Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/afyPVpZlie0k8yEXjhhjE30cvls.roa
File: afyPVpZlie0k8yEXjhhjE30cvls.roa (raw, json)
Hash identifier: I6aYCFjk+Zpa/lYUuewHWIZz2OJ/fnvhELm0MDeo9hQ=
Subject key identifier: 69:FC:8F:56:96:65:89:ED:24:F3:21:17:8E:18:63:13:7D:1C:BE:5B
Certificate issuer: /CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Certificate serial: 0188B8C935ED292158F8CB698415CB9716F9
Authority key identifier: E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/afyPVpZlie0k8yEXjhhjE30cvls.roa
Signing time: Wed 14 Jun 2023 07:22:54 +0000
ROA not before: Wed 14 Jun 2023 07:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58323
IP address blocks: 164.138.192.0/21 maxlen: 24
2a00:bac0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:c9:35:ed:29:21:58:f8:cb:69:84:15:cb:97:16:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Validity
Not Before: Jun 14 07:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69fc8f56966589ed24f321178e1863137d1cbe5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:61:59:da:05:2d:f5:b6:f7:63:c0:4f:3d:07:
01:bf:75:06:f8:6c:84:b8:28:37:2b:c4:c4:eb:1a:
9a:bc:de:57:69:e6:7f:88:5d:aa:d3:75:72:8f:f4:
2c:11:45:77:77:24:fa:60:0d:9b:4f:68:8f:b5:59:
b2:3f:97:24:8b:1b:63:21:3d:cd:b2:0b:53:6c:1e:
bd:c3:4e:2e:94:a3:25:33:67:51:59:7f:bc:d7:8d:
06:6b:76:7d:4c:56:14:85:56:c9:af:63:02:a7:b1:
a9:1f:53:17:4e:9d:bb:c7:33:f1:cd:85:68:21:dc:
c5:8d:08:d3:4d:26:3c:e8:c2:f4:60:5a:c9:1e:c0:
84:c6:99:5c:a5:46:e0:ff:1a:a2:5c:7f:d3:a7:14:
7b:d3:c0:56:5a:bf:d9:e0:24:3c:61:c2:30:51:9c:
2b:78:be:67:f7:b2:c0:f2:c5:4c:dd:92:ad:43:3f:
12:dd:9b:a6:cf:09:6b:14:d6:ff:14:5f:6d:4c:cb:
f3:08:94:97:59:30:c7:87:da:58:5f:1a:6d:05:86:
1a:20:c8:62:5e:11:59:24:11:70:54:5e:8c:94:92:
44:29:18:f4:a5:23:20:08:e7:eb:8c:43:40:07:5a:
14:0f:19:7a:f6:f8:4a:72:55:c7:c1:5f:ee:63:e1:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FC:8F:56:96:65:89:ED:24:F3:21:17:8E:18:63:13:7D:1C:BE:5B
X509v3 Authority Key Identifier:
keyid:E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/afyPVpZlie0k8yEXjhhjE30cvls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.192.0/21
IPv6:
2a00:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:a8:aa:8a:64:64:90:53:83:50:71:ce:cb:ac:e8:72:ea:8c:
a4:d3:c8:d4:de:db:18:e3:a8:cf:70:b2:20:64:00:7d:7d:27:
4e:a7:6d:1d:8d:61:d7:2b:9c:df:28:2b:56:ff:b0:05:3a:43:
fc:39:67:4c:47:0e:bc:6d:56:31:92:b3:30:06:46:c2:e5:c0:
fb:70:b5:03:33:9b:d3:ec:c6:1d:0f:f7:db:a8:ea:15:7c:df:
d0:9b:2b:ce:b1:1c:b4:26:23:62:09:70:4b:b0:95:2f:e9:0e:
42:ae:62:6b:94:b9:21:88:26:03:d7:80:4a:14:f5:06:8c:f5:
58:00:47:c4:b7:72:f1:f4:b2:1e:b5:e5:ce:cc:90:e0:32:c1:
9b:09:51:ce:fc:f2:44:ec:48:fc:de:3b:2f:65:a6:d7:f5:23:
ba:dc:00:a2:ce:de:bf:8d:3a:a2:3e:e0:1b:78:9e:5d:17:8e:
75:39:f1:2e:0d:13:5b:d2:cc:de:8c:8f:1a:bb:0c:b3:bd:d5:
e1:83:c5:b3:91:26:64:55:ab:13:b5:68:70:33:24:77:cc:93:
96:d9:71:ef:05:d7:f9:96:32:96:5f:c8:f8:01:d0:af:2c:64:
40:5e:6a:81:5f:f2:f7:e5:8b:ad:77:3c:61:a2:f8:a5:16:40:
25:6d:38:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYi4yTXtKSFY+MtphBXLlxb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDU3NDcwZmQ1NmYxYjc3M2IyZTQwYWJhZWU3OWY5OTY2
ZTQ0MzYwHhcNMjMwNjE0MDcyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZjOGY1Njk2NjU4OWVkMjRmMzIxMTc4ZTE4NjMxMzdkMWNiZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGFZ2gUt9bb3Y8BPPQcBv3UG+GyE
uCg3K8TE6xqavN5XaeZ/iF2q03Vyj/QsEUV3dyT6YA2bT2iPtVmyP5ckixtjIT3N
sgtTbB69w04ulKMlM2dRWX+8140Ga3Z9TFYUhVbJr2MCp7GpH1MXTp27xzPxzYVo
IdzFjQjTTSY86ML0YFrJHsCExplcpUbg/xqiXH/TpxR708BWWr/Z4CQ8YcIwUZwr
eL5n97LA8sVM3ZKtQz8S3ZumzwlrFNb/FF9tTMvzCJSXWTDHh9pYXxptBYYaIMhi
XhFZJBFwVF6MlJJEKRj0pSMgCOfrjENAB1oUDxl69vhKclXHwV/uY+GjPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGn8j1aWZYntJPMhF44YYxN9HL5bMB8GA1UdIwQY
MBaAFOkFdHD9VvG3c7LkCrruefmWbkQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGIt
OTIxOGY5MmYzMDM2LzEvYWZ5UFZwWmxpZTBrOHlFWGpoaGpFMzBjdmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGItOTIxOGY5MmYzMDM2
LzEvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDpIrAMA0E
AgACMAcDBQAqALrAMA0GCSqGSIb3DQEBCwUAA4IBAQArqKqKZGSQU4NQcc7LrOhy
6oyk08jU3tsY46jPcLIgZAB9fSdOp20djWHXK5zfKCtW/7AFOkP8OWdMRw68bVYx
krMwBkbC5cD7cLUDM5vT7MYdD/fbqOoVfN/QmyvOsRy0JiNiCXBLsJUv6Q5CrmJr
lLkhiCYD14BKFPUGjPVYAEfEt3Lx9LIeteXOzJDgMsGbCVHO/PJE7Ej83jsvZabX
9SO63ACizt6/jTqiPuAbeJ5dF451OfEuDRNb0szejI8auwyzvdXhg8WzkSZkVasT
tWhwMyR3zJOW2XHvBdf5ljKWX8j4AdCvLGRAXmqBX/L35YutdzxhovilFkAlbTij
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:37:11 2024 by rpki-client on console.sobornost.net