Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/6a6313-8546-4031-be9b-8b2ebe4e29ce/1/yXug4zV3GRxZ5RYLnk9rgJ96qNg.roa
File: yXug4zV3GRxZ5RYLnk9rgJ96qNg.roa (raw, json)
Hash identifier: HQRcv/CPEYAIrqujktQmjyai2ZMYRqCvi1E4I2vhtiA=
Subject key identifier: C9:7B:A0:E3:35:77:19:1C:59:E5:16:0B:9E:4F:6B:80:9F:7A:A8:D8
Certificate issuer: /CN=1a879de1c75fbbd2c31d1d90814056f27d57d776
Certificate serial: 0186F67EC0D81203BEAFF0D56527D6205069
Authority key identifier: 1A:87:9D:E1:C7:5F:BB:D2:C3:1D:1D:90:81:40:56:F2:7D:57:D7:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Goed4cdfu9LDHR2QgUBW8n1X13Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/6a6313-8546-4031-be9b-8b2ebe4e29ce/1/yXug4zV3GRxZ5RYLnk9rgJ96qNg.roa
Signing time: Sat 18 Mar 2023 20:52:27 +0000
ROA not before: Sat 18 Mar 2023 20:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 185.142.41.0/24 maxlen: 24
185.142.42.0/24 maxlen: 24
185.142.43.0/24 maxlen: 24
185.142.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f6:7e:c0:d8:12:03:be:af:f0:d5:65:27:d6:20:50:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a879de1c75fbbd2c31d1d90814056f27d57d776
Validity
Not Before: Mar 18 20:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c97ba0e33577191c59e5160b9e4f6b809f7aa8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:28:46:79:b4:71:14:d0:3d:00:0b:09:df:
90:b8:7f:fd:2f:13:99:56:0b:a4:f6:e6:77:b3:17:
e5:3f:3c:07:e9:49:02:b5:af:42:63:bb:87:4b:bd:
f4:3c:9a:02:1e:44:96:5e:5c:4a:54:e1:24:04:b1:
0b:23:fa:63:17:af:0c:ab:26:b3:0a:67:ab:05:ac:
69:e5:e2:2f:fb:7d:71:02:e6:a5:46:63:68:28:43:
09:9f:51:94:72:06:c4:60:80:6e:32:3c:4a:1c:fb:
45:a7:80:2f:58:3f:9a:11:b3:ab:c0:76:75:f5:02:
88:c8:f3:17:8b:b7:5b:ed:49:ad:f0:35:4c:75:ee:
ed:6c:0d:87:4e:a3:25:a7:9d:77:96:22:0c:e8:3c:
c6:11:02:5e:96:27:e3:39:11:07:3f:0d:7b:8c:7d:
40:4d:36:19:e9:86:c9:b2:52:43:4c:c0:61:20:ef:
01:9c:72:9b:46:88:8d:82:87:72:9e:c5:a5:e4:96:
8e:0b:9e:8e:fc:b4:7d:ae:ea:b9:f3:df:80:0c:8b:
c1:0d:9e:7a:2b:97:e9:25:db:48:bf:d0:1d:92:87:
3c:9c:ca:19:c9:da:c6:25:e6:a8:06:99:33:1e:bb:
17:01:4e:21:21:fb:f3:a7:98:5a:cc:1a:42:e2:36:
87:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7B:A0:E3:35:77:19:1C:59:E5:16:0B:9E:4F:6B:80:9F:7A:A8:D8
X509v3 Authority Key Identifier:
keyid:1A:87:9D:E1:C7:5F:BB:D2:C3:1D:1D:90:81:40:56:F2:7D:57:D7:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goed4cdfu9LDHR2QgUBW8n1X13Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/6a6313-8546-4031-be9b-8b2ebe4e29ce/1/yXug4zV3GRxZ5RYLnk9rgJ96qNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/6a6313-8546-4031-be9b-8b2ebe4e29ce/1/Goed4cdfu9LDHR2QgUBW8n1X13Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:21:7b:1f:76:1c:4b:9f:16:2a:87:41:ea:50:80:07:72:84:
54:b0:98:ee:da:fe:c5:50:e7:5e:73:5b:2a:49:36:4f:7c:5e:
a4:36:1c:c6:93:ad:6f:d3:fe:c0:ca:59:e8:15:1f:20:4a:3d:
d4:5a:19:d4:60:80:02:9f:d6:1b:84:2c:18:82:f9:c1:01:ef:
3e:a5:ef:33:71:8f:56:7a:cc:df:cc:69:88:93:09:55:f5:79:
54:48:a6:12:77:76:50:9e:b6:cc:c7:06:1d:2e:25:b3:32:e0:
1c:cb:a4:c5:bd:70:18:ef:4d:b0:a8:67:24:5f:49:54:41:d1:
14:4b:c0:bd:23:5c:64:31:01:6e:d8:25:c3:33:c8:d3:1c:b9:
2c:f8:6a:fe:b7:4c:8a:1e:f2:60:9d:82:aa:6c:76:e6:29:8e:
f6:30:f6:b7:0b:96:13:d2:42:f5:f1:8b:09:e1:3e:55:ea:d8:
24:4d:35:bc:60:e0:b4:6b:04:b9:e4:68:e7:38:04:64:dc:73:
18:4c:eb:2f:d5:f6:ba:9f:63:77:43:ba:b2:4a:20:a2:90:4b:
b0:dc:09:dc:1f:07:dc:e1:b6:49:ca:95:c4:62:15:83:73:5d:
ad:91:49:2e:2d:64:13:2f:15:01:6b:a6:5f:60:8c:6e:e2:6d:
d3:a1:f9:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb2fsDYEgO+r/DVZSfWIFBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODc5ZGUxYzc1ZmJiZDJjMzFkMWQ5MDgxNDA1NmYyN2Q1
N2Q3NzYwHhcNMjMwMzE4MjA1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdiYTBlMzM1NzcxOTFjNTllNTE2MGI5ZTRmNmI4MDlmN2FhOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR0oRnm0cRTQPQALCd+QuH/9LxOZ
Vguk9uZ3sxflPzwH6UkCta9CY7uHS730PJoCHkSWXlxKVOEkBLELI/pjF68Mqyaz
CmerBaxp5eIv+31xAualRmNoKEMJn1GUcgbEYIBuMjxKHPtFp4AvWD+aEbOrwHZ1
9QKIyPMXi7db7Umt8DVMde7tbA2HTqMlp513liIM6DzGEQJelifjOREHPw17jH1A
TTYZ6YbJslJDTMBhIO8BnHKbRoiNgodynsWl5JaOC56O/LR9ruq589+ADIvBDZ56
K5fpJdtIv9Adkoc8nMoZydrGJeaoBpkzHrsXAU4hIfvzp5hazBpC4jaHtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl7oOM1dxkcWeUWC55Pa4CfeqjYMB8GA1UdIwQY
MBaAFBqHneHHX7vSwx0dkIFAVvJ9V9d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29lZDRjZGZ1OUxESFIyUWdVQlc4bjFYMTNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS82YTYzMTMtODU0Ni00MDMxLWJlOWIt
OGIyZWJlNGUyOWNlLzEveVh1ZzR6VjNHUnhaNVJZTG5rOXJnSjk2cU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS82YTYzMTMtODU0Ni00MDMxLWJlOWItOGIyZWJlNGUyOWNl
LzEvR29lZDRjZGZ1OUxESFIyUWdVQlc4bjFYMTNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY4oMA0G
CSqGSIb3DQEBCwUAA4IBAQCcIXsfdhxLnxYqh0HqUIAHcoRUsJju2v7FUOdec1sq
STZPfF6kNhzGk61v0/7AylnoFR8gSj3UWhnUYIACn9YbhCwYgvnBAe8+pe8zcY9W
eszfzGmIkwlV9XlUSKYSd3ZQnrbMxwYdLiWzMuAcy6TFvXAY702wqGckX0lUQdEU
S8C9I1xkMQFu2CXDM8jTHLks+Gr+t0yKHvJgnYKqbHbmKY72MPa3C5YT0kL18YsJ
4T5V6tgkTTW8YOC0awS55GjnOARk3HMYTOsv1fa6n2N3Q7qySiCikEuw3AncHwfc
4bZJypXEYhWDc12tkUkuLWQTLxUBa6ZfYIxu4m3Tofmw
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:56 2024 by rpki-client on console.sobornost.net