Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/429ff9-0265-476f-9035-4192a357eab7/1/1-pyZRcZFNdwdEfZqInTJ13VJNIg.roa
File: 1-pyZRcZFNdwdEfZqInTJ13VJNIg.roa (raw, json)
Hash identifier: +PHLPaIQm/9kKULPeg6YNss6hy1E+gWOr2G/KYVAtXY=
Subject key identifier: FA:9C:99:45:C6:45:35:DC:1D:11:F6:6A:22:74:C9:D7:75:49:34:88
Certificate issuer: /CN=b7a5dbbc833cc5ab2d4ae9297e2eab975f1c197d
Certificate serial: 018B95AE64937B8BEC5AA0434F69432F321B
Authority key identifier: B7:A5:DB:BC:83:3C:C5:AB:2D:4A:E9:29:7E:2E:AB:97:5F:1C:19:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6XbvIM8xastSukpfi6rl18cGX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/429ff9-0265-476f-9035-4192a357eab7/1/1-pyZRcZFNdwdEfZqInTJ13VJNIg.roa
Signing time: Fri 03 Nov 2023 14:55:15 +0000
ROA not before: Fri 03 Nov 2023 14:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16101
IP address blocks: 193.41.194.0/24 maxlen: 24
2001:67c:2b38::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:ae:64:93:7b:8b:ec:5a:a0:43:4f:69:43:2f:32:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a5dbbc833cc5ab2d4ae9297e2eab975f1c197d
Validity
Not Before: Nov 3 14:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa9c9945c64535dc1d11f66a2274c9d775493488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:b3:28:7e:67:5e:d5:e7:7e:4c:92:67:35:
a2:70:79:1e:d4:2f:ae:7f:77:dd:0d:8f:61:75:8c:
78:cd:3f:30:94:78:04:1a:73:7a:f0:67:42:cf:93:
4c:ad:83:81:32:34:30:cf:57:ee:c0:29:23:66:6f:
ce:6c:fb:b2:68:f5:13:70:96:43:7b:7f:6e:a3:fd:
a0:3c:84:87:cf:8d:0a:79:3c:cd:bc:4f:62:fd:10:
0a:b5:cc:53:83:56:eb:00:c7:55:9c:ee:2e:be:8a:
85:dd:17:7e:6c:30:ca:f0:8c:79:45:c8:74:ad:1f:
4d:bf:c6:ef:66:bc:99:7e:5a:71:20:21:ac:2e:73:
e9:27:8d:89:42:b7:0e:6a:c2:c0:ed:bd:a4:a8:6b:
b6:21:89:2e:02:c7:8c:c1:f9:de:f2:c8:a8:85:91:
9c:c5:e3:20:fd:ad:5b:ce:1b:b3:61:59:f1:34:94:
d2:cf:16:a5:d2:7f:d2:ed:25:6c:74:5a:52:64:8d:
ec:0c:35:5a:a2:97:de:5e:38:dd:02:06:9b:49:7a:
6e:a8:59:29:4f:ea:0e:df:e3:6e:d0:78:f1:79:be:
78:88:dc:ff:15:ca:4b:f1:9d:e9:71:b1:15:ac:84:
06:c8:b2:b2:43:c5:73:da:f3:2e:15:1e:7b:06:f8:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9C:99:45:C6:45:35:DC:1D:11:F6:6A:22:74:C9:D7:75:49:34:88
X509v3 Authority Key Identifier:
keyid:B7:A5:DB:BC:83:3C:C5:AB:2D:4A:E9:29:7E:2E:AB:97:5F:1C:19:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6XbvIM8xastSukpfi6rl18cGX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/429ff9-0265-476f-9035-4192a357eab7/1/1-pyZRcZFNdwdEfZqInTJ13VJNIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/429ff9-0265-476f-9035-4192a357eab7/1/t6XbvIM8xastSukpfi6rl18cGX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.194.0/24
IPv6:
2001:67c:2b38::/48
Signature Algorithm: sha256WithRSAEncryption
5b:ae:aa:4a:9b:46:93:42:b3:4f:aa:ae:bc:ab:e6:94:1f:14:
a7:d7:37:18:29:c8:ef:f0:be:4d:67:4b:ef:a4:00:ef:1d:7a:
9d:3a:e2:bc:ab:ed:6a:29:e7:cc:95:46:27:5a:9f:6c:8e:05:
a3:9f:05:45:e2:ab:98:da:e7:8f:bf:07:28:2b:df:84:83:ed:
7b:eb:89:88:6c:1f:df:7b:6e:58:e2:7d:6d:fc:67:d1:01:b8:
d7:23:4b:bd:1c:1a:d6:86:c0:e2:5f:02:fd:45:c6:7c:41:b7:
86:85:0f:00:19:45:f6:af:12:31:38:64:4e:64:da:09:c8:2c:
83:ea:03:5a:de:3d:c1:45:81:10:6c:0e:dc:34:48:34:dd:4d:
62:8a:d9:5a:2a:47:a3:8a:2f:00:ce:ab:dc:c2:71:f4:56:9b:
38:54:a7:42:05:49:76:7d:9a:b9:52:77:2d:fa:d3:ca:60:23:
fe:b1:1d:66:2f:d9:6f:0b:9a:dc:1b:19:1e:49:90:7b:0a:fd:
f6:a8:96:d4:1e:9a:b2:53:36:35:0f:b6:e0:dc:aa:16:20:72:
ee:3d:3b:14:3e:71:fd:73:59:4c:77:98:c1:11:ef:48:e1:1c:
2e:6b:ff:b1:32:a3:a0:a4:a3:8c:ac:fc:83:b7:74:aa:fd:48:
65:8a:44:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuVrmSTe4vsWqBDT2lDLzIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTVkYmJjODMzY2M1YWIyZDRhZTkyOTdlMmVhYjk3NWYx
YzE5N2QwHhcNMjMxMTAzMTQ1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTljOTk0NWM2NDUzNWRjMWQxMWY2NmEyMjc0YzlkNzc1NDkzNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniqzKH5nXtXnfkySZzWicHke1C+u
f3fdDY9hdYx4zT8wlHgEGnN68GdCz5NMrYOBMjQwz1fuwCkjZm/ObPuyaPUTcJZD
e39uo/2gPISHz40KeTzNvE9i/RAKtcxTg1brAMdVnO4uvoqF3Rd+bDDK8Ix5Rch0
rR9Nv8bvZryZflpxICGsLnPpJ42JQrcOasLA7b2kqGu2IYkuAseMwfne8siohZGc
xeMg/a1bzhuzYVnxNJTSzxal0n/S7SVsdFpSZI3sDDVaopfeXjjdAgabSXpuqFkp
T+oO3+Nu0Hjxeb54iNz/FcpL8Z3pcbEVrIQGyLKyQ8Vz2vMuFR57BvgpswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPqcmUXGRTXcHRH2aiJ0ydd1STSIMB8GA1UdIwQY
MBaAFLel27yDPMWrLUrpKX4uq5dfHBl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZYYnZJTTh4YXN0U3VrcGZpNnJsMThjR1gwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80MjlmZjktMDI2NS00NzZmLTkwMzUt
NDE5MmEzNTdlYWI3LzEvMS1weVpSY1pGTmR3ZEVmWnFJblRKMTNWSk5JZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNDI5ZmY5LTAyNjUtNDc2Zi05MDM1LTQxOTJhMzU3ZWFi
Ny8xL3Q2WGJ2SU04eGFzdFN1a3BmaTZybDE4Y0dYMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMEpwjAP
BAIAAjAJAwcAIAEGfCs4MA0GCSqGSIb3DQEBCwUAA4IBAQBbrqpKm0aTQrNPqq68
q+aUHxSn1zcYKcjv8L5NZ0vvpADvHXqdOuK8q+1qKefMlUYnWp9sjgWjnwVF4quY
2uePvwcoK9+Eg+1764mIbB/fe25Y4n1t/GfRAbjXI0u9HBrWhsDiXwL9RcZ8QbeG
hQ8AGUX2rxIxOGROZNoJyCyD6gNa3j3BRYEQbA7cNEg03U1iitlaKkejii8Azqvc
wnH0Vps4VKdCBUl2fZq5Unct+tPKYCP+sR1mL9lvC5rcGxkeSZB7Cv32qJbUHpqy
UzY1D7bg3KoWIHLuPTsUPnH9c1lMd5jBEe9I4Rwua/+xMqOgpKOMrPyDt3Sq/Uhl
ikQF
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:03:02 2024 by rpki-client on console.sobornost.net