Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UENfHvhwCNLQXlsEKQiyL6tgn8I.roa
File: UENfHvhwCNLQXlsEKQiyL6tgn8I.roa (raw, json)
Hash identifier: 78vNPiDvhzUT4CM8/iVoUszC7nJOXx80CE/PUha4M10=
Subject key identifier: 50:43:5F:1E:F8:70:08:D2:D0:5E:5B:04:29:08:B2:2F:AB:60:9F:C2
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F3A995616C82D7E256F0314A4A67
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UENfHvhwCNLQXlsEKQiyL6tgn8I.roa
Signing time: Mon 02 Jan 2023 15:24:56 +0000
ROA not before: Mon 02 Jan 2023 15:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35503
IP address blocks: 89.252.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f3:a9:95:61:6c:82:d7:e2:56:f0:31:4a:4a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50435f1ef87008d2d05e5b042908b22fab609fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9f:e7:67:39:ea:5e:9e:7b:f3:2b:c2:bb:b6:
16:58:cc:e2:7b:68:ba:2a:90:5f:75:43:f5:51:a5:
ac:8e:bc:b0:14:77:85:fd:40:5f:80:06:60:a4:e7:
c6:09:4d:ca:71:2a:bf:64:bc:d1:9e:13:b0:e8:04:
69:38:f8:82:49:fe:d3:a3:85:51:fa:a8:6d:a1:e7:
84:07:63:71:9d:e8:3c:ab:dd:8b:d5:61:14:c2:e8:
56:a5:a4:63:2f:87:47:d5:09:eb:83:55:f3:f3:e0:
46:17:c5:ef:da:f8:b2:bc:18:c7:4c:40:52:0b:cd:
3d:c1:0a:2c:d2:4b:0a:b0:55:25:6c:ce:06:f5:d3:
d7:e2:67:99:dd:37:32:45:8c:6c:d1:3f:66:10:4a:
66:6e:5f:72:ee:7e:67:a9:b1:a1:95:de:5d:8e:97:
26:f1:81:cd:1a:28:78:fd:56:97:2e:ec:ca:e0:ca:
4c:f3:66:03:23:0a:23:03:38:8b:43:09:91:c8:25:
ef:29:b0:82:be:fc:a1:2b:bb:b5:f8:14:76:a8:8d:
1c:3d:09:bd:8d:9d:27:47:8e:56:0b:86:0b:a0:90:
67:32:fa:2b:8a:4a:67:33:a3:f7:5a:e1:01:c5:b3:
ea:d6:09:72:3d:c2:8f:0c:93:b5:92:be:28:96:5d:
11:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:43:5F:1E:F8:70:08:D2:D0:5E:5B:04:29:08:B2:2F:AB:60:9F:C2
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UENfHvhwCNLQXlsEKQiyL6tgn8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.196.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:cf:76:db:9c:3f:09:88:39:9e:62:d0:3d:ad:ef:dd:80:2e:
06:93:e6:7b:dc:e6:5e:af:ff:2d:53:90:99:f6:02:6c:8a:7d:
f1:85:3c:5c:9f:95:2b:2e:aa:f1:a0:a6:1c:cd:23:f9:c1:68:
4e:c1:e0:f0:2d:fd:d9:3a:51:30:70:5b:c1:92:4b:b2:10:d1:
f7:26:e8:d3:e4:d9:be:01:5e:4c:b1:8a:16:14:18:18:46:b2:
30:6d:26:dc:89:bb:d4:9e:d7:c0:6c:ef:98:c7:85:4c:ac:fb:
f6:fc:b4:75:00:e7:fd:cb:b1:ee:de:2f:e2:5f:1d:a7:f4:0d:
a6:6f:93:d6:f2:88:d6:ab:79:de:7e:17:78:d7:e0:b2:a8:87:
c5:4d:c6:8c:79:0f:06:3f:55:7e:a0:4c:17:e7:f2:0d:be:97:
1c:38:14:b4:b7:31:96:4b:cd:54:a2:9c:9d:ac:c7:07:10:a6:
37:40:4a:28:7e:a2:bd:07:81:60:8f:01:ef:ff:4d:5a:bb:ff:
00:ae:00:3c:bc:ad:3f:14:1a:51:ba:07:6d:59:26:a3:e1:ab:
af:7a:9a:61:0c:50:a3:bd:87:be:31:c3:92:79:d0:cb:b7:43:
96:53:b4:e4:f9:29:ef:c8:96:b3:eb:21:57:e3:89:81:4d:7b:
83:b0:c9:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfOplWFsgtfiVvAxSkpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQzNWYxZWY4NzAwOGQyZDA1ZTViMDQyOTA4YjIyZmFiNjA5ZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ/nZznqXp578yvCu7YWWMzie2i6
KpBfdUP1UaWsjrywFHeF/UBfgAZgpOfGCU3KcSq/ZLzRnhOw6ARpOPiCSf7To4VR
+qhtoeeEB2Nxneg8q92L1WEUwuhWpaRjL4dH1Qnrg1Xz8+BGF8Xv2viyvBjHTEBS
C809wQos0ksKsFUlbM4G9dPX4meZ3TcyRYxs0T9mEEpmbl9y7n5nqbGhld5djpcm
8YHNGih4/VaXLuzK4MpM82YDIwojAziLQwmRyCXvKbCCvvyhK7u1+BR2qI0cPQm9
jZ0nR45WC4YLoJBnMvorikpnM6P3WuEBxbPq1glyPcKPDJO1kr4oll0R3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBDXx74cAjS0F5bBCkIsi+rYJ/CMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvVUVOZkh2aHdDTkxRWGxzRUtRaXlMNnRnbjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfzEMA0G
CSqGSIb3DQEBCwUAA4IBAQCKz3bbnD8JiDmeYtA9re/dgC4Gk+Z73OZer/8tU5CZ
9gJsin3xhTxcn5UrLqrxoKYczSP5wWhOweDwLf3ZOlEwcFvBkkuyENH3JujT5Nm+
AV5MsYoWFBgYRrIwbSbcibvUntfAbO+Yx4VMrPv2/LR1AOf9y7Hu3i/iXx2n9A2m
b5PW8ojWq3nefhd41+CyqIfFTcaMeQ8GP1V+oEwX5/INvpccOBS0tzGWS81Uopyd
rMcHEKY3QEoofqK9B4FgjwHv/01au/8ArgA8vK0/FBpRugdtWSaj4auvepphDFCj
vYe+McOSedDLt0OWU7Tk+SnvyJaz6yFX44mBTXuDsMmJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net