Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/qW2SYlG4pXmsuojB66MruB7AfwA.roa
File: qW2SYlG4pXmsuojB66MruB7AfwA.roa (raw, json)
Hash identifier: jPJz/Dz2/wfosM3UNMaUiNDtLfIR2iaPvYjQzx0ZHoI=
Subject key identifier: A9:6D:92:62:51:B8:A5:79:AC:BA:88:C1:EB:A3:2B:B8:1E:C0:7F:00
Certificate issuer: /CN=44d2e7578aac94f42960a780d3996da8bb469477
Certificate serial: 018571FA27F249C06B858BE4865CD6F16E22
Authority key identifier: 44:D2:E7:57:8A:AC:94:F4:29:60:A7:80:D3:99:6D:A8:BB:46:94:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RNLnV4qslPQpYKeA05ltqLtGlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/qW2SYlG4pXmsuojB66MruB7AfwA.roa
Signing time: Mon 02 Jan 2023 10:14:57 +0000
ROA not before: Mon 02 Jan 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47388
IP address blocks: 46.174.144.0/21 maxlen: 24
91.206.36.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:27:f2:49:c0:6b:85:8b:e4:86:5c:d6:f1:6e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44d2e7578aac94f42960a780d3996da8bb469477
Validity
Not Before: Jan 2 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a96d926251b8a579acba88c1eba32bb81ec07f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b0:84:b3:b6:0f:2f:59:99:b0:b6:06:d9:1a:
d4:59:22:60:96:83:06:27:6c:9a:11:1d:1b:f9:bc:
9c:48:6c:5a:5c:5e:54:f2:ac:9a:5f:1b:4c:77:fd:
5d:c5:c3:9e:04:ba:b8:76:05:3a:cc:eb:b6:d1:9c:
08:23:da:2c:57:66:da:40:5d:a0:b0:db:bf:33:59:
53:a2:3e:68:ac:14:b8:fb:f9:70:b2:ea:66:ce:60:
6e:20:c3:32:25:48:82:69:0e:bf:37:58:43:a7:0e:
4d:21:c2:fe:22:80:5d:47:fd:04:91:82:a2:38:24:
90:00:82:fa:17:f8:6e:af:53:76:10:1c:62:99:33:
a9:71:1a:38:34:10:82:27:01:a4:d3:29:98:61:8d:
3d:06:a8:14:8c:7a:2b:39:6f:6b:43:2f:8b:5b:a5:
80:f1:ef:25:ca:61:ee:ed:09:f4:03:dc:94:39:02:
fd:b6:cd:bd:bb:a9:24:7e:d7:63:77:c8:3c:0d:1f:
8d:47:7b:6f:21:cd:f9:fc:2f:74:12:25:c5:93:f8:
e9:99:b9:90:74:ab:45:87:f2:29:e3:d4:ec:dd:55:
72:b8:bc:4c:96:24:da:22:f3:63:1c:0d:44:14:e8:
e5:dc:b4:97:14:a1:83:c8:18:9f:c0:84:90:6d:52:
31:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6D:92:62:51:B8:A5:79:AC:BA:88:C1:EB:A3:2B:B8:1E:C0:7F:00
X509v3 Authority Key Identifier:
keyid:44:D2:E7:57:8A:AC:94:F4:29:60:A7:80:D3:99:6D:A8:BB:46:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNLnV4qslPQpYKeA05ltqLtGlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/qW2SYlG4pXmsuojB66MruB7AfwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/2da43d-3997-40a6-accd-f6fd6bd857b8/1/RNLnV4qslPQpYKeA05ltqLtGlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.144.0/21
91.206.36.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:ff:1f:f5:26:84:eb:b9:27:ba:cf:f6:df:6f:a1:cb:56:75:
c0:f4:44:bf:10:50:a7:03:2e:bc:1c:74:f4:b5:a5:1c:5c:49:
25:0d:e5:89:ee:62:c2:bd:dd:f2:92:2b:e3:cc:8e:fe:01:33:
4f:ba:a3:7b:32:2b:4d:2e:62:73:3d:bc:ad:e3:39:95:06:55:
ac:f8:22:41:ea:56:97:57:50:7c:e6:41:a2:fe:bd:af:32:fd:
01:e3:4a:3f:90:af:74:2a:20:26:7f:d0:b0:75:50:65:bb:87:
b1:d3:ba:ae:83:d2:7c:a2:47:15:d5:59:47:c6:76:d2:3f:f5:
ab:17:98:75:90:0b:d3:b3:6f:2b:fd:d0:3a:57:d4:f6:24:58:
ef:7b:a4:88:ad:ea:e1:31:fe:de:f5:65:98:8f:a7:2e:1d:b0:
ac:01:77:4c:7b:6e:17:b4:32:a4:c5:0c:29:e7:97:3c:5c:f1:
ad:35:4c:74:bf:9e:2a:9c:92:04:0b:c8:eb:8c:c0:73:df:cf:
af:77:95:72:d2:ca:7b:83:a7:08:a2:4a:90:ea:c8:bd:a5:ac:
e9:a3:85:7d:e1:a1:eb:bb:52:fe:b7:a0:91:c9:4c:2e:e9:48:
ac:7f:4c:68:2c:74:49:6d:52:12:53:a7:3c:ce:46:42:7f:a7:
51:1c:cb:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx+ifyScBrhYvkhlzW8W4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZDJlNzU3OGFhYzk0ZjQyOTYwYTc4MGQzOTk2ZGE4YmI0
Njk0NzcwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTZkOTI2MjUxYjhhNTc5YWNiYTg4YzFlYmEzMmJiODFlYzA3ZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLCEs7YPL1mZsLYG2RrUWSJgloMG
J2yaER0b+bycSGxaXF5U8qyaXxtMd/1dxcOeBLq4dgU6zOu20ZwII9osV2baQF2g
sNu/M1lToj5orBS4+/lwsupmzmBuIMMyJUiCaQ6/N1hDpw5NIcL+IoBdR/0EkYKi
OCSQAIL6F/hur1N2EBximTOpcRo4NBCCJwGk0ymYYY09BqgUjHorOW9rQy+LW6WA
8e8lymHu7Qn0A9yUOQL9ts29u6kkftdjd8g8DR+NR3tvIc35/C90EiXFk/jpmbmQ
dKtFh/Ip49Ts3VVyuLxMliTaIvNjHA1EFOjl3LSXFKGDyBifwISQbVIxEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKltkmJRuKV5rLqIweujK7gewH8AMB8GA1UdIwQY
MBaAFETS51eKrJT0KWCngNOZbai7RpR3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk5MblY0cXNsUFFwWUtlQTA1bHRxTHRHbEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yZGE0M2QtMzk5Ny00MGE2LWFjY2Qt
ZjZmZDZiZDg1N2I4LzEvcVcyU1lsRzRwWG1zdW9qQjY2TXJ1QjdBZndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yZGE0M2QtMzk5Ny00MGE2LWFjY2QtZjZmZDZiZDg1N2I4
LzEvUk5MblY0cXNsUFFwWUtlQTA1bHRxTHRHbEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq6QAwQB
W84kMA0GCSqGSIb3DQEBCwUAA4IBAQB9/x/1JoTruSe6z/bfb6HLVnXA9ES/EFCn
Ay68HHT0taUcXEklDeWJ7mLCvd3ykivjzI7+ATNPuqN7MitNLmJzPbyt4zmVBlWs
+CJB6laXV1B85kGi/r2vMv0B40o/kK90KiAmf9CwdVBlu4ex07qug9J8okcV1VlH
xnbSP/WrF5h1kAvTs28r/dA6V9T2JFjve6SIrerhMf7e9WWYj6cuHbCsAXdMe24X
tDKkxQwp55c8XPGtNUx0v54qnJIEC8jrjMBz38+vd5Vy0sp7g6cIokqQ6si9pazp
o4V94aHru1L+t6CRyUwu6Uisf0xoLHRJbVISU6c8zkZCf6dRHMt/
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:52 2024 by rpki-client on console.sobornost.net