Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/S1rK7pk3n_R34Y4xAtIiJ_Nnh1o.roa
File: S1rK7pk3n_R34Y4xAtIiJ_Nnh1o.roa (raw, json)
Hash identifier: +UKAzze3Fq4tN0PpElH9QcdIO8OjU71LA7+myYeX0c4=
Subject key identifier: 4B:5A:CA:EE:99:37:9F:F4:77:E1:8E:31:02:D2:22:27:F3:67:87:5A
Certificate issuer: /CN=385206ac08d840c28bf4ac56899f2a28f8fdccc5
Certificate serial: 018BA92FB52388FDFDD65AD348D2F2942015
Authority key identifier: 38:52:06:AC:08:D8:40:C2:8B:F4:AC:56:89:9F:2A:28:F8:FD:CC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/S1rK7pk3n_R34Y4xAtIiJ_Nnh1o.roa
Signing time: Tue 07 Nov 2023 09:49:17 +0000
ROA not before: Tue 07 Nov 2023 09:49:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200939
IP address blocks: 185.42.142.0/24 maxlen: 24
185.42.142.0/23 maxlen: 23
185.42.143.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:2f:b5:23:88:fd:fd:d6:5a:d3:48:d2:f2:94:20:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385206ac08d840c28bf4ac56899f2a28f8fdccc5
Validity
Not Before: Nov 7 09:49:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5acaee99379ff477e18e3102d22227f367875a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:ac:11:5c:60:fe:44:7a:f9:ab:e8:a7:11:
40:bf:6a:bc:55:3f:dd:e1:24:15:df:fb:4e:66:5c:
9f:2f:58:82:7c:14:ab:df:c1:86:42:a4:eb:4d:eb:
71:09:6e:86:97:6b:5f:3c:83:7c:f7:4e:1a:2d:b1:
2a:18:3d:12:74:e0:0f:3e:7a:5b:0e:17:a7:c3:75:
83:33:d5:a2:2d:8b:18:38:cf:82:24:15:34:50:f8:
2b:e8:ff:75:2e:1c:23:cc:70:6b:60:32:c3:7e:84:
bf:c5:93:b5:c8:a2:64:20:6a:78:e0:71:b3:19:d4:
08:b5:e0:02:02:82:f4:4b:8c:b5:7a:33:08:31:80:
50:48:2c:f1:ca:00:b4:6b:ab:32:50:3b:45:5b:7e:
92:8c:01:28:e9:ae:e6:e5:3f:9b:f8:c1:d5:e9:60:
d3:50:28:90:72:08:42:ff:9c:5e:af:cb:a9:ef:6c:
d0:2a:ba:b3:7d:c6:73:4e:f5:3b:6d:6a:58:c2:17:
c4:c6:ac:82:9d:81:69:a9:2b:45:1e:af:df:73:8d:
0d:d0:df:9f:de:b8:15:f0:bb:fb:12:e2:c2:a4:5c:
08:da:2f:84:50:72:11:de:33:c4:99:09:c7:df:ac:
9c:77:63:e7:d1:53:45:f7:a5:95:1e:e7:10:38:68:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5A:CA:EE:99:37:9F:F4:77:E1:8E:31:02:D2:22:27:F3:67:87:5A
X509v3 Authority Key Identifier:
keyid:38:52:06:AC:08:D8:40:C2:8B:F4:AC:56:89:9F:2A:28:F8:FD:CC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/S1rK7pk3n_R34Y4xAtIiJ_Nnh1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/f95969-67ef-408e-a743-e1eb79899242/1/OFIGrAjYQMKL9KxWiZ8qKPj9zMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.142.0/23
Signature Algorithm: sha256WithRSAEncryption
56:28:b3:d6:fd:19:86:48:40:3e:f6:2c:42:ee:d6:21:37:bf:
81:0b:9f:86:9f:ad:b6:b0:dc:a7:0c:07:55:b3:f9:58:ea:74:
a6:6b:80:57:8a:48:7f:23:72:b2:a6:f8:28:60:dc:00:46:fd:
d4:1a:ed:54:de:ab:c4:b4:d6:22:31:1b:4f:2d:23:64:7b:89:
81:ca:29:bc:d7:5b:ac:e6:2d:2d:c3:3b:b3:9e:2b:8e:0e:96:
f4:57:c5:3b:72:e1:ae:52:30:ed:c6:42:0f:2e:c0:25:49:a6:
7b:86:83:03:54:ae:1c:98:b0:99:d2:22:fd:a5:db:17:99:1a:
9e:26:c0:cd:b1:3b:66:f6:e1:fb:3f:c0:78:c6:a1:ef:fb:68:
37:a9:06:4a:ef:d5:be:1f:60:7a:2d:79:46:47:43:69:48:12:
19:b3:39:dc:3e:ed:31:a1:c6:01:c8:d5:47:c7:e6:98:c0:11:
eb:cc:33:0e:f6:ee:be:fd:ae:f4:81:a3:af:06:92:e8:0f:25:
98:0a:7d:5e:d2:10:fc:ae:33:af:a9:7a:fe:df:7c:cd:45:38:
76:ce:0e:45:d3:20:f5:c5:b8:6d:03:27:cf:ef:0b:ec:a2:73:
a7:44:2d:cb:47:e4:1d:af:61:40:ea:a6:b6:0a:79:ff:93:ef:
8c:94:d7:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYupL7UjiP391lrTSNLylCAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTIwNmFjMDhkODQwYzI4YmY0YWM1Njg5OWYyYTI4Zjhm
ZGNjYzUwHhcNMjMxMTA3MDk0OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVhY2FlZTk5Mzc5ZmY0NzdlMThlMzEwMmQyMjIyN2YzNjc4NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBCsEVxg/kR6+avopxFAv2q8VT/d
4SQV3/tOZlyfL1iCfBSr38GGQqTrTetxCW6Gl2tfPIN8904aLbEqGD0SdOAPPnpb
Dhenw3WDM9WiLYsYOM+CJBU0UPgr6P91LhwjzHBrYDLDfoS/xZO1yKJkIGp44HGz
GdQIteACAoL0S4y1ejMIMYBQSCzxygC0a6syUDtFW36SjAEo6a7m5T+b+MHV6WDT
UCiQcghC/5xer8up72zQKrqzfcZzTvU7bWpYwhfExqyCnYFpqStFHq/fc40N0N+f
3rgV8Lv7EuLCpFwI2i+EUHIR3jPEmQnH36ycd2Pn0VNF96WVHucQOGh8DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtayu6ZN5/0d+GOMQLSIifzZ4daMB8GA1UdIwQY
MBaAFDhSBqwI2EDCi/SsVomfKij4/czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZJR3JBallRTUtMOUt4V2laOHFLUGo5ek1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9mOTU5NjktNjdlZi00MDhlLWE3NDMt
ZTFlYjc5ODk5MjQyLzEvUzFySzdwazNuX1IzNFk0eEF0SWlKX05uaDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9mOTU5NjktNjdlZi00MDhlLWE3NDMtZTFlYjc5ODk5MjQy
LzEvT0ZJR3JBallRTUtMOUt4V2laOHFLUGo5ek1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSqOMA0G
CSqGSIb3DQEBCwUAA4IBAQBWKLPW/RmGSEA+9ixC7tYhN7+BC5+Gn622sNynDAdV
s/lY6nSma4BXikh/I3KypvgoYNwARv3UGu1U3qvEtNYiMRtPLSNke4mByim811us
5i0twzuzniuODpb0V8U7cuGuUjDtxkIPLsAlSaZ7hoMDVK4cmLCZ0iL9pdsXmRqe
JsDNsTtm9uH7P8B4xqHv+2g3qQZK79W+H2B6LXlGR0NpSBIZszncPu0xocYByNVH
x+aYwBHrzDMO9u6+/a70gaOvBpLoDyWYCn1e0hD8rjOvqXr+33zNRTh2zg5F0yD1
xbhtAyfP7wvsonOnRC3LR+Qdr2FA6qa2Cnn/k++MlNcx
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:06 2024 by rpki-client on console.sobornost.net