Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ySKiEcawZXmTxe3c0Y1A067H5ng.roa
File: ySKiEcawZXmTxe3c0Y1A067H5ng.roa (raw, json)
Hash identifier: O5od3EfwDMBuURR1JaLDMIq/tGkXKeqvCdmc6sVL4pY=
Subject key identifier: C9:22:A2:11:C6:B0:65:79:93:C5:ED:DC:D1:8D:40:D3:AE:C7:E6:78
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B19890A0F5BB1C1E62311FDA213654F4C
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ySKiEcawZXmTxe3c0Y1A067H5ng.roa
Signing time: Tue 10 Oct 2023 12:21:32 +0000
ROA not before: Tue 10 Oct 2023 12:21:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47594
IP address blocks: 213.171.1.0/24 maxlen: 24
213.171.2.0/24 maxlen: 24
213.171.0.0/24 maxlen: 24
213.171.11.0/24 maxlen: 24
213.171.13.0/24 maxlen: 24
213.171.16.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:89:0a:0f:5b:b1:c1:e6:23:11:fd:a2:13:65:4f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 10 12:21:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c922a211c6b0657993c5eddcd18d40d3aec7e678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0d:e0:78:cf:e2:1b:c4:ff:bc:ac:38:20:8f:
2f:32:bf:0e:92:f1:2a:fd:1d:07:7d:f4:97:d8:ba:
2f:d7:0c:a5:73:53:2e:f5:98:31:72:19:ee:e8:70:
da:f7:f8:0f:ee:01:3c:ab:89:e4:7d:1e:5c:f3:a5:
4a:be:0c:3d:18:c3:f0:46:ad:6e:89:17:5b:b4:f6:
dc:5a:a6:e6:1d:ee:b8:27:40:0d:55:1d:9d:cd:33:
d8:0c:3d:f2:a5:74:b8:b4:9f:2a:9f:6e:05:26:86:
26:77:25:0b:14:c3:ee:89:ff:c2:ed:6a:b0:9a:88:
78:a6:b0:ba:52:74:dc:dd:a1:82:01:5f:9f:30:2b:
c0:de:05:0b:20:0a:3e:b8:96:67:6b:83:97:13:6b:
c2:72:66:7a:f9:67:0a:98:28:35:41:df:24:51:4e:
78:fe:d5:13:ac:f3:ea:c2:20:11:e2:b1:15:7a:3f:
5e:ad:26:d8:c9:f7:f6:42:d5:fd:1f:c9:14:cc:41:
72:5b:56:10:6e:1b:d7:95:d9:5e:9d:55:26:0e:d6:
a3:dd:82:5a:1f:5a:81:06:73:8c:c7:89:3b:f4:01:
95:6c:08:28:6c:8e:19:98:1c:f5:a9:68:9b:57:83:
d6:f9:57:76:2f:06:24:c5:5e:34:f7:7e:99:40:5c:
e4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:22:A2:11:C6:B0:65:79:93:C5:ED:DC:D1:8D:40:D3:AE:C7:E6:78
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/ySKiEcawZXmTxe3c0Y1A067H5ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.0.0-213.171.2.255
213.171.11.0/24
213.171.13.0/24
213.171.16.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:0e:4b:9e:fe:17:4c:a4:ef:38:7a:7e:e2:49:4d:e4:85:93:
86:68:81:dc:70:d4:eb:6d:14:76:83:1a:ed:6d:75:17:a5:6f:
da:98:e6:87:88:f5:96:9f:24:8e:65:4b:a0:61:a7:07:30:16:
87:80:b0:1e:fc:c5:c4:5e:6f:37:7a:bc:df:58:ff:11:ca:b3:
31:35:02:ff:8e:eb:ca:56:46:df:90:0f:b1:01:89:4b:cd:3e:
a9:ce:ec:7d:c3:d4:ba:d1:46:1c:9c:c2:d6:9b:35:7f:a8:d1:
69:9c:0d:d3:db:ee:b2:fe:32:83:88:9a:42:8b:2e:3e:16:ee:
fe:40:1e:1e:eb:0f:8b:d4:e0:17:65:10:56:6d:33:f2:36:c1:
26:b8:1d:20:56:9b:33:3a:a4:24:a9:3f:f6:42:c8:32:7f:c3:
cf:b6:96:42:4c:9b:5c:80:37:6a:47:2e:f7:eb:0e:22:c5:21:
fd:09:e1:39:0c:2d:eb:4a:2f:9b:6d:bd:04:be:ce:34:c5:22:
0e:bf:40:c3:78:2f:2f:68:e2:a6:fe:fe:ca:cb:65:3e:0f:13:
16:53:3d:8f:50:dd:34:5f:30:97:39:19:10:ad:cc:ea:32:55:
d9:7b:f1:d4:61:e1:68:0d:1b:8f:83:85:a9:c9:19:80:ae:cc:
30:50:b0:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYsZiQoPW7HB5iMR/aITZU9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDEwMTIyMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTIyYTIxMWM2YjA2NTc5OTNjNWVkZGNkMThkNDBkM2FlYzdlNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ3geM/iG8T/vKw4II8vMr8OkvEq
/R0HffSX2Lov1wylc1Mu9Zgxchnu6HDa9/gP7gE8q4nkfR5c86VKvgw9GMPwRq1u
iRdbtPbcWqbmHe64J0ANVR2dzTPYDD3ypXS4tJ8qn24FJoYmdyULFMPuif/C7Wqw
moh4prC6UnTc3aGCAV+fMCvA3gULIAo+uJZna4OXE2vCcmZ6+WcKmCg1Qd8kUU54
/tUTrPPqwiAR4rEVej9erSbYyff2QtX9H8kUzEFyW1YQbhvXldlenVUmDtaj3YJa
H1qBBnOMx4k79AGVbAgobI4ZmBz1qWibV4PW+Vd2LwYkxV40936ZQFzkgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkiohHGsGV5k8Xt3NGNQNOux+Z4MB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEveVNLaUVjYXdaWG1UeGUzYzBZMUEwNjdINW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfMAsDAwDVqwME
ANWrAgMEANWrCwMEANWrDQMEBNWrEDANBgkqhkiG9w0BAQsFAAOCAQEAHQ5Lnv4X
TKTvOHp+4klN5IWThmiB3HDU620UdoMa7W11F6Vv2pjmh4j1lp8kjmVLoGGnBzAW
h4CwHvzFxF5vN3q831j/EcqzMTUC/47rylZG35APsQGJS80+qc7sfcPUutFGHJzC
1ps1f6jRaZwN09vusv4yg4iaQosuPhbu/kAeHusPi9TgF2UQVm0z8jbBJrgdIFab
MzqkJKk/9kLIMn/Dz7aWQkybXIA3akcu9+sOIsUh/QnhOQwt60ovm229BL7ONMUi
Dr9Aw3gvL2jipv7+ystlPg8TFlM9j1DdNF8wlzkZEK3M6jJV2Xvx1GHhaA0bj4OF
qckZgK7MMFCwaw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net