38:68:d6:4e:c1:cd:a3:4f:
ab:bb:23:b8:33:e5:5d:f3:d0:d9:09:2a:ce:b5:cf:
2f:af:0a:22:b7:fa:14:df:1f:d6:a8:d2:da:1e:21:
45:b9:9c:66:7c:0f:f5:50:52:9d:cb:c9:06:d8:e7:
2a:99:53:2a:95:90:65:45:d8:73:70:a1:23:71:b4:
db:b9:bb:2a:4c:3d:f3:3f:3a:63:04:e5:57:c7:2c:
56:79:69:7c:52:36:45:c8:b7:51:05:ad:58:59:37:
a6:a6:c5:fd:6b:e4:d2:21:e6:dd:f4:bc:57:82:0f:
d6:61:ad:0c:e2:8d:c6:ba:55:8c:b0:d8:ac:81:79:
5b:fc:c2:ea:e0:5d:09:a4:20:45:1d:2f:d6:2e:58:
7b:d9:14:81:a3:17:75:87:fb:6a:44:25:09:cc:63:
22:77:8a:c6:0f:3c:04:09:09:7e:2d:0b:58:d5:fc:
d1:b5:ba:41:df:88:14:ab:ee:30:d9:ad:26:74:c7:
6d:02:e8:e1:72:f6:2a:d9:58:90:75:cb:17:d8:0d:
20:c1:94:08:20:05:bc:b5:cc:97:15:66:9f:da:c7:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:78:6B:1B:C2:90:C6:C3:9A:EF:CC:BD:19:11:BE:4A:E1:90:9A:1E
X509v3 Authority Key Identifier:
keyid:4A:A5:E3:5C:05:C2:AB:54:BE:75:8B:6C:86:71:86:CE:E1:59:BD:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqXjXAXCq1S-dYtshnGGzuFZvWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/7b67fb-c8ba-462c-b064-7c65aec6f2bd/1/1-XhrG8KQxsOa78y9GRG-SuGQmh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/7b67fb-c8ba-462c-b064-7c65aec6f2bd/1/SqXjXAXCq1S-dYtshnGGzuFZvWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.238.0/24
91.237.33.0/24
IPv6:
2001:67c:1124::/48
Signature Algorithm: sha256WithRSAEncryption
30:47:34:c4:fb:2b:cd:0b:e3:a3:56:7a:ed:2d:0d:c6:4a:30:
14:f4:42:0a:1f:9f:71:c9:1f:57:34:a9:2f:80:44:a8:a7:05:
cd:95:e8:29:6e:8d:f9:fb:e1:e3:61:1c:ee:97:19:ae:e8:00:
09:22:87:79:69:57:c3:7d:56:09:40:3e:fa:3f:78:d6:89:6c:
3f:3d:3c:64:d3:7a:26:72:a2:7a:c9:1b:0b:4c:fe:e7:01:01:
e9:5a:33:bb:32:cc:62:9e:cf:9d:51:06:ef:c2:d5:28:b4:05:
b6:2d:86:09:5e:f0:18:af:59:f7:c2:fc:dc:8f:65:1b:b1:a3:
85:ac:36:f1:0a:73:fc:75:06:db:c9:0a:13:a2:17:95:09:4b:
da:e4:17:3a:2a:ae:03:46:5e:97:0d:53:e5:d9:52:52:3e:51:
8f:d6:be:0f:df:4e:48:de:fe:90:4a:59:3b:7a:e4:1b:a5:9b:
98:43:28:1d:bd:c7:a1:ec:72:d6:0d:de:6f:17:5b:b4:b9:0c:
09:b3:ca:fb:ef:2a:4f:ea:ae:9e:44:be:d9:0b:0e:15:c4:7f:
b3:a2:30:9c:c0:a4:4f:50:08:5f:e3:2e:a2:14:26:b8:37:c7:
fc:e0:4f:61:a9:af:98:53:52:3c:21:11:cf:5a:02:e7:a2:db:
6d:9c:62:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwcD/3sUBBUDP0P7Y34gG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYTVlMzVjMDVjMmFiNTRiZTc1OGI2Yzg2NzE4NmNlZTE1
OWJkNjMwHhcNMjMwMTAyMDMwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTc4NmIxYmMyOTBjNmMzOWFlZmNjYmQxOTExYmU0YWUxOTA5YTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6JwGPjrCkc9IWFdOBlFfVW7Bnb7
J1f6Cdbfv87olTVpgTZZOGjWTsHNo0+ruyO4M+Vd89DZCSrOtc8vrwoit/oU3x/W
qNLaHiFFuZxmfA/1UFKdy8kG2OcqmVMqlZBlRdhzcKEjcbTbubsqTD3zPzpjBOVX
xyxWeWl8UjZFyLdRBa1YWTempsX9a+TSIebd9LxXgg/WYa0M4o3GulWMsNisgXlb
/MLq4F0JpCBFHS/WLlh72RSBoxd1h/tqRCUJzGMid4rGDzwECQl+LQtY1fzRtbpB
34gUq+4w2a0mdMdtAujhcvYq2ViQdcsX2A0gwZQIIAW8tcyXFWaf2sdc+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPl4axvCkMbDmu/MvRkRvkrhkJoeMB8GA1UdIwQY
MBaAFEql41wFwqtUvnWLbIZxhs7hWb1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3FYalhBWENxMVMtZFl0c2huR0d6dUZadldNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy83YjY3ZmItYzhiYS00NjJjLWIwNjQt
N2M2NWFlYzZmMmJkLzEvMS1YaHJHOEtReHNPYTc4eTlHUkctU3VHUW1oNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWMvN2I2N2ZiLWM4YmEtNDYyYy1iMDY0LTdjNjVhZWM2ZjJi
ZC8xL1NxWGpYQVhDcTFTLWRZdHNobkdHenVGWnZXTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAFvf7gME
AFvtITAPBAIAAjAJAwcAIAEGfBEkMA0GCSqGSIb3DQEBCwUAA4IBAQAwRzTE+yvN
C+OjVnrtLQ3GSjAU9EIKH59xyR9XNKkvgESopwXNlegpbo35++HjYRzulxmu6AAJ
Iod5aVfDfVYJQD76P3jWiWw/PTxk03omcqJ6yRsLTP7nAQHpWjO7Msxins+dUQbv
wtUotAW2LYYJXvAYr1n3wvzcj2UbsaOFrDbxCnP8dQbbyQoToheVCUva5Bc6Kq4D
Rl6XDVPl2VJSPlGP1r4P305I3v6QSlk7euQbpZuYQygdvceh7HLWDd5vF1u0uQwJ
s8r77ypP6q6eRL7ZCw4VxH+zojCcwKRPUAhf4y6iFCa4N8f84E9hqa+YU1I8IRHP
WgLnotttnGIS
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:11 2024 by rpki-client on console.sobornost.net