Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/CDWKItYwy5dBv_YUid65rZTjbt0.roa
File: CDWKItYwy5dBv_YUid65rZTjbt0.roa (raw, json)
Hash identifier: RncpoL8CCXGXfvzyjlkPxTS/btW39iJFfEZgtQdv9Uc=
Subject key identifier: 08:35:8A:22:D6:30:CB:97:41:BF:F6:14:89:DE:B9:AD:94:E3:6E:DD
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185F363483BDFE29416BDE34DA17FCE1740
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/CDWKItYwy5dBv_YUid65rZTjbt0.roa
Signing time: Fri 27 Jan 2023 13:20:48 +0000
ROA not before: Fri 27 Jan 2023 13:20:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 2001:2044::/32 maxlen: 32
2001:2040::/32 maxlen: 32
2001:2042::/31 maxlen: 31
2001:2001:9000::/40 maxlen: 40
2001:2001:4000::/36 maxlen: 36
2001:2090::/31 maxlen: 31
2001:2040::/27 maxlen: 27
2001:2000:9000::/40 maxlen: 40
2001:2000:4000::/40 maxlen: 40
2001:2000::/48 maxlen: 48
2001:2040:c010::/48 maxlen: 48
2001:2040:c010::/47 maxlen: 47
2001:2002::/32 maxlen: 32
2001:2040:c011::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:63:48:3b:df:e2:94:16:bd:e3:4d:a1:7f:ce:17:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 27 13:20:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08358a22d630cb9741bff61489deb9ad94e36edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:e8:9e:d3:97:2d:61:d6:a8:f9:2f:7a:b4:
a0:42:fb:ba:5c:62:c7:f1:65:e0:be:68:15:75:95:
a0:ba:c8:75:43:31:b5:16:b0:60:db:0f:fe:a4:d2:
61:8e:9b:70:2d:6a:b0:6f:ff:88:0d:f0:2e:e9:6c:
f9:f3:82:6e:1e:0e:9c:55:65:a1:b7:d9:46:16:63:
03:62:e7:96:c3:43:b4:36:5d:a1:eb:9b:c5:af:01:
82:2c:15:75:a6:7b:82:16:38:a3:88:85:d1:6f:15:
70:52:ec:65:ea:2f:75:bb:9f:76:b8:7e:99:48:c5:
17:8b:b2:5c:1a:2e:c9:95:73:9b:7e:d2:d4:f4:b4:
28:c0:8d:56:27:08:49:3d:71:7a:b3:d0:77:2c:f8:
8a:61:1e:76:b8:ff:9d:df:b5:ba:8b:6e:25:c2:13:
f7:88:db:cb:96:59:59:84:db:1d:bc:93:f4:bc:82:
77:42:cf:40:7a:c0:6c:1b:60:76:f5:3a:ed:8e:86:
37:73:3f:cb:60:27:67:4a:2b:eb:79:c0:2e:f8:50:
5c:ba:56:76:f1:f2:66:89:68:e4:23:79:45:ca:db:
53:82:8e:e1:52:89:da:03:f9:01:38:95:1f:be:c3:
b3:58:c5:7b:42:a6:8d:21:91:36:dd:76:f2:be:e6:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:35:8A:22:D6:30:CB:97:41:BF:F6:14:89:DE:B9:AD:94:E3:6E:DD
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/CDWKItYwy5dBv_YUid65rZTjbt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000::/48
2001:2000:4000::/40
2001:2000:9000::/40
2001:2001:4000::/36
2001:2001:9000::/40
2001:2002::/32
2001:2040::/27
2001:2090::/31
Signature Algorithm: sha256WithRSAEncryption
6c:7a:c0:81:cf:50:5c:48:8b:17:83:af:4d:fb:21:d3:95:dd:
8a:98:6d:a8:a7:47:1b:a1:02:ab:fa:37:97:72:d3:28:14:16:
d2:e9:0f:96:75:7d:b4:4f:b1:12:70:41:0e:55:98:f0:0f:ce:
cf:0f:90:41:c2:96:d6:2a:1f:5a:7a:05:0c:f6:45:0e:c1:e7:
21:af:84:8b:a3:59:17:cd:58:db:d9:6c:0a:67:a3:7e:66:48:
c7:15:7f:21:fb:bd:84:c6:42:d1:20:74:9b:3b:d2:5d:fb:17:
40:3c:65:37:d0:e0:39:0d:6f:0a:ef:c9:e8:10:82:49:ee:69:
de:45:28:9e:79:b0:1e:5d:a0:06:1c:e4:28:bf:6f:6f:66:64:
56:d0:30:f0:b3:dd:5c:00:52:e6:a0:84:5b:60:90:fd:ea:13:
3e:b8:e0:3c:91:b0:c9:c1:2a:1c:60:94:ca:43:45:83:c7:2f:
d6:70:0f:47:6a:db:fc:6d:ad:f3:ce:99:70:f1:61:ca:63:94:
8b:56:e2:fd:77:c4:71:b6:51:0c:3a:63:6e:be:69:96:54:b4:
7c:61:e7:01:f2:00:42:ad:cb:d4:7c:4e:ca:d8:ed:9d:03:cd:
6b:51:b0:da:dd:80:ee:3d:16:c2:0b:eb:66:e6:4c:40:aa:c0:
f4:44:fe:9a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYXzY0g73+KUFr3jTaF/zhdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTI3MTMyMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM1OGEyMmQ2MzBjYjk3NDFiZmY2MTQ4OWRlYjlhZDk0ZTM2ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKXontOXLWHWqPkverSgQvu6XGLH
8WXgvmgVdZWgush1QzG1FrBg2w/+pNJhjptwLWqwb/+IDfAu6Wz584JuHg6cVWWh
t9lGFmMDYueWw0O0Nl2h65vFrwGCLBV1pnuCFjijiIXRbxVwUuxl6i91u592uH6Z
SMUXi7JcGi7JlXObftLU9LQowI1WJwhJPXF6s9B3LPiKYR52uP+d37W6i24lwhP3
iNvLlllZhNsdvJP0vIJ3Qs9AesBsG2B29TrtjoY3cz/LYCdnSivrecAu+FBculZ2
8fJmiWjkI3lFyttTgo7hUonaA/kBOJUfvsOzWMV7QqaNIZE23XbyvuZb8QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAg1iiLWMMuXQb/2FIneua2U427dMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvQ0RXS0l0WXd5NWRCdl9ZVWlkNjVyWlRqYnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAAjA+AwcAIAEgAAAA
AwYAIAEgAEADBgAgASAAkAMGBCABIAFAAwYAIAEgAZADBQAgASACAwUFIAEgQAMF
ASABIJAwDQYJKoZIhvcNAQELBQADggEBAGx6wIHPUFxIixeDr037IdOV3YqYbain
RxuhAqv6N5dy0ygUFtLpD5Z1fbRPsRJwQQ5VmPAPzs8PkEHCltYqH1p6BQz2RQ7B
5yGvhIujWRfNWNvZbApno35mSMcVfyH7vYTGQtEgdJs70l37F0A8ZTfQ4DkNbwrv
yegQgknuad5FKJ55sB5doAYc5Ci/b29mZFbQMPCz3VwAUuaghFtgkP3qEz644DyR
sMnBKhxglMpDRYPHL9ZwD0dq2/xtrfPOmXDxYcpjlItW4v13xHG2UQw6Y26+aZZU
tHxh5wHyAEKty9R8TsrY7Z0DzWtRsNrdgO49FsIL62bmTECqwPRE/po=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:34 2024 by rpki-client on console.sobornost.net