Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/0YqL95U0q-OnLSjaERshvYpEpL4.roa
File: 0YqL95U0q-OnLSjaERshvYpEpL4.roa (raw, json)
Hash identifier: kRe/vyWWn2D7YaFZMpjrcIq+c4EWwFYHIGZvhj96cDM=
Subject key identifier: D1:8A:8B:F7:95:34:AB:E3:A7:2D:28:DA:11:1B:21:BD:8A:44:A4:BE
Certificate issuer: /CN=36482f2efefb927a3caffea1d91f2417f3d2e7d7
Certificate serial: 018953E483DB6CC4F6573C4517F15C5E4AFA
Authority key identifier: 36:48:2F:2E:FE:FB:92:7A:3C:AF:FE:A1:D9:1F:24:17:F3:D2:E7:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkgvLv77kno8r_6h2R8kF_PS59c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/0YqL95U0q-OnLSjaERshvYpEpL4.roa
Signing time: Fri 14 Jul 2023 10:13:52 +0000
ROA not before: Fri 14 Jul 2023 10:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51871
IP address blocks: 193.34.29.0/24 maxlen: 24
193.34.28.0/24 maxlen: 24
193.34.31.0/24 maxlen: 24
193.34.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:e4:83:db:6c:c4:f6:57:3c:45:17:f1:5c:5e:4a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36482f2efefb927a3caffea1d91f2417f3d2e7d7
Validity
Not Before: Jul 14 10:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d18a8bf79534abe3a72d28da111b21bd8a44a4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:22:92:ea:4f:3b:ec:27:64:ba:dd:f3:a1:
37:99:a3:ca:40:ef:d0:52:41:bf:c8:10:54:90:18:
f0:96:50:ee:73:d7:48:e0:a8:9a:38:85:f3:4a:40:
b9:bd:5d:3c:2c:3b:9a:f5:f7:88:d4:1c:8c:d1:7b:
6c:9a:a2:12:ce:ac:98:c7:9e:07:39:96:e0:15:4d:
ee:ff:07:74:8c:0a:c1:52:e3:48:6f:0c:d6:6e:ee:
63:d9:c7:48:b7:49:b5:93:b4:4a:f9:62:ca:61:b4:
89:d1:e3:b2:04:4c:bd:47:65:56:fc:6e:60:69:39:
fd:20:cf:fa:86:37:a7:7e:c7:b8:9a:66:aa:04:fd:
24:55:b9:ea:44:fb:7b:44:e7:ab:40:9f:a9:af:df:
4a:1f:10:0b:c9:a3:ca:a6:01:c7:3c:1a:79:80:c8:
ff:2f:0a:88:bb:ec:cf:5f:a8:ee:7f:60:d9:95:0e:
6e:d3:5d:a1:48:39:a4:37:0c:cd:aa:e5:d9:9e:9c:
69:fe:1a:76:b5:f2:c4:01:18:46:4a:a9:38:89:c4:
39:ff:5e:e7:04:a2:0a:c4:d6:cd:08:85:d3:d1:9c:
f4:60:6a:88:6e:87:12:59:6a:f4:08:ae:2b:3f:70:
2a:2f:55:a5:2f:83:c4:1e:7e:a9:f8:30:f2:a2:8e:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8A:8B:F7:95:34:AB:E3:A7:2D:28:DA:11:1B:21:BD:8A:44:A4:BE
X509v3 Authority Key Identifier:
keyid:36:48:2F:2E:FE:FB:92:7A:3C:AF:FE:A1:D9:1F:24:17:F3:D2:E7:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkgvLv77kno8r_6h2R8kF_PS59c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/0YqL95U0q-OnLSjaERshvYpEpL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/NkgvLv77kno8r_6h2R8kF_PS59c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.28.0/22
Signature Algorithm: sha256WithRSAEncryption
50:56:db:46:ef:99:1d:4c:0b:87:cd:5e:ea:a2:e6:e8:96:9c:
2c:87:f9:fc:ed:1f:66:e8:2a:e4:7d:cf:ab:8c:c2:cf:35:5b:
d8:1c:03:0c:cc:2a:f3:cb:96:aa:91:d5:44:fa:14:77:66:95:
7d:ff:9c:70:25:76:57:42:3b:8f:4b:7e:4a:97:93:d6:59:b6:
8c:81:9c:61:67:c6:9e:c6:f7:b5:2f:32:7d:aa:90:29:43:52:
8a:03:94:c2:3c:81:c3:c1:91:e0:a4:08:31:e0:8c:8b:c6:e5:
b4:e5:f9:f5:61:47:a2:f5:88:bc:e5:da:e7:ea:8f:28:fe:75:
75:19:1c:1b:c5:9c:c5:78:c6:f8:e5:9a:c4:65:8f:ba:55:ef:
4e:f2:b0:9a:28:bd:ff:8e:2f:4d:9d:77:3c:8b:15:32:60:6c:
de:a6:bc:49:28:e2:73:24:74:44:1a:12:37:b8:29:00:ef:5b:
58:0a:76:03:60:9c:1e:f0:76:d6:f6:a5:6e:eb:9c:ef:b8:60:
60:a7:ab:81:01:92:1b:1e:f7:c6:21:99:f4:1c:e3:1a:9a:08:
56:30:f6:de:2c:a0:0f:f2:21:88:c1:50:bc:18:14:1d:b3:39:
e8:96:80:32:9a:60:a3:9e:42:e1:99:c8:02:65:ec:f5:38:ab:
fe:2e:06:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlT5IPbbMT2VzxFF/FcXkr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDgyZjJlZmVmYjkyN2EzY2FmZmVhMWQ5MWYyNDE3ZjNk
MmU3ZDcwHhcNMjMwNzE0MTAxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThhOGJmNzk1MzRhYmUzYTcyZDI4ZGExMTFiMjFiZDhhNDRhNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprcikupPO+wnZLrd86E3maPKQO/Q
UkG/yBBUkBjwllDuc9dI4KiaOIXzSkC5vV08LDua9feI1ByM0XtsmqISzqyYx54H
OZbgFU3u/wd0jArBUuNIbwzWbu5j2cdIt0m1k7RK+WLKYbSJ0eOyBEy9R2VW/G5g
aTn9IM/6hjenfse4mmaqBP0kVbnqRPt7ROerQJ+pr99KHxALyaPKpgHHPBp5gMj/
LwqIu+zPX6juf2DZlQ5u012hSDmkNwzNquXZnpxp/hp2tfLEARhGSqk4icQ5/17n
BKIKxNbNCIXT0Zz0YGqIbocSWWr0CK4rP3AqL1WlL4PEHn6p+DDyoo4pXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGKi/eVNKvjpy0o2hEbIb2KRKS+MB8GA1UdIwQY
MBaAFDZILy7++5J6PK/+odkfJBfz0ufXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtndkx2Nzdrbm84cl82aDJSOGtGX1BTNTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNGIwMGMtYTkyOS00OGQ0LWI3ZDgt
NzY4ODczMWJlZDlkLzEvMFlxTDk1VTBxLU9uTFNqYUVSc2h2WXBFcEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNGIwMGMtYTkyOS00OGQ0LWI3ZDgtNzY4ODczMWJlZDlk
LzEvTmtndkx2Nzdrbm84cl82aDJSOGtGX1BTNTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSIcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQVttG75kdTAuHzV7qoubolpwsh/n87R9m6Crkfc+r
jMLPNVvYHAMMzCrzy5aqkdVE+hR3ZpV9/5xwJXZXQjuPS35Kl5PWWbaMgZxhZ8ae
xve1LzJ9qpApQ1KKA5TCPIHDwZHgpAgx4IyLxuW05fn1YUei9Yi85drn6o8o/nV1
GRwbxZzFeMb45ZrEZY+6Ve9O8rCaKL3/ji9NnXc8ixUyYGzeprxJKOJzJHREGhI3
uCkA71tYCnYDYJwe8HbW9qVu65zvuGBgp6uBAZIbHvfGIZn0HOMamghWMPbeLKAP
8iGIwVC8GBQdsznoloAymmCjnkLhmcgCZez1OKv+LgYX
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net