Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/2dVDecN6qsiX78jvfxMvUaSESfw.roa
File: 2dVDecN6qsiX78jvfxMvUaSESfw.roa (raw, json)
Hash identifier: 52h/o0Sj2Eg0I/oFdwG5Wff6CNWzvyIMJjcaI4SPFew=
Subject key identifier: D9:D5:43:79:C3:7A:AA:C8:97:EF:C8:EF:7F:13:2F:51:A4:84:49:FC
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018ACE6F0666C9EC6485743B204F4F52D9CE
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/2dVDecN6qsiX78jvfxMvUaSESfw.roa
Signing time: Mon 25 Sep 2023 22:21:37 +0000
ROA not before: Mon 25 Sep 2023 22:21:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206075
IP address blocks: 31.41.249.0/24 maxlen: 24
185.153.55.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e041::/32 maxlen: 32
2a07:e042::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:6f:06:66:c9:ec:64:85:74:3b:20:4f:4f:52:d9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Sep 25 22:21:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9d54379c37aaac897efc8ef7f132f51a48449fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d1:7e:f8:95:c3:d2:6f:07:b4:10:e6:83:e3:
f0:8e:76:e8:0c:ef:b7:02:4a:9c:5b:fe:3d:fe:e1:
2e:27:d6:09:15:a0:04:87:51:0d:ab:6a:e9:6b:6f:
44:b8:63:18:7e:29:ba:cd:29:c6:69:88:7d:d0:19:
e6:45:e1:98:c3:ca:83:f1:72:9d:bd:ca:ea:1b:5a:
14:6b:93:54:a7:e8:fb:0a:3a:71:f4:45:2e:d8:28:
2b:81:b8:af:49:eb:c3:97:09:b6:14:f6:f7:ac:fa:
b6:8d:48:d7:24:13:54:77:5c:93:6c:c5:d6:78:2d:
f4:11:c4:b9:15:b1:67:90:a4:4e:30:31:c6:90:a2:
69:d2:26:66:cb:4f:f5:48:69:ff:16:ce:6b:68:d7:
e6:fa:da:88:d4:e5:db:8c:84:96:16:59:ea:90:c3:
86:69:7f:1f:d9:5e:7a:cb:90:d1:4a:4b:d8:bc:c5:
bd:02:bc:17:16:6d:54:37:38:01:b4:59:d5:24:40:
6a:39:12:6b:5c:55:1c:4f:f4:51:e5:74:a9:4f:92:
32:9d:9b:3c:02:5f:d2:68:24:b8:fa:4f:07:57:7e:
b7:2a:ca:0e:49:31:8e:4e:90:e8:5d:05:f6:2c:03:
c3:03:85:3f:67:df:34:0f:f6:cf:60:4b:85:b9:c3:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D5:43:79:C3:7A:AA:C8:97:EF:C8:EF:7F:13:2F:51:A4:84:49:FC
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/2dVDecN6qsiX78jvfxMvUaSESfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.249.0/24
185.153.55.0/24
188.239.191.0/24
IPv6:
2a07:e041::-2a07:e042:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:37:9d:48:40:2a:00:06:ce:af:2c:3d:ad:ff:19:3d:00:c3:
76:95:50:f0:33:43:15:29:04:aa:25:a8:55:64:76:2d:66:ae:
2e:b4:d7:a1:b3:9c:e4:6b:39:03:bb:88:1c:10:73:f0:65:27:
60:be:a2:59:e1:b2:82:50:5d:36:80:31:16:c5:89:42:d9:39:
f3:49:71:03:2f:97:7b:e9:78:d5:e2:64:63:c1:27:c8:32:28:
b9:b3:cb:ee:d1:84:a9:8f:62:bb:c8:78:09:3b:cd:48:24:aa:
1f:b4:c0:40:f9:bb:ec:3c:6b:9b:e4:cc:ac:e5:ea:4d:d5:67:
d2:5c:16:92:7c:c9:51:c8:91:47:4c:19:b3:2d:2d:aa:29:c1:
56:f1:ac:c1:52:af:31:14:eb:be:67:18:52:99:0c:64:5a:36:
ef:c6:70:3c:90:eb:e5:f9:01:49:80:3d:21:29:ed:08:9c:28:
f4:07:b4:c5:76:10:3a:3d:f1:21:93:1b:3b:49:d9:a4:75:c5:
d1:5c:8a:98:a8:54:2b:ee:cd:75:ab:83:1a:ec:23:f2:9b:54:
6b:c1:7f:ca:fd:2d:1d:ef:96:6e:1c:d3:15:bd:f6:99:f0:6c:
8a:03:ac:cd:df:10:1c:c7:53:ab:39:3b:c4:b3:70:61:c6:9d:
25:44:e6:53
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrObwZmyexkhXQ7IE9PUtnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjMwOTI1MjIyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ1NDM3OWMzN2FhYWM4OTdlZmM4ZWY3ZjEzMmY1MWE0ODQ0OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutF++JXD0m8HtBDmg+PwjnboDO+3
AkqcW/49/uEuJ9YJFaAEh1ENq2rpa29EuGMYfim6zSnGaYh90BnmReGYw8qD8XKd
vcrqG1oUa5NUp+j7Cjpx9EUu2CgrgbivSevDlwm2FPb3rPq2jUjXJBNUd1yTbMXW
eC30EcS5FbFnkKROMDHGkKJp0iZmy0/1SGn/Fs5raNfm+tqI1OXbjISWFlnqkMOG
aX8f2V56y5DRSkvYvMW9ArwXFm1UNzgBtFnVJEBqORJrXFUcT/RR5XSpT5IynZs8
Al/SaCS4+k8HV363KsoOSTGOTpDoXQX2LAPDA4U/Z980D/bPYEuFucOE+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNnVQ3nDeqrIl+/I738TL1GkhEn8MB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvMmRWRGVjTjZxc2lYNzhqdmZ4TXZVYVNFU2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQAHyn5AwQA
uZk3AwQAvO+/MBYEAgACMBAwDgMFACoH4EEDBQAqB+BCMA0GCSqGSIb3DQEBCwUA
A4IBAQAzN51IQCoABs6vLD2t/xk9AMN2lVDwM0MVKQSqJahVZHYtZq4utNehs5zk
azkDu4gcEHPwZSdgvqJZ4bKCUF02gDEWxYlC2TnzSXEDL5d76XjV4mRjwSfIMii5
s8vu0YSpj2K7yHgJO81IJKoftMBA+bvsPGub5Mys5epN1WfSXBaSfMlRyJFHTBmz
LS2qKcFW8azBUq8xFOu+ZxhSmQxkWjbvxnA8kOvl+QFJgD0hKe0InCj0B7TFdhA6
PfEhkxs7SdmkdcXRXIqYqFQr7s11q4Ma7CPym1RrwX/K/S0d75ZuHNMVvfaZ8GyK
A6zN3xAcx1OrOTvEs3Bhxp0lROZT
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:02 2023 by rpki-client on console.sobornost.net