Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/90g5aswXkFH5zXjnsiX1eV28HK4.roa
File: 90g5aswXkFH5zXjnsiX1eV28HK4.roa (raw, json)
Hash identifier: Lm7ULSf09iFhIDclKfeV8y4A6rPlFW69+AlijtiFY2E=
Subject key identifier: F7:48:39:6A:CC:17:90:51:F9:CD:78:E7:B2:25:F5:79:5D:BC:1C:AE
Certificate issuer: /CN=2f88a53fcb96777f99e02df8940dd040b454cd1c
Certificate serial: 01856CE619965A92F2DF4D37582E8F7B0073
Authority key identifier: 2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/90g5aswXkFH5zXjnsiX1eV28HK4.roa
Signing time: Sun 01 Jan 2023 10:34:57 +0000
ROA not before: Sun 01 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49770
IP address blocks: 185.154.108.0/22 maxlen: 24
95.143.192.0/20 maxlen: 24
2a03:d780::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:19:96:5a:92:f2:df:4d:37:58:2e:8f:7b:00:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f88a53fcb96777f99e02df8940dd040b454cd1c
Validity
Not Before: Jan 1 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f748396acc179051f9cd78e7b225f5795dbc1cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:da:26:d1:15:fd:c0:34:76:bc:bc:1d:5d:60:
57:2b:9b:b2:5e:21:37:b7:ae:f9:b7:f6:2e:9e:f7:
f6:4d:92:61:ac:e5:4f:e9:5c:6d:bb:60:34:37:7f:
a1:ca:f0:1d:26:1e:ce:f8:12:17:6e:89:96:0b:63:
df:5e:9f:89:0e:00:8f:05:a5:b4:65:de:1c:fb:71:
b0:ac:e2:eb:c9:20:6f:26:e0:c8:31:b2:6b:8c:d6:
5f:13:06:40:98:e6:d1:2a:c5:64:66:1e:9e:05:47:
13:66:7e:90:86:bf:d9:3a:43:3a:26:fd:fc:59:5e:
a0:b8:9b:48:46:b6:7f:00:b7:d1:eb:e8:25:5d:b5:
c0:eb:42:2a:66:27:26:37:ec:a7:48:4f:d8:09:59:
07:1d:52:3c:98:b3:44:ca:25:04:b8:6f:75:19:d8:
e7:21:43:0b:41:93:92:1c:ef:d1:5c:27:07:f5:6a:
79:4a:58:bb:81:be:7a:99:e1:9a:d9:28:59:5b:16:
7f:69:a4:39:a2:d1:fa:5e:f2:ff:b0:41:3e:ac:bd:
50:54:b0:2b:52:ff:56:a4:83:a1:6a:23:dc:b7:80:
13:9c:32:00:03:af:0a:88:92:33:62:fe:3e:e4:c1:
95:fe:b8:9b:92:c2:52:5f:00:62:95:d7:3a:c6:56:
9e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:48:39:6A:CC:17:90:51:F9:CD:78:E7:B2:25:F5:79:5D:BC:1C:AE
X509v3 Authority Key Identifier:
keyid:2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/90g5aswXkFH5zXjnsiX1eV28HK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/L4ilP8uWd3-Z4C34lA3QQLRUzRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.192.0/20
185.154.108.0/22
IPv6:
2a03:d780::/32
Signature Algorithm: sha256WithRSAEncryption
c4:2b:fd:16:62:8c:62:19:63:56:a0:87:aa:7a:bd:1f:01:c2:
83:e8:15:03:8c:2d:89:1e:e0:74:87:86:b8:58:b9:1d:00:70:
76:15:48:a1:e2:f7:06:36:86:90:db:53:f9:0a:f9:5e:94:56:
99:b0:0d:a2:de:c1:26:8d:9d:bd:a2:f7:bd:35:83:e3:71:11:
cc:71:3c:87:d2:37:c1:87:3a:26:f2:93:ef:ef:8e:cd:07:44:
f9:7b:81:7d:af:9f:bc:89:ca:70:3f:7a:e6:15:cd:d9:42:81:
f0:9c:f7:5c:a5:24:95:f8:05:bf:eb:f4:ae:50:69:f4:bb:9c:
6c:97:0b:a4:39:2a:55:76:48:80:1c:10:c3:86:44:66:29:a9:
82:8f:9e:82:36:14:d8:dc:4b:7b:71:88:7f:08:0f:ae:28:7e:
79:97:54:b8:ff:5c:9e:c7:62:af:1d:10:7d:08:f0:4e:47:ff:
82:bc:2f:9f:bf:eb:ef:3d:ca:bf:3c:df:8d:5b:89:2e:d1:50:
a8:b3:e3:a1:23:48:13:d3:ef:cd:e1:fb:36:0c:55:be:ff:dc:
34:83:12:f5:5b:4f:d4:4a:3a:88:18:8d:5e:bd:96:95:fb:10:
c6:fb:0f:a3:50:e9:66:8d:49:e2:3a:c5:dd:bd:c6:f8:48:ab:
a8:87:38:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs5hmWWpLy3003WC6PewBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODhhNTNmY2I5Njc3N2Y5OWUwMmRmODk0MGRkMDQwYjQ1
NGNkMWMwHhcNMjMwMTAxMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQ4Mzk2YWNjMTc5MDUxZjljZDc4ZTdiMjI1ZjU3OTVkYmMxY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9om0RX9wDR2vLwdXWBXK5uyXiE3
t675t/Yunvf2TZJhrOVP6Vxtu2A0N3+hyvAdJh7O+BIXbomWC2PfXp+JDgCPBaW0
Zd4c+3GwrOLrySBvJuDIMbJrjNZfEwZAmObRKsVkZh6eBUcTZn6Qhr/ZOkM6Jv38
WV6guJtIRrZ/ALfR6+glXbXA60IqZicmN+ynSE/YCVkHHVI8mLNEyiUEuG91Gdjn
IUMLQZOSHO/RXCcH9Wp5Sli7gb56meGa2ShZWxZ/aaQ5otH6XvL/sEE+rL1QVLAr
Uv9WpIOhaiPct4ATnDIAA68KiJIzYv4+5MGV/ribksJSXwBildc6xlaeZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPdIOWrMF5BR+c1457Il9XldvByuMB8GA1UdIwQY
MBaAFC+IpT/Llnd/meAt+JQN0EC0VM0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRpbFA4dVdkMy1aNEMzNGxBM1FRTFJVelJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81NTJmMGQtMDFjMi00MThhLWFhM2Mt
YWNjNGFhYzc4ZDBkLzEvOTBnNWFzd1hrRkg1elhqbnNpWDFlVjI4SEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81NTJmMGQtMDFjMi00MThhLWFhM2MtYWNjNGFhYzc4ZDBk
LzEvTDRpbFA4dVdkMy1aNEMzNGxBM1FRTFJVelJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEX4/AAwQC
uZpsMA0EAgACMAcDBQAqA9eAMA0GCSqGSIb3DQEBCwUAA4IBAQDEK/0WYoxiGWNW
oIeqer0fAcKD6BUDjC2JHuB0h4a4WLkdAHB2FUih4vcGNoaQ21P5CvlelFaZsA2i
3sEmjZ29ove9NYPjcRHMcTyH0jfBhzom8pPv747NB0T5e4F9r5+8icpwP3rmFc3Z
QoHwnPdcpSSV+AW/6/SuUGn0u5xslwukOSpVdkiAHBDDhkRmKamCj56CNhTY3Et7
cYh/CA+uKH55l1S4/1yex2KvHRB9CPBOR/+CvC+fv+vvPcq/PN+NW4ku0VCos+Oh
I0gT0+/N4fs2DFW+/9w0gxL1W0/USjqIGI1evZaV+xDG+w+jUOlmjUniOsXdvcb4
SKuohzgk
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net