Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/A-i9ieTKyCQ6IJwdWwnSdkKQPSM.roa
File: A-i9ieTKyCQ6IJwdWwnSdkKQPSM.roa (raw, json)
Hash identifier: GaKj+ULd69FtBIfvgfoknQgog9bOA7G9c7ftK3Z1H8Y=
Subject key identifier: 03:E8:BD:89:E4:CA:C8:24:3A:20:9C:1D:5B:09:D2:76:42:90:3D:23
Certificate issuer: /CN=d31e4a8cd2898c5de6d6625f10c4b2e85f461f78
Certificate serial: 0188BA387962082F9BFF8B1DDA1ED0F15D01
Authority key identifier: D3:1E:4A:8C:D2:89:8C:5D:E6:D6:62:5F:10:C4:B2:E8:5F:46:1F:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x5KjNKJjF3m1mJfEMSy6F9GH3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/A-i9ieTKyCQ6IJwdWwnSdkKQPSM.roa
Signing time: Wed 14 Jun 2023 14:04:03 +0000
ROA not before: Wed 14 Jun 2023 14:04:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207982
IP address blocks: 145.66.203.0/24 maxlen: 24
145.66.202.0/24 maxlen: 24
145.66.201.0/24 maxlen: 24
145.66.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ba:38:79:62:08:2f:9b:ff:8b:1d:da:1e:d0:f1:5d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31e4a8cd2898c5de6d6625f10c4b2e85f461f78
Validity
Not Before: Jun 14 14:04:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03e8bd89e4cac8243a209c1d5b09d27642903d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:f3:dd:79:d2:96:e1:75:32:23:8d:86:73:
f0:f0:c4:d8:22:7f:0a:5b:50:62:d6:97:c2:f0:31:
63:39:9d:14:74:7c:f0:21:d6:7f:d3:05:02:a3:9a:
09:d0:7c:64:b2:0d:6c:42:90:64:34:0c:cf:4b:e4:
c0:c9:75:5f:5f:3e:5f:71:8b:54:3d:f1:1a:f1:db:
9e:c2:87:69:95:9b:8b:a7:81:a2:16:73:f0:e2:a7:
02:3f:97:93:2a:43:ee:22:0c:71:78:a8:2e:fe:42:
28:f9:50:bf:e5:08:6d:33:a4:8f:eb:9d:0c:40:80:
af:66:ed:d7:57:53:43:33:7e:ef:db:7c:9c:d1:c2:
e5:73:e7:69:70:6d:47:b8:dc:e2:71:12:1e:98:df:
e4:96:a8:e5:2c:13:f9:5e:07:15:9e:b9:c4:87:8a:
69:34:6a:66:c7:49:2a:93:6e:e4:d4:1b:ed:44:d0:
cc:d6:08:4a:59:58:ba:4a:e2:f4:a4:db:d7:c9:55:
97:71:b2:04:0f:fa:64:ae:52:ca:75:3f:e7:e0:5a:
c5:cb:5f:ec:96:20:2a:d8:6f:1a:75:b3:25:f4:90:
da:85:b7:18:62:f6:13:47:fd:22:d6:25:79:dd:f5:
ad:43:f6:f4:23:5c:f2:b3:02:a8:bd:76:32:10:bc:
03:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E8:BD:89:E4:CA:C8:24:3A:20:9C:1D:5B:09:D2:76:42:90:3D:23
X509v3 Authority Key Identifier:
keyid:D3:1E:4A:8C:D2:89:8C:5D:E6:D6:62:5F:10:C4:B2:E8:5F:46:1F:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x5KjNKJjF3m1mJfEMSy6F9GH3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/A-i9ieTKyCQ6IJwdWwnSdkKQPSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/0x5KjNKJjF3m1mJfEMSy6F9GH3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.66.200.0/22
Signature Algorithm: sha256WithRSAEncryption
10:a7:4f:08:1a:ad:7b:c2:a6:63:f0:a0:52:dd:fc:63:e7:7b:
ba:ee:62:6d:4e:53:40:db:e0:27:d6:34:95:67:e2:c8:0a:2e:
31:70:56:10:87:b9:41:c5:49:85:83:2d:72:b9:77:b0:e6:8e:
81:46:e3:d8:8b:77:7d:1f:70:a9:3c:e8:14:22:80:ab:32:61:
bc:74:34:4a:8e:38:81:ef:ff:12:67:7d:2a:c0:dd:0d:01:3f:
b0:44:22:3e:ac:b8:7d:f6:6a:2d:d9:0c:2f:3a:35:1d:59:d8:
8f:14:d6:89:9d:57:7a:3f:8d:39:98:da:cc:25:f3:5d:8f:5e:
1d:c7:37:7a:19:0a:a0:75:cb:0c:37:31:0c:73:3b:c1:51:b8:
8f:9d:d9:89:f1:f7:5a:31:ab:88:4e:ac:89:65:25:46:5c:3c:
9e:01:39:a9:22:2d:ba:31:75:e8:ea:26:99:3c:d1:01:ec:7c:
6b:8e:c9:e5:bf:82:33:3b:e0:f1:7c:27:ee:7b:7d:60:bd:08:
1c:2e:23:f8:74:3b:7d:ea:93:c7:81:4b:c5:a6:32:96:52:48:
46:03:27:3b:e2:34:87:03:f2:fa:16:c7:18:da:bf:65:08:0b:
65:50:83:bf:1e:95:9d:14:2f:bf:6e:2d:26:ff:39:cc:73:78:
0c:0c:cc:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi6OHliCC+b/4sd2h7Q8V0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWU0YThjZDI4OThjNWRlNmQ2NjI1ZjEwYzRiMmU4NWY0
NjFmNzgwHhcNMjMwNjE0MTQwNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U4YmQ4OWU0Y2FjODI0M2EyMDljMWQ1YjA5ZDI3NjQyOTAzZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvzz3XnSluF1MiONhnPw8MTYIn8K
W1Bi1pfC8DFjOZ0UdHzwIdZ/0wUCo5oJ0Hxksg1sQpBkNAzPS+TAyXVfXz5fcYtU
PfEa8duewodplZuLp4GiFnPw4qcCP5eTKkPuIgxxeKgu/kIo+VC/5QhtM6SP650M
QICvZu3XV1NDM37v23yc0cLlc+dpcG1HuNzicRIemN/klqjlLBP5XgcVnrnEh4pp
NGpmx0kqk27k1BvtRNDM1ghKWVi6SuL0pNvXyVWXcbIED/pkrlLKdT/n4FrFy1/s
liAq2G8adbMl9JDahbcYYvYTR/0i1iV53fWtQ/b0I1zyswKovXYyELwDtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPovYnkysgkOiCcHVsJ0nZCkD0jMB8GA1UdIwQY
MBaAFNMeSozSiYxd5tZiXxDEsuhfRh94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHg1S2pOS0pqRjNtMW1KZkVNU3k2RjlHSDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS85ZmFjYWUtZmQ5MC00YjRjLWEyZWMt
OTEyN2U4MTA1Njk5LzEvQS1pOWllVEt5Q1E2SUp3ZFd3blNka0tRUFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS85ZmFjYWUtZmQ5MC00YjRjLWEyZWMtOTEyN2U4MTA1Njk5
LzEvMHg1S2pOS0pqRjNtMW1KZkVNU3k2RjlHSDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkULIMA0G
CSqGSIb3DQEBCwUAA4IBAQAQp08IGq17wqZj8KBS3fxj53u67mJtTlNA2+An1jSV
Z+LICi4xcFYQh7lBxUmFgy1yuXew5o6BRuPYi3d9H3CpPOgUIoCrMmG8dDRKjjiB
7/8SZ30qwN0NAT+wRCI+rLh99mot2QwvOjUdWdiPFNaJnVd6P405mNrMJfNdj14d
xzd6GQqgdcsMNzEMczvBUbiPndmJ8fdaMauITqyJZSVGXDyeATmpIi26MXXo6iaZ
PNEB7Hxrjsnlv4IzO+DxfCfue31gvQgcLiP4dDt96pPHgUvFpjKWUkhGAyc74jSH
A/L6FscY2r9lCAtlUIO/HpWdFC+/bi0m/znMc3gMDMz/
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:37:08 2024 by rpki-client on console.sobornost.net