Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/OJ_DLkJ7qwkCUwkZUgrsYgjD484.roa
File: OJ_DLkJ7qwkCUwkZUgrsYgjD484.roa (raw, json)
Hash identifier: J6/KZQGm8C7QNC7nvbNpJBQ+VRzUDo/gyTyjpIH9Gd8=
Subject key identifier: 38:9F:C3:2E:42:7B:AB:09:02:53:09:19:52:0A:EC:62:08:C3:E3:CE
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857316006DC1FC7D1B0321EB04A74F2072
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/OJ_DLkJ7qwkCUwkZUgrsYgjD484.roa
Signing time: Mon 02 Jan 2023 15:24:59 +0000
ROA not before: Mon 02 Jan 2023 15:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206645
IP address blocks: 85.14.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:00:6d:c1:fc:7d:1b:03:21:eb:04:a7:4f:20:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=389fc32e427bab0902530919520aec6208c3e3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:45:a2:72:f7:c6:d2:58:c7:5c:9f:91:29:
83:c5:5d:d4:8b:01:66:ee:43:29:2b:21:59:82:bd:
10:0b:ae:84:28:cd:f8:ff:54:65:91:30:fe:3b:e8:
e3:12:80:cb:da:a4:8a:6e:00:23:b9:60:88:71:4b:
f7:40:df:5b:76:66:c4:1c:df:b9:c5:19:ed:70:1f:
1f:50:23:a2:ad:f3:79:c1:e5:a7:ab:a1:0c:a6:f9:
32:22:ae:4f:3c:f9:a6:5f:ff:e5:88:b5:a4:2d:88:
b3:57:fc:e7:c2:be:1b:05:79:85:69:89:08:cf:1e:
ce:e6:88:14:e4:ad:d3:d1:cd:e4:c6:f3:09:79:02:
97:23:70:7f:b3:44:49:02:18:bc:8c:04:cb:19:2e:
e9:65:c9:3b:11:3a:e4:5b:10:b9:65:07:e4:40:97:
4d:50:49:c3:99:c0:bc:4f:4b:cf:19:fe:6b:47:74:
3e:4e:54:21:42:d7:7a:bb:11:c9:59:8b:c0:58:ea:
cb:44:a0:50:fd:65:83:f7:e0:95:b2:31:d3:37:cd:
0e:71:b5:4e:01:9e:79:38:ab:9c:be:00:ce:66:fa:
70:7d:de:86:31:70:56:2b:78:88:ce:ee:6c:ea:c8:
ae:c0:f4:45:ea:99:88:43:de:bb:ac:47:e3:ac:5f:
fa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9F:C3:2E:42:7B:AB:09:02:53:09:19:52:0A:EC:62:08:C3:E3:CE
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/OJ_DLkJ7qwkCUwkZUgrsYgjD484.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.37.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f5:96:fb:2f:c6:34:ce:32:ac:39:b4:e7:2e:55:59:f5:42:
b4:65:e9:c4:2e:a9:ac:e7:42:8c:7a:96:ff:a1:fe:7f:38:d9:
e4:59:03:64:6e:c7:2b:ad:90:7a:72:de:7b:cf:7d:6f:49:7d:
d8:6d:22:92:bb:6e:63:07:00:93:95:ae:ab:95:36:8c:3c:60:
90:10:b5:95:f4:a8:ca:fc:c9:86:ee:8b:57:a4:9e:f9:3c:28:
16:94:65:83:ce:d8:ce:1c:f4:83:8f:e2:17:df:c1:85:9f:b3:
fe:62:72:e5:bc:87:dd:85:16:05:70:36:e0:65:74:3f:30:8b:
d0:d7:62:3a:70:63:ec:b0:27:bb:ad:60:77:02:b6:81:2c:13:
12:b2:eb:e5:e8:a3:ee:02:12:06:49:64:9b:17:41:ea:ba:8d:
dc:d6:e2:8f:6a:a7:7d:d6:d8:aa:5f:d9:d3:6b:47:dc:7f:5c:
f7:8b:bb:a9:f6:bd:76:46:9d:e8:d3:c8:0a:ef:e2:11:cb:ed:
8e:5b:28:43:16:14:6a:21:e7:b8:4b:80:71:33:68:98:1b:58:
3c:c7:57:2b:dd:34:8a:a6:9c:c3:8a:4b:91:f9:cd:78:68:bf:
3c:3f:ea:02:46:5d:9d:82:27:f3:aa:17:34:21:db:e9:d8:47:
d6:48:e4:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFgBtwfx9GwMh6wSnTyByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODlmYzMyZTQyN2JhYjA5MDI1MzA5MTk1MjBhZWM2MjA4YzNlM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUNFonL3xtJYx1yfkSmDxV3UiwFm
7kMpKyFZgr0QC66EKM34/1RlkTD+O+jjEoDL2qSKbgAjuWCIcUv3QN9bdmbEHN+5
xRntcB8fUCOirfN5weWnq6EMpvkyIq5PPPmmX//liLWkLYizV/znwr4bBXmFaYkI
zx7O5ogU5K3T0c3kxvMJeQKXI3B/s0RJAhi8jATLGS7pZck7ETrkWxC5ZQfkQJdN
UEnDmcC8T0vPGf5rR3Q+TlQhQtd6uxHJWYvAWOrLRKBQ/WWD9+CVsjHTN80OcbVO
AZ55OKucvgDOZvpwfd6GMXBWK3iIzu5s6siuwPRF6pmIQ967rEfjrF/6RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDifwy5Ce6sJAlMJGVIK7GIIw+POMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvT0pfRExrSjdxd2tDVXdrWlVncnNZZ2pENDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQ4lMA0G
CSqGSIb3DQEBCwUAA4IBAQAe9Zb7L8Y0zjKsObTnLlVZ9UK0ZenELqms50KMepb/
of5/ONnkWQNkbscrrZB6ct57z31vSX3YbSKSu25jBwCTla6rlTaMPGCQELWV9KjK
/MmG7otXpJ75PCgWlGWDztjOHPSDj+IX38GFn7P+YnLlvIfdhRYFcDbgZXQ/MIvQ
12I6cGPssCe7rWB3AraBLBMSsuvl6KPuAhIGSWSbF0Hquo3c1uKPaqd91tiqX9nT
a0fcf1z3i7up9r12Rp3o08gK7+IRy+2OWyhDFhRqIee4S4BxM2iYG1g8x1cr3TSK
ppzDikuR+c14aL88P+oCRl2dgifzqhc0Idvp2EfWSOQD
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net