Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/1-jKI8OhCq7r5NjVj0n4HrZn9oMY.roa
File: 1-jKI8OhCq7r5NjVj0n4HrZn9oMY.roa (raw, json)
Hash identifier: LA2D5KNN5ZKnV+c9oRFGXLxo5h5gcmtweXIz8EsL1bo=
Subject key identifier: FA:32:88:F0:E8:42:AB:BA:F9:36:35:63:D2:7E:07:AD:99:FD:A0:C6
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0186789DDD6070931C77D16388F1D868A51A
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/1-jKI8OhCq7r5NjVj0n4HrZn9oMY.roa
Signing time: Wed 22 Feb 2023 10:14:17 +0000
ROA not before: Wed 22 Feb 2023 10:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:9d:dd:60:70:93:1c:77:d1:63:88:f1:d8:68:a5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Feb 22 10:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa3288f0e842abbaf9363563d27e07ad99fda0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:f8:40:c1:9f:3b:e9:7c:09:b5:c6:cf:69:
4a:82:1b:d9:3c:fd:45:9c:da:f8:48:ba:5a:2a:70:
c7:c3:be:ae:fa:bb:28:23:2a:73:b2:e4:a4:97:7a:
af:fa:15:c0:e6:a6:b5:91:02:74:97:42:ef:d2:0b:
69:3c:d8:e0:19:9c:df:92:af:b4:16:20:93:1a:4e:
a6:97:d5:b8:41:b6:b1:2e:4d:20:73:a2:d7:9c:5e:
4e:94:16:94:81:a7:09:61:c7:81:88:c6:c7:1e:b4:
1f:e0:42:68:99:5b:6c:b0:24:69:10:55:bd:e5:47:
3f:0c:4d:ed:de:df:43:37:c6:1f:71:ba:07:39:ba:
b0:7d:d3:a2:40:3e:82:ab:8e:30:03:91:e8:ec:9e:
1c:7a:b1:84:01:00:63:c5:55:98:1d:56:52:cc:b9:
b1:73:b9:cb:51:1f:bd:2c:90:53:77:08:b8:b7:5f:
2f:d6:1d:66:43:ce:1d:cc:70:26:ff:3d:cf:0d:aa:
ab:cd:12:e3:17:54:a9:67:25:34:eb:c6:65:b2:c7:
fa:a5:5a:80:cd:cd:1e:0f:07:9b:b7:da:5a:13:3a:
85:0a:c2:8e:3c:ef:26:fc:fe:b9:de:89:cc:a3:21:
42:c7:6e:ef:ea:4d:52:99:1b:8e:3f:d0:7e:e0:e9:
58:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:32:88:F0:E8:42:AB:BA:F9:36:35:63:D2:7E:07:AD:99:FD:A0:C6
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/1-jKI8OhCq7r5NjVj0n4HrZn9oMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2a:93:bc:a1:62:ab:91:72:40:67:b9:40:f0:46:51:b1:00:
a1:ac:d0:58:a0:50:0c:3c:ea:64:0e:53:34:ae:cc:93:11:3c:
8d:b3:3c:eb:ae:61:da:49:86:ef:bc:f1:08:3a:db:e9:e1:d3:
c3:f5:a4:a1:23:3b:ca:86:bc:50:c1:95:7d:d9:b8:27:8d:7d:
4d:bd:c7:26:a0:02:db:66:cb:f1:1a:69:72:81:89:60:17:bd:
e3:ca:68:b5:18:b5:cb:92:a3:61:4e:09:8e:c7:96:5d:43:58:
87:8d:02:a5:98:60:f6:94:28:eb:2c:8f:90:03:62:ae:ca:c2:
c3:01:a8:78:f9:5e:7c:7d:6c:ed:06:9e:59:24:ce:22:2d:bb:
ef:e2:66:31:5d:0d:4b:e7:4e:cf:50:c2:18:0a:6e:f7:8b:df:
0a:b7:71:77:60:25:53:7f:12:15:fa:e2:46:1a:fa:36:a8:1a:
51:68:82:21:cf:65:12:8d:a6:cc:aa:6f:a5:f9:31:7e:0a:28:
c1:44:85:43:e6:e0:f5:1a:0d:e1:33:2d:55:e1:30:06:8c:42:
7f:49:1d:09:48:68:75:03:b0:52:1c:09:74:d1:49:8b:f1:a8:
34:d3:81:0e:45:37:1d:2c:21:72:c1:53:cc:78:5a:57:4b:ba:
96:4e:34:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYZ4nd1gcJMcd9FjiPHYaKUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwMjIyMTAxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTMyODhmMGU4NDJhYmJhZjkzNjM1NjNkMjdlMDdhZDk5ZmRhMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs934QMGfO+l8CbXGz2lKghvZPP1F
nNr4SLpaKnDHw76u+rsoIypzsuSkl3qv+hXA5qa1kQJ0l0Lv0gtpPNjgGZzfkq+0
FiCTGk6ml9W4QbaxLk0gc6LXnF5OlBaUgacJYceBiMbHHrQf4EJomVtssCRpEFW9
5Uc/DE3t3t9DN8YfcboHObqwfdOiQD6Cq44wA5Ho7J4cerGEAQBjxVWYHVZSzLmx
c7nLUR+9LJBTdwi4t18v1h1mQ84dzHAm/z3PDaqrzRLjF1SpZyU068Zlssf6pVqA
zc0eDwebt9paEzqFCsKOPO8m/P653onMoyFCx27v6k1SmRuOP9B+4OlYoQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPoyiPDoQqu6+TY1Y9J+B62Z/aDGMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvMS1qS0k4T2hDcTdyNU5qVmowbjRIclpuOW9NWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvOWQwZTE0LTExM2ItNGNiYS04MzA4LWFjYzU2OTc3YjZm
NC8xL0Q1eDNvZHpianUxaXpUeW9DbEZFM0U0a1AwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcOx5gME
AMOyaDANBgkqhkiG9w0BAQsFAAOCAQEAmCqTvKFiq5FyQGe5QPBGUbEAoazQWKBQ
DDzqZA5TNK7MkxE8jbM8665h2kmG77zxCDrb6eHTw/WkoSM7yoa8UMGVfdm4J419
Tb3HJqAC22bL8RppcoGJYBe948potRi1y5KjYU4JjseWXUNYh40CpZhg9pQo6yyP
kANirsrCwwGoePlefH1s7QaeWSTOIi277+JmMV0NS+dOz1DCGApu94vfCrdxd2Al
U38SFfriRhr6NqgaUWiCIc9lEo2mzKpvpfkxfgoowUSFQ+bg9RoN4TMtVeEwBoxC
f0kdCUhodQOwUhwJdNFJi/GoNNOBDkU3HSwhcsFTzHhaV0u6lk40AA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:27 2023 by rpki-client on console.sobornost.net