Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/0L5zYZ7Wx2SX1nopz6ss6d3BfqQ.roa
File: 0L5zYZ7Wx2SX1nopz6ss6d3BfqQ.roa (raw, json)
Hash identifier: 8Y2uEVSeRzrQkCCZ/v1E7dalBwboTttPtAZ4tQkM9So=
Subject key identifier: D0:BE:73:61:9E:D6:C7:64:97:D6:7A:29:CF:AB:2C:E9:DD:C1:7E:A4
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 018CC7956386BFA61971A18DF53842835F64
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/0L5zYZ7Wx2SX1nopz6ss6d3BfqQ.roa
Signing time: Tue 02 Jan 2024 00:31:45 +0000
ROA not before: Tue 02 Jan 2024 00:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.196.162.0/24 maxlen: 24
91.196.162.0/23 maxlen: 23
91.196.161.0/24 maxlen: 24
91.196.160.0/22 maxlen: 22
91.196.160.0/24 maxlen: 24
91.196.160.0/23 maxlen: 23
91.196.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 15:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:63:86:bf:a6:19:71:a1:8d:f5:38:42:83:5f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Jan 2 00:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0be73619ed6c76497d67a29cfab2ce9ddc17ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:af:ec:d8:43:c6:0b:c3:70:2c:3f:26:43:9b:
64:7c:46:cc:ac:5a:9c:92:4e:d1:76:97:72:6b:3b:
a2:ba:e9:5a:09:60:34:7d:00:d4:87:e1:63:f7:50:
2d:62:b7:b8:6f:18:37:9f:76:07:2a:f9:35:e0:02:
81:95:14:dc:35:69:7e:e6:f3:e6:0b:28:83:2f:b7:
a2:45:b1:ee:a3:dc:c3:51:b0:24:da:e7:91:3b:d3:
1e:80:f8:1c:3b:db:7b:79:2f:88:36:7c:7c:ed:9f:
9d:fa:59:21:e0:79:e3:b3:e4:e6:4d:6b:ab:12:78:
e1:7f:af:c2:a6:f6:81:af:13:0b:0b:c4:ca:a0:3b:
2e:fd:8c:cf:bc:d9:b9:f5:55:f0:5d:aa:3d:fc:30:
1d:6f:66:b4:67:22:ca:7e:a0:42:0e:dc:e7:59:b6:
0e:61:48:0f:b8:c0:7e:f9:97:7d:e7:5a:73:f4:a1:
2d:26:cb:47:fc:71:4c:0c:71:6c:b9:76:20:2e:99:
69:83:ed:5a:ed:f2:e2:6d:5a:38:1b:be:51:38:44:
3a:0f:96:e1:8f:b4:e3:0d:15:ac:8e:7f:a9:82:42:
c3:34:23:56:41:0e:20:69:1e:d3:a8:40:b9:d9:e8:
73:c5:11:47:9b:44:b2:98:41:cd:25:70:14:d1:2c:
f2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BE:73:61:9E:D6:C7:64:97:D6:7A:29:CF:AB:2C:E9:DD:C1:7E:A4
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/0L5zYZ7Wx2SX1nopz6ss6d3BfqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:46:35:42:3a:6d:14:18:f5:52:48:40:32:0b:6c:42:d7:5d:
a3:ac:b2:10:fc:19:5e:2f:5b:ef:2e:f6:06:86:a0:79:1c:1a:
92:4f:3f:4b:7d:37:d3:39:5b:a1:96:05:d6:bf:08:7c:c6:31:
ca:f4:97:17:bb:90:72:b3:fa:b9:6e:28:28:46:de:2e:49:2c:
01:9c:40:95:d1:38:41:e5:49:69:68:82:38:70:6d:54:55:20:
94:b2:49:f1:65:c9:c9:96:68:4c:ab:a9:6a:90:e1:74:df:cd:
bf:89:b4:b5:f8:30:49:73:7d:44:8c:3c:8e:75:43:30:1e:51:
f0:a0:8b:fa:4b:f2:c8:cb:a0:7f:73:c3:c8:b6:0d:03:9e:44:
02:af:c5:f8:d5:4e:05:f6:5c:8a:3b:54:d9:4b:e6:bd:0b:12:
80:b5:e4:73:9f:c4:2a:a0:2c:80:54:d8:28:34:fb:73:48:f6:
3b:fc:76:71:4f:f3:8c:3a:06:d4:00:a2:3e:25:20:08:0c:95:
b1:5c:0f:f0:a9:82:d7:53:69:fd:89:d8:50:96:92:cf:da:d9:
c7:8a:3d:11:7d:40:5f:d0:07:e6:c4:fe:77:a7:d5:3c:77:e3:
e0:49:65:c3:3e:12:43:e8:ba:14:52:63:6f:1f:28:a6:82:04:
b1:47:8f:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlWOGv6YZcaGN9ThCg19kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQwMTAyMDAzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJlNzM2MTllZDZjNzY0OTdkNjdhMjljZmFiMmNlOWRkYzE3ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK/s2EPGC8NwLD8mQ5tkfEbMrFqc
kk7RdpdyazuiuulaCWA0fQDUh+Fj91AtYre4bxg3n3YHKvk14AKBlRTcNWl+5vPm
CyiDL7eiRbHuo9zDUbAk2ueRO9MegPgcO9t7eS+INnx87Z+d+lkh4Hnjs+TmTWur
Enjhf6/CpvaBrxMLC8TKoDsu/YzPvNm59VXwXao9/DAdb2a0ZyLKfqBCDtznWbYO
YUgPuMB++Zd951pz9KEtJstH/HFMDHFsuXYgLplpg+1a7fLibVo4G75ROEQ6D5bh
j7TjDRWsjn+pgkLDNCNWQQ4gaR7TqEC52ehzxRFHm0SymEHNJXAU0Szy7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNC+c2Ge1sdkl9Z6Kc+rLOndwX6kMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvMEw1ellaN1d4MlNYMW5vcHo2c3M2ZDNCZnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQCORjVCOm0UGPVSSEAyC2xC112jrLIQ/BleL1vvLvYG
hqB5HBqSTz9LfTfTOVuhlgXWvwh8xjHK9JcXu5Bys/q5bigoRt4uSSwBnECV0ThB
5UlpaII4cG1UVSCUsknxZcnJlmhMq6lqkOF0382/ibS1+DBJc31EjDyOdUMwHlHw
oIv6S/LIy6B/c8PItg0DnkQCr8X41U4F9lyKO1TZS+a9CxKAteRzn8QqoCyAVNgo
NPtzSPY7/HZxT/OMOgbUAKI+JSAIDJWxXA/wqYLXU2n9idhQlpLP2tnHij0RfUBf
0AfmxP53p9U8d+PgSWXDPhJD6LoUUmNvHyimggSxR4/S
-----END CERTIFICATE-----
Generated at Fri Mar 15 22:16:28 2024 by rpki-client on console.sobornost.net