Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/bJyyTzjpvd3kmtiWaM1O1dc7b8A.roa
File: bJyyTzjpvd3kmtiWaM1O1dc7b8A.roa (raw, json)
Hash identifier: 5SolxULP4i820ZOWHgaVS0ls/kh+1/+Zc0l6s9ACHiU=
Subject key identifier: 6C:9C:B2:4F:38:E9:BD:DD:E4:9A:D8:96:68:CD:4E:D5:D7:3B:6F:C0
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 018B8F1C9230E18BD7DFD2394DBE6C333504
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/bJyyTzjpvd3kmtiWaM1O1dc7b8A.roa
Signing time: Thu 02 Nov 2023 08:18:16 +0000
ROA not before: Thu 02 Nov 2023 08:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.70.97.0/24 maxlen: 24
185.70.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1c:92:30:e1:8b:d7:df:d2:39:4d:be:6c:33:35:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Nov 2 08:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c9cb24f38e9bddde49ad89668cd4ed5d73b6fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2a:9e:05:24:d6:b6:98:8e:e3:f6:bd:08:c9:
8d:2a:24:49:f6:f3:3a:24:01:07:7e:62:5b:15:e7:
25:a8:07:5f:2c:b2:a1:0a:a2:bc:0b:9a:71:f1:66:
02:de:fd:fb:2b:ff:3c:84:8d:24:a0:e2:c7:45:cf:
ab:b5:5f:7e:4b:21:3b:90:06:1a:70:f4:f4:32:65:
5d:18:9c:11:ef:c8:2f:33:67:a8:3d:d2:83:b3:f4:
79:01:0e:e6:67:8e:9e:bb:4b:a1:7c:0a:0a:43:3d:
b7:a8:d5:62:fc:3a:fc:7f:3e:3e:bf:4e:72:7b:9c:
23:ec:c1:84:81:4b:e8:42:4d:b8:77:ca:8c:74:ce:
fb:94:76:ca:ba:e2:b1:c1:bd:3f:36:87:35:c1:f6:
d0:25:89:c9:ab:01:a5:68:58:67:39:22:51:aa:9c:
aa:98:17:9b:fa:3f:a4:99:27:12:5f:48:d9:52:4d:
0f:fd:6a:7d:4f:c7:79:63:28:2f:ea:b0:7d:38:43:
77:49:d6:42:39:5d:c4:85:21:d9:bd:ed:91:c8:9f:
04:f2:18:13:c0:e0:7b:d1:da:04:ea:c5:4a:95:00:
57:85:5d:02:6f:f1:2c:23:e2:0b:f2:f0:d3:d0:95:
36:1c:5f:f8:09:eb:d0:5d:ae:e8:b1:4b:c8:fe:95:
08:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9C:B2:4F:38:E9:BD:DD:E4:9A:D8:96:68:CD:4E:D5:D7:3B:6F:C0
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/bJyyTzjpvd3kmtiWaM1O1dc7b8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.97.0/24
185.70.99.0/24
Signature Algorithm: sha256WithRSAEncryption
16:2e:f5:2e:3e:9e:83:ed:6a:38:a0:b9:9f:08:6b:69:57:d8:
9a:74:ee:0c:67:8b:cd:e9:6c:0d:20:c1:9c:9b:f9:30:12:63:
1c:c7:95:58:50:19:0b:41:2b:00:c6:24:d1:84:13:a0:55:18:
11:f6:e2:d6:56:e3:4f:1b:2f:84:8f:69:a3:33:05:6d:65:31:
0f:ca:35:7a:55:ff:ee:35:7d:62:dc:0a:46:d8:dc:eb:82:22:
e9:ed:9f:89:6b:66:3a:7c:dc:94:cc:42:f5:b4:6b:af:39:a6:
46:b0:fe:ff:50:ca:4d:5d:f4:ab:42:51:2e:e0:a1:51:34:ac:
48:79:cf:58:44:f9:b0:c9:3b:5e:9d:77:ca:db:76:e6:37:a5:
3a:22:08:89:69:6b:83:ba:df:08:82:86:02:09:2c:66:52:19:
81:10:87:da:e5:e0:ad:07:58:21:d2:3c:47:0a:fd:ea:17:75:
5a:1c:77:94:d2:3c:66:9d:11:99:c8:11:81:51:aa:94:7d:d0:
83:7a:d7:6e:54:09:48:7d:2a:22:83:ff:05:0b:40:ab:5c:46:
92:33:a1:25:b8:58:82:58:34:50:0d:a1:d6:4d:a6:87:e7:09:
0e:4a:38:4f:63:af:a3:a0:13:e1:a7:cd:46:d3:4a:b6:96:cb:
e9:b8:5b:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuPHJIw4YvX39I5Tb5sMzUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjMxMTAyMDgxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzljYjI0ZjM4ZTliZGRkZTQ5YWQ4OTY2OGNkNGVkNWQ3M2I2ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCqeBSTWtpiO4/a9CMmNKiRJ9vM6
JAEHfmJbFeclqAdfLLKhCqK8C5px8WYC3v37K/88hI0koOLHRc+rtV9+SyE7kAYa
cPT0MmVdGJwR78gvM2eoPdKDs/R5AQ7mZ46eu0uhfAoKQz23qNVi/Dr8fz4+v05y
e5wj7MGEgUvoQk24d8qMdM77lHbKuuKxwb0/Noc1wfbQJYnJqwGlaFhnOSJRqpyq
mBeb+j+kmScSX0jZUk0P/Wp9T8d5Yygv6rB9OEN3SdZCOV3EhSHZve2RyJ8E8hgT
wOB70doE6sVKlQBXhV0Cb/EsI+IL8vDT0JU2HF/4CevQXa7osUvI/pUIswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGycsk846b3d5JrYlmjNTtXXO2/AMB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvYkp5eVR6anB2ZDNrbXRpV2FNMU8xZGM3YjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZhAwQA
uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQAWLvUuPp6D7Wo4oLmfCGtpV9iadO4MZ4vN
6WwNIMGcm/kwEmMcx5VYUBkLQSsAxiTRhBOgVRgR9uLWVuNPGy+Ej2mjMwVtZTEP
yjV6Vf/uNX1i3ApG2NzrgiLp7Z+Ja2Y6fNyUzEL1tGuvOaZGsP7/UMpNXfSrQlEu
4KFRNKxIec9YRPmwyTtenXfK23bmN6U6IgiJaWuDut8IgoYCCSxmUhmBEIfa5eCt
B1gh0jxHCv3qF3VaHHeU0jxmnRGZyBGBUaqUfdCDetduVAlIfSoig/8FC0CrXEaS
M6EluFiCWDRQDaHWTaaH5wkOSjhPY6+joBPhp81G00q2lsvpuFtm
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:57 2024 by rpki-client on console.sobornost.net