Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/c586HYb89TyoFXfOfiOlUqYZtwY.roa
File: c586HYb89TyoFXfOfiOlUqYZtwY.roa (raw, json)
Hash identifier: bMan6eHtdH0yGt17wXoeb7Sn7cDICx5Ex5w6/5uDXqI=
Subject key identifier: 73:9F:3A:1D:86:FC:F5:3C:A8:15:77:CE:7E:23:A5:52:A6:19:B7:06
Certificate issuer: /CN=40d88ddb7aed72dea3ff8d69ced6531a52794aa7
Certificate serial: 01857039A10163BD26B9626478FC4B1A6FBD
Authority key identifier: 40:D8:8D:DB:7A:ED:72:DE:A3:FF:8D:69:CE:D6:53:1A:52:79:4A:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNiN23rtct6j_41pztZTGlJ5Sqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/c586HYb89TyoFXfOfiOlUqYZtwY.roa
Signing time: Mon 02 Jan 2023 02:05:02 +0000
ROA not before: Mon 02 Jan 2023 02:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211786
IP address blocks: 193.108.200.0/24 maxlen: 24
2a10:92c0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:a1:01:63:bd:26:b9:62:64:78:fc:4b:1a:6f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d88ddb7aed72dea3ff8d69ced6531a52794aa7
Validity
Not Before: Jan 2 02:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=739f3a1d86fcf53ca81577ce7e23a552a619b706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:ab:c8:4f:e5:81:bf:85:0b:fa:26:b4:33:
02:b9:26:74:f4:80:cc:4c:c4:16:88:fb:ac:ff:b6:
a1:19:68:5f:a3:0f:7a:c1:96:1a:7c:26:5b:84:2a:
e7:74:0b:a9:76:3c:5f:02:6a:4d:99:92:0b:34:dc:
21:ec:6b:c6:35:49:48:31:f3:37:29:4e:52:b4:94:
7c:38:6b:73:69:aa:16:7d:02:48:48:7e:ba:8a:2b:
b2:5f:f1:26:64:57:a5:05:cc:30:b2:68:46:73:48:
2b:58:8b:de:3f:21:2f:37:45:3b:b4:e6:4f:80:b4:
45:f3:55:fd:13:97:17:19:87:da:1f:8e:dd:d6:2a:
e2:ad:b1:c7:99:f0:9a:55:4d:ac:99:2d:98:cd:64:
0c:2a:69:de:6b:a6:54:fd:ba:5f:fa:6a:dc:10:f2:
d5:f3:0a:60:88:61:0d:cd:54:b8:ee:e4:b5:0a:1f:
59:de:4e:3f:fe:4d:f6:42:c9:da:72:59:c1:63:3a:
33:c6:f4:71:66:b0:d3:e9:26:e7:ee:b2:3e:e1:57:
7e:64:7a:47:8f:01:f9:01:93:bc:e8:fc:78:d0:89:
df:16:15:45:6e:95:44:e6:bb:57:1a:3f:8d:ff:1a:
ca:29:6a:c7:e9:c9:62:1b:eb:b7:05:c5:2c:13:28:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:9F:3A:1D:86:FC:F5:3C:A8:15:77:CE:7E:23:A5:52:A6:19:B7:06
X509v3 Authority Key Identifier:
keyid:40:D8:8D:DB:7A:ED:72:DE:A3:FF:8D:69:CE:D6:53:1A:52:79:4A:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNiN23rtct6j_41pztZTGlJ5Sqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/c586HYb89TyoFXfOfiOlUqYZtwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/QNiN23rtct6j_41pztZTGlJ5Sqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.200.0/24
IPv6:
2a10:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:a0:93:49:1e:36:1f:21:37:f2:27:77:5c:61:9c:7d:48:12:
8c:e8:9c:37:04:54:bf:ee:cb:52:f1:b9:06:ef:c1:06:1d:72:
0d:0a:cf:b6:d7:3d:f6:84:eb:4e:37:a5:6a:b5:e7:6e:b0:a3:
66:43:27:70:a1:dc:8d:d3:36:d5:68:d4:bd:e4:4e:d7:62:c7:
db:40:1c:c0:db:42:12:7a:ed:97:80:bf:36:5b:6e:33:e9:90:
6d:f9:bd:e2:17:1b:d7:0d:d8:16:a8:36:70:35:9b:aa:e5:36:
2d:8f:d7:fa:19:cd:d0:2c:05:4d:96:ad:21:54:8b:b5:dc:ec:
d2:6d:e1:fd:a3:38:a7:85:dd:d3:a7:33:d6:7e:c4:b4:eb:dc:
cc:b7:3a:5f:9f:bc:7c:20:90:5f:e1:af:e6:13:eb:9c:4c:88:
2a:8f:cf:0e:0a:94:29:c7:4b:ce:f0:4f:32:9b:82:29:f2:4f:
3e:e5:6e:0d:54:23:e5:b6:a5:b5:02:42:fa:fd:47:2e:5a:e3:
df:8c:b7:a8:ef:c1:ce:0e:ff:df:7b:d4:3f:b0:e9:20:27:ee:
e7:76:54:e8:09:81:81:e2:19:14:3d:fd:f5:9d:f9:05:a5:87:
e7:ca:0f:31:cb:56:8e:62:7f:e9:a3:ec:2c:46:77:ba:38:ac:
b7:46:e8:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwOaEBY70muWJkePxLGm+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDg4ZGRiN2FlZDcyZGVhM2ZmOGQ2OWNlZDY1MzFhNTI3
OTRhYTcwHhcNMjMwMTAyMDIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzlmM2ExZDg2ZmNmNTNjYTgxNTc3Y2U3ZTIzYTU1MmE2MTliNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbqryE/lgb+FC/omtDMCuSZ09IDM
TMQWiPus/7ahGWhfow96wZYafCZbhCrndAupdjxfAmpNmZILNNwh7GvGNUlIMfM3
KU5StJR8OGtzaaoWfQJISH66iiuyX/EmZFelBcwwsmhGc0grWIvePyEvN0U7tOZP
gLRF81X9E5cXGYfaH47d1irirbHHmfCaVU2smS2YzWQMKmnea6ZU/bpf+mrcEPLV
8wpgiGENzVS47uS1Ch9Z3k4//k32QsnaclnBYzozxvRxZrDT6Sbn7rI+4Vd+ZHpH
jwH5AZO86Px40InfFhVFbpVE5rtXGj+N/xrKKWrH6cliG+u3BcUsEyjgowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHOfOh2G/PU8qBV3zn4jpVKmGbcGMB8GA1UdIwQY
MBaAFEDYjdt67XLeo/+Nac7WUxpSeUqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5pTjIzcnRjdDZqXzQxcHp0WlRHbEo1U3FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9mZTQ1ZGUtYjQ2My00NDNkLWI3ZGUt
MzdhMjRlMDgxZjY4LzEvYzU4NkhZYjg5VHlvRlhmT2ZpT2xVcVladHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9mZTQ1ZGUtYjQ2My00NDNkLWI3ZGUtMzdhMjRlMDgxZjY4
LzEvUU5pTjIzcnRjdDZqXzQxcHp0WlRHbEo1U3FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWzIMA0E
AgACMAcDBQMqEJLAMA0GCSqGSIb3DQEBCwUAA4IBAQBmoJNJHjYfITfyJ3dcYZx9
SBKM6Jw3BFS/7stS8bkG78EGHXINCs+21z32hOtON6VqtedusKNmQydwodyN0zbV
aNS95E7XYsfbQBzA20ISeu2XgL82W24z6ZBt+b3iFxvXDdgWqDZwNZuq5TYtj9f6
Gc3QLAVNlq0hVIu13OzSbeH9ozinhd3TpzPWfsS069zMtzpfn7x8IJBf4a/mE+uc
TIgqj88OCpQpx0vO8E8ym4Ip8k8+5W4NVCPltqW1AkL6/UcuWuPfjLeo78HODv/f
e9Q/sOkgJ+7ndlToCYGB4hkUPf31nfkFpYfnyg8xy1aOYn/po+wsRne6OKy3RuhG
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:48 2024 by rpki-client on console.sobornost.net