Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/8f4789-963a-4c69-b165-0c501d68975a/1/4vF8V54EVbv43on5Lw-rVdkVSgs.roa
File: 4vF8V54EVbv43on5Lw-rVdkVSgs.roa (raw, json)
Hash identifier: itT5GB0O7geoXrqTBbHfhuR52VDUkxpvsf5j9ell0nA=
Subject key identifier: E2:F1:7C:57:9E:04:55:BB:F8:DE:89:F9:2F:0F:AB:55:D9:15:4A:0B
Certificate issuer: /CN=356e4744731da44f08fa5e92c5eb2a474d49a892
Certificate serial: 01856C1CAAAE15183235F8055C942A0EA0CF
Authority key identifier: 35:6E:47:44:73:1D:A4:4F:08:FA:5E:92:C5:EB:2A:47:4D:49:A8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NW5HRHMdpE8I-l6SxesqR01JqJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/8f4789-963a-4c69-b165-0c501d68975a/1/4vF8V54EVbv43on5Lw-rVdkVSgs.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210007
IP address blocks: 195.69.252.0/23 maxlen: 23
195.69.252.0/22 maxlen: 22
195.69.254.0/23 maxlen: 23
195.69.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:aa:ae:15:18:32:35:f8:05:5c:94:2a:0e:a0:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=356e4744731da44f08fa5e92c5eb2a474d49a892
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2f17c579e0455bbf8de89f92f0fab55d9154a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ca:71:3d:be:cc:33:74:54:e5:e4:f0:46:b2:
3a:8e:75:69:c3:5c:35:b8:4e:bf:ad:34:54:cd:04:
aa:81:e4:00:3d:50:93:71:4d:18:01:a2:95:9d:d7:
6b:68:b9:a2:ef:c8:15:ae:94:b2:16:e6:60:45:1a:
ab:3d:49:40:a7:73:70:02:f4:04:5c:58:cf:fc:8c:
69:19:8f:d8:3b:88:5e:1d:57:39:a3:64:1e:d1:5d:
8f:83:5b:e4:ab:64:c1:b4:1d:bd:47:d1:5c:e1:55:
78:b9:c9:da:fd:53:f4:e0:8f:9d:f9:f9:4e:6f:5d:
cc:2a:92:3b:ae:10:22:55:b0:9d:4f:38:e0:1f:df:
6d:b8:ea:41:90:07:26:fa:64:e5:9b:e0:d4:6e:17:
47:ee:9e:d7:6e:75:5f:b3:2c:68:6b:94:48:ec:8e:
34:71:7d:5d:03:db:42:b7:ab:20:7b:0f:2d:9c:a7:
63:08:e7:0a:d6:cb:15:b5:e6:9e:71:c6:f0:eb:52:
c5:fa:30:58:8f:27:2d:6d:9a:ea:4a:90:5e:7b:36:
8a:6d:40:3a:0a:ec:68:8f:05:70:31:a1:4e:96:9d:
3d:fd:cc:6c:4f:f4:20:18:97:6a:cc:07:09:b8:b7:
46:3e:ea:fd:80:cf:00:71:9b:89:32:dd:5a:97:db:
26:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F1:7C:57:9E:04:55:BB:F8:DE:89:F9:2F:0F:AB:55:D9:15:4A:0B
X509v3 Authority Key Identifier:
keyid:35:6E:47:44:73:1D:A4:4F:08:FA:5E:92:C5:EB:2A:47:4D:49:A8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NW5HRHMdpE8I-l6SxesqR01JqJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8f4789-963a-4c69-b165-0c501d68975a/1/4vF8V54EVbv43on5Lw-rVdkVSgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8f4789-963a-4c69-b165-0c501d68975a/1/NW5HRHMdpE8I-l6SxesqR01JqJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.252.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:69:2d:db:00:c9:cc:13:b3:6a:c0:91:cf:f3:35:cc:3b:12:
6b:64:fd:ec:a5:40:29:df:76:ab:96:a5:3b:0a:ec:bc:53:fd:
fe:8c:3e:de:6b:dc:b1:7a:f6:f7:6b:01:ca:eb:07:ed:3b:dc:
2f:3e:cb:ec:1c:97:77:49:26:e2:7c:71:4d:a2:70:7c:9b:eb:
98:5e:f7:e8:ff:01:57:b0:5b:da:8c:cc:c5:57:48:b3:65:cc:
33:1b:e9:c9:05:b2:6d:60:7a:1c:ea:11:5f:a8:41:96:dd:00:
66:1d:09:d8:53:61:91:30:b2:ec:cd:af:8d:c1:0c:cd:21:f8:
f5:2a:83:9c:c9:e0:a5:95:92:6e:32:d9:17:4c:55:b8:d1:5d:
65:65:a1:32:4f:44:fb:9c:1f:6d:8c:05:3d:6f:86:ba:6b:bd:
f4:c9:81:e7:f0:3a:4e:c7:35:08:69:72:9d:06:20:85:8a:38:
f1:96:d6:84:03:20:6c:43:51:ac:7b:d3:6b:24:6a:80:9c:b6:
b9:27:cb:f5:16:ec:e9:63:9d:59:9a:c9:54:86:ef:11:55:4f:
ca:03:0e:e9:cf:27:fb:4e:1c:2c:6b:cb:4e:4f:9d:0e:d0:ea:
c5:03:85:df:a9:23:b6:71:c6:73:d5:24:0b:7f:65:ad:5c:2e:
78:95:2f:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHKquFRgyNfgFXJQqDqDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NmU0NzQ0NzMxZGE0NGYwOGZhNWU5MmM1ZWIyYTQ3NGQ0
OWE4OTIwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmYxN2M1NzllMDQ1NWJiZjhkZTg5ZjkyZjBmYWI1NWQ5MTU0YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicpxPb7MM3RU5eTwRrI6jnVpw1w1
uE6/rTRUzQSqgeQAPVCTcU0YAaKVnddraLmi78gVrpSyFuZgRRqrPUlAp3NwAvQE
XFjP/IxpGY/YO4heHVc5o2Qe0V2Pg1vkq2TBtB29R9Fc4VV4ucna/VP04I+d+flO
b13MKpI7rhAiVbCdTzjgH99tuOpBkAcm+mTlm+DUbhdH7p7XbnVfsyxoa5RI7I40
cX1dA9tCt6sgew8tnKdjCOcK1ssVteaeccbw61LF+jBYjyctbZrqSpBeezaKbUA6
CuxojwVwMaFOlp09/cxsT/QgGJdqzAcJuLdGPur9gM8AcZuJMt1al9smswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLxfFeeBFW7+N6J+S8Pq1XZFUoLMB8GA1UdIwQY
MBaAFDVuR0RzHaRPCPpeksXrKkdNSaiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlc1SFJITWRwRThJLWw2U3hlc3FSMDFKcUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84ZjQ3ODktOTYzYS00YzY5LWIxNjUt
MGM1MDFkNjg5NzVhLzEvNHZGOFY1NEVWYnY0M29uNUx3LXJWZGtWU2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84ZjQ3ODktOTYzYS00YzY5LWIxNjUtMGM1MDFkNjg5NzVh
LzEvTlc1SFJITWRwRThJLWw2U3hlc3FSMDFKcUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0X8MA0G
CSqGSIb3DQEBCwUAA4IBAQDJaS3bAMnME7NqwJHP8zXMOxJrZP3spUAp33arlqU7
Cuy8U/3+jD7ea9yxevb3awHK6wftO9wvPsvsHJd3SSbifHFNonB8m+uYXvfo/wFX
sFvajMzFV0izZcwzG+nJBbJtYHoc6hFfqEGW3QBmHQnYU2GRMLLsza+NwQzNIfj1
KoOcyeCllZJuMtkXTFW40V1lZaEyT0T7nB9tjAU9b4a6a730yYHn8DpOxzUIaXKd
BiCFijjxltaEAyBsQ1Gse9NrJGqAnLa5J8v1FuzpY51ZmslUhu8RVU/KAw7pzyf7
Thwsa8tOT50O0OrFA4XfqSO2ccZz1SQLf2WtXC54lS//
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net