Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/kcfNeSspKL3IXgyQ3FL6kP_Rt-M.roa
File: kcfNeSspKL3IXgyQ3FL6kP_Rt-M.roa (raw, json)
Hash identifier: UJppPDSrj/txQO3sxNT2uBJttcCB8940qvc9IkRG3cs=
Subject key identifier: 91:C7:CD:79:2B:29:28:BD:C8:5E:0C:90:DC:52:FA:90:FF:D1:B7:E3
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 01856E6FB69D008A34A8EF4B3D3210478281
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/kcfNeSspKL3IXgyQ3FL6kP_Rt-M.roa
Signing time: Sun 01 Jan 2023 17:44:53 +0000
ROA not before: Sun 01 Jan 2023 17:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61236
IP address blocks: 91.238.72.0/23 maxlen: 24
185.14.104.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b6:9d:00:8a:34:a8:ef:4b:3d:32:10:47:82:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jan 1 17:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c7cd792b2928bdc85e0c90dc52fa90ffd1b7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:81:99:27:52:2e:ea:81:f2:ad:5a:d3:ee:55:
99:19:78:f7:63:c7:39:1c:80:53:30:0e:c9:c0:e9:
e6:c1:14:1a:8a:4f:d3:59:a7:5d:56:30:95:74:b3:
99:2b:75:c7:f3:7d:85:86:64:69:4a:33:d0:2f:88:
51:41:37:2d:14:a2:42:d7:b8:98:e6:48:c2:ae:85:
22:56:91:9d:a8:24:c4:45:97:7c:88:40:08:ec:63:
7b:88:6d:3c:db:0f:e4:11:f1:79:87:da:42:97:3b:
1b:42:54:02:85:dc:0a:7a:08:77:e9:24:ca:47:a3:
07:0f:cf:1d:41:6b:53:d0:84:a0:72:51:cc:3b:49:
71:dc:4c:0b:e1:bf:5e:b0:1b:2f:dd:45:c3:dd:3c:
32:cf:dc:03:75:64:cc:fb:ef:d6:9e:e9:61:b5:f3:
54:a7:fd:4b:81:db:b2:4f:16:ff:ab:5f:ec:7e:8d:
64:94:89:ca:1c:08:6e:af:89:91:c3:14:7e:73:d1:
dd:9c:30:a6:9d:a9:09:46:d5:27:69:1e:47:db:3c:
34:1d:6c:e2:ee:79:0d:7b:e5:94:96:bc:32:18:5a:
a2:2d:a6:87:a0:16:c3:24:c0:1e:53:e1:3a:98:9d:
bc:0d:8e:54:05:97:33:2b:a0:22:dd:39:40:4b:50:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C7:CD:79:2B:29:28:BD:C8:5E:0C:90:DC:52:FA:90:FF:D1:B7:E3
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/kcfNeSspKL3IXgyQ3FL6kP_Rt-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.72.0/23
185.14.104.0/22
Signature Algorithm: sha256WithRSAEncryption
91:3e:07:49:bf:66:af:d9:62:5d:0f:65:1a:22:54:b9:18:4a:
63:19:64:56:dd:2f:ba:52:fb:d0:98:56:f2:eb:b5:6e:58:77:
a1:3b:2b:c8:0e:0b:97:18:34:c9:5c:cd:57:ab:cb:72:ae:bb:
f9:21:aa:52:48:64:af:71:20:6c:3f:25:45:cd:81:19:d3:eb:
f4:e2:51:80:f6:a6:68:d4:ac:d5:4d:19:b2:34:57:39:35:55:
40:f1:84:a1:9f:f8:90:84:0d:6d:f2:c0:fb:ea:d7:f1:c0:5c:
9d:b9:eb:d6:2d:65:b8:d4:90:f7:96:93:1d:87:d6:35:59:58:
32:a4:ec:26:3e:62:35:57:b7:c9:be:59:91:f4:8d:96:97:fd:
42:49:82:40:f7:d7:08:07:de:8f:d5:e6:77:a3:da:99:9a:2a:
ae:fb:2c:f5:a3:c9:ef:a7:fb:42:24:96:5b:a9:82:b2:d1:ea:
dd:1c:65:20:15:9e:fe:c5:78:c5:78:a5:aa:91:60:aa:f9:5a:
23:a0:c7:16:cf:12:0d:4f:3c:a4:5e:5f:e6:7f:07:52:3b:fb:
73:78:b6:9d:e7:37:b3:ab:ef:50:87:3a:b7:57:aa:4e:74:b6:
66:09:63:65:57:78:3d:76:6b:e6:87:21:c8:74:66:58:91:26:
db:9d:7a:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVub7adAIo0qO9LPTIQR4KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM3Y2Q3OTJiMjkyOGJkYzg1ZTBjOTBkYzUyZmE5MGZmZDFiN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoGZJ1Iu6oHyrVrT7lWZGXj3Y8c5
HIBTMA7JwOnmwRQaik/TWaddVjCVdLOZK3XH832FhmRpSjPQL4hRQTctFKJC17iY
5kjCroUiVpGdqCTERZd8iEAI7GN7iG082w/kEfF5h9pClzsbQlQChdwKegh36STK
R6MHD88dQWtT0ISgclHMO0lx3EwL4b9esBsv3UXD3Twyz9wDdWTM++/WnulhtfNU
p/1LgduyTxb/q1/sfo1klInKHAhur4mRwxR+c9HdnDCmnakJRtUnaR5H2zw0HWzi
7nkNe+WUlrwyGFqiLaaHoBbDJMAeU+E6mJ28DY5UBZczK6Ai3TlAS1AHxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJHHzXkrKSi9yF4MkNxS+pD/0bfjMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEva2NmTmVTc3BLTDNJWGd5UTNGTDZrUF9SdC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+5IAwQC
uQ5oMA0GCSqGSIb3DQEBCwUAA4IBAQCRPgdJv2av2WJdD2UaIlS5GEpjGWRW3S+6
UvvQmFby67VuWHehOyvIDguXGDTJXM1Xq8tyrrv5IapSSGSvcSBsPyVFzYEZ0+v0
4lGA9qZo1KzVTRmyNFc5NVVA8YShn/iQhA1t8sD76tfxwFyduevWLWW41JD3lpMd
h9Y1WVgypOwmPmI1V7fJvlmR9I2Wl/1CSYJA99cIB96P1eZ3o9qZmiqu+yz1o8nv
p/tCJJZbqYKy0erdHGUgFZ7+xXjFeKWqkWCq+VojoMcWzxINTzykXl/mfwdSO/tz
eLad5zezq+9Qhzq3V6pOdLZmCWNlV3g9dmvmhyHIdGZYkSbbnXpj
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:41 2024 by rpki-client on console.sobornost.net