Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/1p4ac82itNkXUAmKeBAmdYOoV6w.roa
File: 1p4ac82itNkXUAmKeBAmdYOoV6w.roa (raw, json)
Hash identifier: 0jjJ9aBnXz2V9ZI49dqS8W2xc3RHNWrxkp1vcEspAoc=
Subject key identifier: D6:9E:1A:73:CD:A2:B4:D9:17:50:09:8A:78:10:26:75:83:A8:57:AC
Certificate issuer: /CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Certificate serial: 018BCBEA13886FD4336F2A1BF81EC186AD1C
Authority key identifier: 34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/1p4ac82itNkXUAmKeBAmdYOoV6w.roa
Signing time: Tue 14 Nov 2023 03:39:57 +0000
ROA not before: Tue 14 Nov 2023 03:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42198
IP address blocks: 193.30.32.0/24 maxlen: 24
193.30.32.0/23 maxlen: 23
193.30.35.0/24 maxlen: 24
193.30.34.0/23 maxlen: 23
193.30.34.0/24 maxlen: 24
193.30.33.0/24 maxlen: 24
2a0c:8540:3::/48 maxlen: 48
2a0c:8540:9::/48 maxlen: 48
2a0c:8540:1::/48 maxlen: 48
2a0c:8540:4::/48 maxlen: 48
2a0c:8540:2::/48 maxlen: 48
2a0c:8540::/43 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:ea:13:88:6f:d4:33:6f:2a:1b:f8:1e:c1:86:ad:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Validity
Not Before: Nov 14 03:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69e1a73cda2b4d91750098a7810267583a857ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:66:5c:49:0e:77:cf:36:eb:d9:47:a8:98:4f:
d9:29:c1:aa:82:5f:90:90:85:81:8b:b8:9b:8f:2b:
46:dc:4b:2f:6f:e8:02:9f:5c:20:66:16:28:31:53:
fa:78:11:69:eb:12:10:1e:60:08:a9:79:fc:31:ea:
f5:9e:49:c9:c8:c9:cd:76:9d:ae:4e:5a:3c:7d:08:
2e:1d:46:93:5c:49:5a:a9:71:9c:a5:80:31:ac:4c:
d1:64:2e:7b:4c:f8:01:e1:26:7b:96:8f:55:87:52:
d5:2b:14:d6:64:e2:c3:2b:a5:e0:04:ea:3b:4f:ff:
3c:e4:7c:23:08:0a:6e:92:8e:43:42:4a:b4:e0:3b:
63:58:b0:05:b6:90:ef:ec:cd:f1:d0:bc:da:f2:97:
96:e1:6f:9b:e7:82:9c:1a:ef:b2:5d:fc:05:5f:51:
a3:97:76:b0:6c:5c:7b:0e:c2:ea:56:62:53:f0:03:
ab:d3:9c:26:00:04:59:e2:e9:1b:7e:b0:d9:36:2b:
d9:74:fa:a8:c8:b5:04:69:b6:68:fa:1d:59:b8:b9:
56:02:9f:4d:4c:d3:13:c0:43:c1:80:4d:77:55:bc:
88:35:bc:db:e8:42:48:64:4a:f5:c5:9c:98:1c:a8:
fb:f4:75:a5:6c:2e:f0:d5:80:5c:25:71:f9:87:a0:
bb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9E:1A:73:CD:A2:B4:D9:17:50:09:8A:78:10:26:75:83:A8:57:AC
X509v3 Authority Key Identifier:
keyid:34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/1p4ac82itNkXUAmKeBAmdYOoV6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/NEejBCglTJlw_Pvf_vBrDWtJDw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.32.0/22
IPv6:
2a0c:8540::/43
Signature Algorithm: sha256WithRSAEncryption
6f:ad:76:3e:88:32:02:57:58:c0:a6:14:fb:e0:d0:94:66:d0:
ac:7a:68:ae:dc:1a:07:cb:0c:89:e9:7d:24:a2:5c:3b:02:89:
ac:73:8f:d1:21:28:ba:47:10:15:15:44:dd:8a:c5:7f:b5:d0:
4a:9c:d9:71:bb:c0:13:05:c3:7c:f3:ee:cb:58:ca:c7:3b:86:
30:c8:e9:2f:c9:f2:bc:52:ed:62:84:47:fd:de:d5:d0:c2:19:
1e:5e:d5:75:72:1a:db:f9:8f:2a:ed:e3:b2:0e:4d:da:92:01:
93:97:2d:3a:4d:5b:34:2f:76:27:41:f8:6a:46:61:25:0e:89:
ff:de:b8:be:1f:d8:60:79:8f:20:b2:99:e0:9b:48:74:60:0e:
14:a6:33:02:0e:9f:39:f2:29:e3:44:51:30:8c:4f:2c:ee:6a:
e3:48:b7:ce:7d:1c:b7:24:02:a1:a6:11:97:81:5f:e7:19:44:
14:8b:dc:55:05:36:15:9c:25:dc:47:3d:53:95:44:33:1e:a6:
b1:b7:ab:69:77:3c:81:45:fc:f9:4d:f0:f4:65:5a:3a:2d:a2:
a9:1e:94:db:07:c4:3d:b8:6e:94:b4:40:f5:1f:b5:32:61:9c:
ce:da:fa:4e:6d:1b:15:05:d4:9d:16:a2:45:d9:83:cc:f3:6c:
a9:e3:f4:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvL6hOIb9Qzbyob+B7Bhq0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDdhMzA0MjgyNTRjOTk3MGZjZmJkZmZlZjA2YjBkNmI0
OTBmMGUwHhcNMjMxMTE0MDMzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjllMWE3M2NkYTJiNGQ5MTc1MDA5OGE3ODEwMjY3NTgzYTg1N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWZcSQ53zzbr2UeomE/ZKcGqgl+Q
kIWBi7ibjytG3Esvb+gCn1wgZhYoMVP6eBFp6xIQHmAIqXn8Mer1nknJyMnNdp2u
Tlo8fQguHUaTXElaqXGcpYAxrEzRZC57TPgB4SZ7lo9Vh1LVKxTWZOLDK6XgBOo7
T/885HwjCApuko5DQkq04DtjWLAFtpDv7M3x0Lza8peW4W+b54KcGu+yXfwFX1Gj
l3awbFx7DsLqVmJT8AOr05wmAARZ4ukbfrDZNivZdPqoyLUEabZo+h1ZuLlWAp9N
TNMTwEPBgE13VbyINbzb6EJIZEr1xZyYHKj79HWlbC7w1YBcJXH5h6C7UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNaeGnPNorTZF1AJingQJnWDqFesMB8GA1UdIwQY
MBaAFDRHowQoJUyZcPz73/7waw1rSQ8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAt
YmRlMDI4YWQ1OTMwLzEvMXA0YWM4Mml0TmtYVUFtS2VCQW1kWU9vVjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAtYmRlMDI4YWQ1OTMw
LzEvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwR4gMA8E
AgACMAkDBwUqDIVAAAAwDQYJKoZIhvcNAQELBQADggEBAG+tdj6IMgJXWMCmFPvg
0JRm0Kx6aK7cGgfLDInpfSSiXDsCiaxzj9EhKLpHEBUVRN2KxX+10Eqc2XG7wBMF
w3zz7stYysc7hjDI6S/J8rxS7WKER/3e1dDCGR5e1XVyGtv5jyrt47IOTdqSAZOX
LTpNWzQvdidB+GpGYSUOif/euL4f2GB5jyCymeCbSHRgDhSmMwIOnznyKeNEUTCM
TyzuauNIt859HLckAqGmEZeBX+cZRBSL3FUFNhWcJdxHPVOVRDMeprG3q2l3PIFF
/PlN8PRlWjotoqkelNsHxD24bpS0QPUftTJhnM7a+k5tGxUF1J0WokXZg8zzbKnj
9OY=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:28 2023 by rpki-client on console.sobornost.net