Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/1-fxtMYbKtBOLBHmwl15x13b5vb0.roa
File: 1-fxtMYbKtBOLBHmwl15x13b5vb0.roa (raw, json)
Hash identifier: x897dMRAR9x66N+xVFbzqMpD2HH9ap1XrpOW+JzgVsQ=
Subject key identifier: F9:FC:6D:31:86:CA:B4:13:8B:04:79:B0:97:5E:71:D7:76:F9:BD:BD
Certificate issuer: /CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Certificate serial: 01886F6F4FDE8C067AE5AF796A803B6181BD
Authority key identifier: A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/1-fxtMYbKtBOLBHmwl15x13b5vb0.roa
Signing time: Wed 31 May 2023 01:32:25 +0000
ROA not before: Wed 31 May 2023 01:32:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204648
IP address blocks: 193.17.36.0/24 maxlen: 24
193.17.38.0/24 maxlen: 24
193.17.37.0/24 maxlen: 24
193.17.39.0/24 maxlen: 24
173.255.144.0/24 maxlen: 24
173.255.148.0/24 maxlen: 24
173.255.150.0/24 maxlen: 24
173.255.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6f:6f:4f:de:8c:06:7a:e5:af:79:6a:80:3b:61:81:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Validity
Not Before: May 31 01:32:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9fc6d3186cab4138b0479b0975e71d776f9bdbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3d:cd:65:e0:aa:49:15:68:76:f4:f9:93:d5:
e0:26:4b:2d:04:fc:19:4f:d6:44:41:c9:e3:08:3b:
89:48:77:4b:96:7f:28:28:a9:40:01:61:d6:06:8e:
8c:37:a1:c6:9b:dc:90:3f:9f:64:94:be:c0:a2:6e:
6d:44:f7:33:b4:58:01:fc:c4:1d:ed:99:73:83:27:
b4:89:2e:f7:7e:c8:cf:5b:8a:22:70:4b:06:72:f1:
c7:7f:76:de:07:3b:95:3b:d6:db:96:a6:12:49:35:
1c:69:83:16:d9:63:23:7b:e5:01:05:ee:03:92:6f:
31:32:aa:fc:39:d3:a3:e6:f4:9c:13:ca:53:10:e6:
b9:ce:e7:6e:72:1d:c4:d1:18:a0:87:b3:84:1e:80:
8d:cf:c7:17:27:8f:9e:e1:bc:bd:eb:f4:27:c1:a7:
a5:09:25:70:0f:31:90:47:15:38:e2:c0:22:c4:77:
e1:b8:1b:63:83:2f:4d:70:bd:3c:d8:95:61:7a:21:
3e:15:e1:4a:f8:e8:54:44:66:5a:88:70:13:11:6e:
ec:6d:0f:8e:6a:52:d5:eb:29:ff:85:e0:8f:4c:3c:
f6:fc:4c:b6:d9:b1:44:27:4d:67:be:54:cc:c4:e5:
5d:f6:5a:41:23:09:ca:1d:6b:59:0c:34:7d:6a:84:
8a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FC:6D:31:86:CA:B4:13:8B:04:79:B0:97:5E:71:D7:76:F9:BD:BD
X509v3 Authority Key Identifier:
keyid:A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/1-fxtMYbKtBOLBHmwl15x13b5vb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.255.144.0/24
173.255.146.0/24
173.255.148.0/24
173.255.150.0/24
193.17.36.0/22
Signature Algorithm: sha256WithRSAEncryption
71:33:1a:f2:d8:25:13:b8:c5:e1:26:2b:d2:d5:88:e5:dc:11:
ea:61:c6:fa:56:d1:0b:1e:05:07:ca:3b:a6:7a:28:15:26:75:
1e:e9:67:8e:98:63:41:2b:58:aa:18:35:4b:14:6a:98:52:bf:
7c:c7:05:9f:2e:94:fd:91:90:ae:5b:0e:ac:08:e4:38:19:9c:
d6:90:b9:05:a5:17:d0:3c:55:ce:8b:08:5a:fd:6e:42:bc:72:
c1:6b:9a:51:78:ef:09:2c:07:42:66:e0:86:8b:99:13:3f:89:
1a:cd:75:1e:a9:d0:61:67:f1:26:65:b5:e2:d7:8b:4b:7f:da:
92:9d:82:88:2c:9f:80:68:79:28:3f:79:83:b4:e2:f7:a0:93:
be:55:1a:c9:a6:68:8e:e5:0a:20:a4:9f:5a:96:a8:71:61:61:
c4:81:4c:59:ba:9c:22:83:b7:d1:9a:9a:ee:1d:5e:46:90:b1:
f8:eb:db:42:84:9f:5c:ec:36:52:a2:4f:d8:03:48:48:62:3b:
21:b7:0c:f4:57:01:fb:39:ae:3a:fa:b9:b2:2c:d9:a4:f9:1f:
00:df:df:c0:bb:19:e4:5a:41:ad:11:17:76:f3:53:f9:07:fd:
2d:b5:73:ed:04:54:0a:2c:cc:d3:cc:f8:c5:51:78:68:cd:71:
32:bb:ef:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYhvb0/ejAZ65a95aoA7YYG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YjFkZWY2OTU4ODVlYWRlNWNjYzhiNGJlMmEwMmJiMTYw
NzllOWMwHhcNMjMwNTMxMDEzMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZjNmQzMTg2Y2FiNDEzOGIwNDc5YjA5NzVlNzFkNzc2ZjliZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT3NZeCqSRVodvT5k9XgJkstBPwZ
T9ZEQcnjCDuJSHdLln8oKKlAAWHWBo6MN6HGm9yQP59klL7Aom5tRPcztFgB/MQd
7Zlzgye0iS73fsjPW4oicEsGcvHHf3beBzuVO9bblqYSSTUcaYMW2WMje+UBBe4D
km8xMqr8OdOj5vScE8pTEOa5zuduch3E0Righ7OEHoCNz8cXJ4+e4by96/Qnwael
CSVwDzGQRxU44sAixHfhuBtjgy9NcL082JVheiE+FeFK+OhURGZaiHATEW7sbQ+O
alLV6yn/heCPTDz2/Ey22bFEJ01nvlTMxOVd9lpBIwnKHWtZDDR9aoSKdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPn8bTGGyrQTiwR5sJdecdd2+b29MB8GA1UdIwQY
MBaAFKex3vaViF6t5czItL4qArsWB56cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEt
OTQ0ZWNlYzdhNDIzLzEvMS1meHRNWWJLdEJPTEJIbXdsMTV4MTNiNXZiMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNjg4Y2FlLTVmOTYtNDg3NS04NzAxLTk0NGVjZWM3YTQy
My8xL3A3SGU5cFdJWHEzbHpNaTB2aW9DdXhZSG5wdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAK3/kAME
AK3/kgMEAK3/lAMEAK3/lgMEAsERJDANBgkqhkiG9w0BAQsFAAOCAQEAcTMa8tgl
E7jF4SYr0tWI5dwR6mHG+lbRCx4FB8o7pnooFSZ1HulnjphjQStYqhg1SxRqmFK/
fMcFny6U/ZGQrlsOrAjkOBmc1pC5BaUX0DxVzosIWv1uQrxywWuaUXjvCSwHQmbg
houZEz+JGs11HqnQYWfxJmW14teLS3/akp2CiCyfgGh5KD95g7Ti96CTvlUayaZo
juUKIKSfWpaocWFhxIFMWbqcIoO30Zqa7h1eRpCx+OvbQoSfXOw2UqJP2ANISGI7
IbcM9FcB+zmuOvq5sizZpPkfAN/fwLsZ5FpBrREXdvNT+Qf9LbVz7QRUCizM08z4
xVF4aM1xMrvvqw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:45 2024 by rpki-client on console.sobornost.net