Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/BGbbe4fqg8o2oKLMVtylsZRltWA.roa
File: BGbbe4fqg8o2oKLMVtylsZRltWA.roa (raw, json)
Hash identifier: zzdocVwQn1visNEcVNYkm2V0vdpNpnzv2PQB2PUzfv8=
Subject key identifier: 04:66:DB:7B:87:EA:83:CA:36:A0:A2:CC:56:DC:A5:B1:94:65:B5:60
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F88753D7FDC4DBDD0B14A581B5D5
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/BGbbe4fqg8o2oKLMVtylsZRltWA.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51486
IP address blocks: 85.14.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f8:87:53:d7:fd:c4:db:dd:0b:14:a5:81:b5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0466db7b87ea83ca36a0a2cc56dca5b19465b560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3c:5c:02:6d:cd:d1:1f:80:e7:3b:da:54:fc:
49:9c:2c:f1:25:de:e6:3a:85:1b:0a:3d:81:62:d1:
3e:52:20:f5:ab:2b:c4:56:6f:c6:0d:2e:4a:fa:b8:
3c:82:1f:0e:d3:4c:44:a1:77:69:61:57:70:6c:2e:
3b:b9:77:5f:30:43:1a:33:ae:18:82:e8:f3:a4:55:
72:77:fa:10:a9:2a:ef:ec:55:55:14:07:ad:5f:1c:
81:96:15:fd:45:3c:b4:e6:c0:d8:43:cc:6c:88:ec:
a1:d5:79:84:64:71:1f:39:71:8b:18:16:c5:6a:a8:
f9:3e:e4:79:e5:35:c9:77:52:03:66:35:60:ba:0f:
25:38:48:2d:cf:df:61:a9:72:e8:00:0b:61:64:01:
0a:9f:39:35:cf:bd:5e:b9:30:00:5a:fb:e3:f2:3f:
74:36:da:9e:1d:a7:09:c4:17:84:c0:07:8b:ac:7b:
c8:b4:a6:eb:26:1b:ae:31:e7:b3:57:92:fd:4d:d8:
be:63:dd:f0:9e:c5:7c:f2:f9:bd:a6:fb:03:12:c1:
a8:92:3b:e2:97:69:cb:75:43:67:bd:95:41:b7:28:
b8:0c:c4:88:73:ef:5e:c3:e3:2b:49:f9:44:29:4e:
c2:66:e4:ea:97:c4:20:2f:d4:2d:2f:bc:83:7a:5f:
44:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:66:DB:7B:87:EA:83:CA:36:A0:A2:CC:56:DC:A5:B1:94:65:B5:60
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/BGbbe4fqg8o2oKLMVtylsZRltWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.18.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:28:c2:4d:a2:12:a0:9d:c8:17:a7:2e:e4:a6:7a:81:a1:54:
ee:70:3a:96:7e:be:3d:a1:ef:3a:ba:a6:18:b5:eb:a9:1d:b4:
a8:cd:cb:2e:cb:3a:6b:c7:01:25:48:f8:ed:7f:de:15:4d:37:
8c:68:a2:ce:44:87:1b:c0:fa:27:14:f9:83:a4:2a:29:a8:a9:
8f:70:88:ba:94:a9:29:47:2d:c5:ea:27:14:54:20:30:22:aa:
e7:47:3a:c1:d4:ef:d1:b0:bf:ff:62:e6:11:c8:c7:25:f4:99:
53:af:e7:12:f4:af:06:68:fc:c7:c5:87:bf:74:11:0c:2d:6f:
f7:ba:93:8f:8a:27:86:2d:31:c4:c6:31:b5:14:5d:b1:cb:f3:
1c:40:f5:b1:a3:c7:34:d4:1c:7e:c1:c2:e9:2a:34:46:4b:53:
7a:bd:f1:53:74:c0:3c:d4:55:71:59:58:16:2a:55:0e:09:d1:
b6:fc:16:0a:6a:f2:63:39:fd:c5:01:4f:8f:6a:e5:d5:84:91:
18:d2:a9:4c:17:61:e4:23:20:cb:e2:c1:7f:06:cb:94:01:bd:
13:7d:1d:20:00:ed:b8:c7:ec:79:98:62:f4:0e:8d:5d:b0:63:
f8:f7:db:cb:54:51:f4:42:af:6e:1e:3a:f0:81:0a:35:69:1a:
af:77:57:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfiHU9f9xNvdCxSlgbXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY2ZGI3Yjg3ZWE4M2NhMzZhMGEyY2M1NmRjYTViMTk0NjViNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTxcAm3N0R+A5zvaVPxJnCzxJd7m
OoUbCj2BYtE+UiD1qyvEVm/GDS5K+rg8gh8O00xEoXdpYVdwbC47uXdfMEMaM64Y
gujzpFVyd/oQqSrv7FVVFAetXxyBlhX9RTy05sDYQ8xsiOyh1XmEZHEfOXGLGBbF
aqj5PuR55TXJd1IDZjVgug8lOEgtz99hqXLoAAthZAEKnzk1z71euTAAWvvj8j90
NtqeHacJxBeEwAeLrHvItKbrJhuuMeezV5L9Tdi+Y93wnsV88vm9pvsDEsGokjvi
l2nLdUNnvZVBtyi4DMSIc+9ew+MrSflEKU7CZuTql8QgL9QtL7yDel9EtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARm23uH6oPKNqCizFbcpbGUZbVgMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvQkdiYmU0ZnFnOG8yb0tMTVZ0eWxzWlJsdFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQ4SMA0G
CSqGSIb3DQEBCwUAA4IBAQCfKMJNohKgncgXpy7kpnqBoVTucDqWfr49oe86uqYY
teupHbSozcsuyzprxwElSPjtf94VTTeMaKLORIcbwPonFPmDpCopqKmPcIi6lKkp
Ry3F6icUVCAwIqrnRzrB1O/RsL//YuYRyMcl9JlTr+cS9K8GaPzHxYe/dBEMLW/3
upOPiieGLTHExjG1FF2xy/McQPWxo8c01Bx+wcLpKjRGS1N6vfFTdMA81FVxWVgW
KlUOCdG2/BYKavJjOf3FAU+PauXVhJEY0qlMF2HkIyDL4sF/BsuUAb0TfR0gAO24
x+x5mGL0Do1dsGP499vLVFH0Qq9uHjrwgQo1aRqvd1d+
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net