Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ifdmJWl6sCzGkSnv_6tsUXGtWUY.roa
File: ifdmJWl6sCzGkSnv_6tsUXGtWUY.roa (raw, json)
Hash identifier: u3YIvWabTUiLS58MZ7AHvX58yBZ9xehw3Amxqdl6iL4=
Subject key identifier: 89:F7:66:25:69:7A:B0:2C:C6:91:29:EF:FF:AB:6C:51:71:AD:59:46
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B197E667721C5F058E831223BD19248D7
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ifdmJWl6sCzGkSnv_6tsUXGtWUY.roa
Signing time: Tue 10 Oct 2023 12:09:56 +0000
ROA not before: Tue 10 Oct 2023 12:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47594
IP address blocks: 213.171.1.0/24 maxlen: 24
213.171.2.0/24 maxlen: 24
213.171.0.0/24 maxlen: 24
213.171.11.0/24 maxlen: 24
213.171.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:7e:66:77:21:c5:f0:58:e8:31:22:3b:d1:92:48:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 10 12:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89f76625697ab02cc69129efffab6c5171ad5946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:38:e4:14:a1:8e:71:e5:e8:0f:6a:98:ef:83:
68:66:10:cf:05:73:2c:07:d4:77:59:89:8b:bc:b3:
bb:67:a3:0e:f3:77:94:c2:17:ae:6d:e5:98:ea:a7:
99:06:fd:fc:05:9c:b6:32:b2:79:d0:d3:84:ce:2d:
25:1a:e5:68:5c:03:82:5f:8c:57:ef:96:1a:a9:54:
8b:df:01:aa:8e:a7:df:30:ff:f7:cf:4e:9a:a9:6a:
7f:cb:a0:bf:78:4c:01:4d:bb:1e:bf:1b:ba:49:1b:
d2:69:46:8b:ca:a2:0f:5a:0b:4b:83:94:f9:74:a5:
5e:60:bc:76:dd:81:42:0c:55:36:2a:e1:e0:0f:89:
00:41:1c:49:83:b5:8b:69:44:df:54:82:13:17:2b:
d2:ed:ed:8d:40:c6:b7:11:7d:d5:e1:fe:29:4f:1e:
ee:1d:b5:64:31:1d:7b:d8:35:db:05:0f:d7:06:b0:
69:12:1e:5c:97:ef:80:df:6a:84:62:9c:ae:ea:c5:
51:d6:7a:4f:d5:42:a5:2e:de:e8:61:b3:6f:49:f4:
a4:f5:86:12:27:50:7b:de:e2:a0:52:e5:47:0b:2b:
8c:19:43:bd:a6:4a:32:0f:a9:2a:39:99:80:0d:51:
1e:fb:46:87:4e:2d:91:e1:f4:ee:23:cf:c1:9c:c9:
eb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F7:66:25:69:7A:B0:2C:C6:91:29:EF:FF:AB:6C:51:71:AD:59:46
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ifdmJWl6sCzGkSnv_6tsUXGtWUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.0.0-213.171.2.255
213.171.11.0/24
213.171.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8f:5c:32:cd:92:a4:5c:2b:32:25:f3:fe:e1:59:8e:c0:ab:
29:a8:27:68:c8:af:1b:2f:96:49:e7:af:b8:80:5b:7c:a1:59:
f6:7b:f5:43:84:c6:52:8b:77:34:f4:8d:9a:ee:24:4e:42:7f:
d9:19:a2:36:ae:27:b6:27:d1:08:c9:e3:20:d4:e9:57:8c:d3:
61:04:29:0a:78:ac:72:ee:62:7e:93:f1:93:e2:9b:4e:ad:72:
45:c1:50:49:c2:2b:b9:23:52:de:ff:35:fd:ee:af:7d:7b:e2:
ea:b1:74:69:dc:26:46:72:07:3a:d4:17:4d:d8:ec:1c:de:68:
1f:57:e2:6e:d8:8a:35:a0:44:4d:9d:17:51:5f:8c:1c:1a:9e:
2a:d8:c3:36:ef:c4:e9:60:84:18:95:a9:9a:75:48:3b:bd:c4:
3f:4c:f3:09:1f:8b:72:ed:c0:6d:23:c5:21:0c:64:b1:40:49:
fd:a7:97:7e:ac:69:32:8f:86:0f:a8:b8:bf:4f:bd:ce:e6:9f:
8b:4b:cc:ad:1d:56:92:dd:4b:3b:a0:36:29:1a:a3:77:5e:3b:
e6:98:4b:8d:f1:41:81:78:3d:fb:fc:6c:76:df:93:80:ef:5b:
d4:c3:cc:58:e0:af:e0:9e:30:fd:82:44:df:ec:d7:76:fd:0b:
1f:48:af:75
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYsZfmZ3IcXwWOgxIjvRkkjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDEwMTIwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY3NjYyNTY5N2FiMDJjYzY5MTI5ZWZmZmFiNmM1MTcxYWQ1OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDjkFKGOceXoD2qY74NoZhDPBXMs
B9R3WYmLvLO7Z6MO83eUwheubeWY6qeZBv38BZy2MrJ50NOEzi0lGuVoXAOCX4xX
75YaqVSL3wGqjqffMP/3z06aqWp/y6C/eEwBTbsevxu6SRvSaUaLyqIPWgtLg5T5
dKVeYLx23YFCDFU2KuHgD4kAQRxJg7WLaUTfVIITFyvS7e2NQMa3EX3V4f4pTx7u
HbVkMR172DXbBQ/XBrBpEh5cl++A32qEYpyu6sVR1npP1UKlLt7oYbNvSfSk9YYS
J1B73uKgUuVHCyuMGUO9pkoyD6kqOZmADVEe+0aHTi2R4fTuI8/BnMnrewIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFIn3ZiVperAsxpEp7/+rbFFxrVlGMB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvaWZkbUpXbDZzQ3pHa1Nudl82dHNVWEd0V1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDAwDVqwME
ANWrAgMEANWrCwMEANWrDTANBgkqhkiG9w0BAQsFAAOCAQEAP49cMs2SpFwrMiXz
/uFZjsCrKagnaMivGy+WSeevuIBbfKFZ9nv1Q4TGUot3NPSNmu4kTkJ/2RmiNq4n
tifRCMnjINTpV4zTYQQpCniscu5ifpPxk+KbTq1yRcFQScIruSNS3v81/e6vfXvi
6rF0adwmRnIHOtQXTdjsHN5oH1fibtiKNaBETZ0XUV+MHBqeKtjDNu/E6WCEGJWp
mnVIO73EP0zzCR+Lcu3AbSPFIQxksUBJ/aeXfqxpMo+GD6i4v0+9zuafi0vMrR1W
kt1LO6A2KRqjd1475phLjfFBgXg9+/xsdt+TgO9b1MPMWOCv4J4w/YJE3+zXdv0L
H0ivdQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net