Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/0-i5kJvIqUmQTJ2XP1q-2EHfurE.roa
File: 0-i5kJvIqUmQTJ2XP1q-2EHfurE.roa (raw, json)
Hash identifier: cgNYHP900PXTwl1YH9/KovGk3cP6NiZHQQKXHRPJXL4=
Subject key identifier: D3:E8:B9:90:9B:C8:A9:49:90:4C:9D:97:3F:5A:BE:D8:41:DF:BA:B1
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B19890A430431C8DF4875A54E1C4DC005
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/0-i5kJvIqUmQTJ2XP1q-2EHfurE.roa
Signing time: Tue 10 Oct 2023 12:21:33 +0000
ROA not before: Tue 10 Oct 2023 12:21:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 213.171.10.0/24 maxlen: 24
213.171.12.0/24 maxlen: 24
213.171.14.0/24 maxlen: 24
213.171.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:89:0a:43:04:31:c8:df:48:75:a5:4e:1c:4d:c0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 10 12:21:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3e8b9909bc8a949904c9d973f5abed841dfbab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:46:9a:1a:3a:68:96:42:99:52:fa:ad:7b:01:
1f:e7:bd:f4:fd:b9:8c:e4:02:7b:5e:b3:e5:33:9e:
ef:e7:1f:73:ac:3e:24:71:83:58:3c:70:75:0a:6c:
dc:1d:1c:b5:a8:4e:f5:12:fa:27:cd:5e:01:a3:2d:
a7:aa:1b:1a:00:8c:23:28:8c:98:b0:78:db:6f:f7:
50:98:72:a3:9a:96:93:56:fe:b2:67:49:6f:06:ae:
7f:54:98:f4:89:79:bf:62:04:01:3b:d5:b7:02:f5:
f8:e5:43:25:4a:f3:00:f4:b0:02:c9:c3:44:45:e5:
c6:e4:98:04:00:e8:56:42:be:54:38:5c:92:6c:33:
0b:28:48:cd:c4:bd:3b:3d:83:0c:6c:73:e7:0d:77:
78:01:89:0a:6a:30:8f:08:1f:d4:66:05:cb:55:ee:
8d:43:db:3d:06:78:01:79:9f:0f:5d:fb:15:0a:b2:
eb:06:79:96:6e:e8:d4:35:46:0c:67:73:58:07:9b:
2b:99:eb:27:d9:08:7b:91:6b:af:85:34:3f:05:11:
25:7b:94:75:12:78:b4:3f:03:b6:ba:93:cf:86:e9:
41:b3:bd:74:d2:86:0a:96:e6:c6:d0:ca:bf:03:52:
ac:00:29:a4:f9:7f:fc:ca:62:59:52:e2:c1:2d:20:
8b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E8:B9:90:9B:C8:A9:49:90:4C:9D:97:3F:5A:BE:D8:41:DF:BA:B1
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/0-i5kJvIqUmQTJ2XP1q-2EHfurE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.10.0/24
213.171.12.0/24
213.171.14.0/23
Signature Algorithm: sha256WithRSAEncryption
69:1a:85:4f:c3:ec:08:d4:32:9b:34:52:49:9c:df:72:bb:c7:
da:0d:f9:c2:9d:5f:5f:69:2c:6d:84:0c:f9:53:71:67:38:4f:
27:f6:b7:af:5b:15:ca:6d:af:28:d6:f6:fa:b5:05:42:40:16:
75:05:d4:5c:5c:e2:10:35:cd:f2:6d:86:41:17:fa:b2:d8:d1:
3b:58:c7:61:91:57:54:85:b0:09:2d:a4:1a:17:76:ea:3f:ed:
c2:40:67:10:c3:e3:53:4a:f1:4c:28:de:dd:86:42:90:2e:87:
2c:de:56:77:01:4a:32:f6:52:d4:ae:e7:13:07:4d:1c:18:ed:
42:25:70:74:bb:8e:12:c6:d0:7a:05:7e:23:0b:d5:c7:8f:1b:
f9:9b:a7:2e:ed:a7:95:51:64:9c:20:bf:08:b7:a0:79:07:97:
31:68:d3:bd:0c:e5:77:92:ae:18:be:8a:82:95:1f:ba:53:3c:
ba:87:e7:27:ed:6f:8f:c2:c2:12:f0:99:dc:a2:f6:08:fe:ec:
27:3b:9f:57:88:e2:32:5c:25:2b:c3:5f:e3:f1:bb:f0:2f:22:
64:af:bd:6a:9a:41:ed:76:09:21:e9:c6:11:79:6e:6d:23:54:
a6:bb:cd:c7:85:31:38:e0:41:ea:7c:65:57:81:f8:a1:ed:3f:
fc:78:ab:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsZiQpDBDHI30h1pU4cTcAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDEwMTIyMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U4Yjk5MDliYzhhOTQ5OTA0YzlkOTczZjVhYmVkODQxZGZiYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50aaGjpolkKZUvqtewEf5730/bmM
5AJ7XrPlM57v5x9zrD4kcYNYPHB1CmzcHRy1qE71EvonzV4Boy2nqhsaAIwjKIyY
sHjbb/dQmHKjmpaTVv6yZ0lvBq5/VJj0iXm/YgQBO9W3AvX45UMlSvMA9LACycNE
ReXG5JgEAOhWQr5UOFySbDMLKEjNxL07PYMMbHPnDXd4AYkKajCPCB/UZgXLVe6N
Q9s9BngBeZ8PXfsVCrLrBnmWbujUNUYMZ3NYB5srmesn2Qh7kWuvhTQ/BREle5R1
Eni0PwO2upPPhulBs7100oYKlubG0Mq/A1KsACmk+X/8ymJZUuLBLSCL5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNPouZCbyKlJkEydlz9avthB37qxMB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvMC1pNWtKdklxVW1RVEoyWFAxcS0yRUhmdXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1asKAwQA
1asMAwQB1asOMA0GCSqGSIb3DQEBCwUAA4IBAQBpGoVPw+wI1DKbNFJJnN9yu8fa
DfnCnV9faSxthAz5U3FnOE8n9revWxXKba8o1vb6tQVCQBZ1BdRcXOIQNc3ybYZB
F/qy2NE7WMdhkVdUhbAJLaQaF3bqP+3CQGcQw+NTSvFMKN7dhkKQLocs3lZ3AUoy
9lLUrucTB00cGO1CJXB0u44SxtB6BX4jC9XHjxv5m6cu7aeVUWScIL8It6B5B5cx
aNO9DOV3kq4YvoqClR+6Uzy6h+cn7W+PwsIS8JncovYI/uwnO59XiOIyXCUrw1/j
8bvwLyJkr71qmkHtdgkh6cYReW5tI1Smu83HhTE44EHqfGVXgfih7T/8eKtu
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net