Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa
File: U_pi0c9e6vTuhL1bV-SctIKcwYk.roa (raw, json)
Hash identifier: WKkZHs94xhzYVGmk7ewNBvDm34AW7UOZLIzoVmqg0XY=
Subject key identifier: 53:FA:62:D1:CF:5E:EA:F4:EE:84:BD:5B:57:E4:9C:B4:82:9C:C1:89
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 01856C1392BCBED3CE22756EE1CCD2B3D665
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa
Signing time: Sun 01 Jan 2023 06:45:00 +0000
ROA not before: Sun 01 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208976
IP address blocks: 194.147.211.0/24 maxlen: 24
2a12:66c6::/32 maxlen: 32
2a12:66c7::/48 maxlen: 48
2a12:66c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:92:bc:be:d3:ce:22:75:6e:e1:cc:d2:b3:d6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Jan 1 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53fa62d1cf5eeaf4ee84bd5b57e49cb4829cc189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ed:df:6f:21:85:27:78:93:bd:e2:3d:0b:db:
ad:70:78:53:03:4a:88:fd:ee:0f:c4:62:28:4b:48:
df:a1:7c:42:0a:6a:b8:b4:03:f3:31:61:b5:a9:c5:
95:87:36:20:1e:bc:d2:46:42:31:f9:05:f2:8c:33:
32:82:3c:30:3f:78:f6:3e:53:2c:13:0a:55:5f:8b:
a0:5e:d9:76:8f:66:22:e6:c9:ac:f9:e1:b7:59:bc:
fd:3a:1c:aa:70:90:27:5f:fd:12:15:c6:f1:c7:bd:
e6:d5:d2:a5:b7:d2:4d:6c:95:bd:f2:a8:8e:d8:f0:
f1:1d:3e:34:cb:75:d4:8e:fc:10:ba:27:48:14:8a:
42:45:7f:41:27:c6:d7:63:c3:0c:5b:ba:9a:fd:44:
05:29:f9:a9:84:ba:a5:42:81:14:80:f8:d3:68:c4:
78:4c:87:40:78:c9:0c:b0:1d:99:4b:3f:6e:99:d3:
26:8e:27:08:81:72:d2:e4:f3:42:3c:a5:99:b5:bb:
1e:65:e8:3f:9a:79:fc:cd:43:87:b3:f7:fa:57:43:
e4:14:b4:91:55:59:0d:7c:11:43:0f:3e:86:67:7c:
fe:c0:1d:c4:ac:5f:02:64:91:2c:7e:5a:f0:e9:d6:
61:39:70:02:8a:ff:90:59:d3:88:e7:46:6f:d3:6b:
0c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:62:D1:CF:5E:EA:F4:EE:84:BD:5B:57:E4:9C:B4:82:9C:C1:89
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/U_pi0c9e6vTuhL1bV-SctIKcwYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.211.0/24
IPv6:
2a12:66c0::/32
2a12:66c6::-2a12:66c7:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:cf:01:21:88:4e:e4:e0:6d:05:09:ba:ea:e5:78:75:93:c1:
e4:c5:9e:0c:d9:0a:69:62:55:ff:7c:02:e9:11:69:18:b8:10:
b6:75:37:0d:0e:e9:a8:48:4f:d9:d4:fc:73:a1:f3:19:5a:01:
df:db:1b:69:00:cb:12:7a:0f:33:dd:a3:73:49:36:84:bb:54:
dd:2e:35:a9:07:33:01:d6:3f:d1:14:31:51:4c:45:f1:1b:db:
34:b1:33:7b:bb:d9:32:07:42:2c:77:51:79:16:69:2c:8c:66:
87:47:66:48:8e:60:87:5a:88:31:bf:50:6c:a9:b1:65:93:c5:
f2:5e:ed:13:05:00:13:9e:8c:21:31:be:33:35:92:bd:2a:cc:
54:cc:c8:dc:02:ec:72:c1:71:86:bc:60:ef:7c:2d:ed:1e:ce:
c6:e7:de:79:a2:28:a0:eb:ea:2a:0a:a4:47:b2:44:ff:00:af:
f4:d2:d0:9d:56:25:68:88:0a:52:09:c7:1d:e2:a6:06:2e:d8:
46:cd:76:e5:6e:54:70:ea:6b:11:bf:e6:bf:eb:88:44:e3:6d:
6d:df:fd:84:7a:a0:19:18:fd:18:f2:11:a5:e2:06:f0:f8:85:
80:40:c8:b2:8a:9f:94:28:9f:28:6a:1c:ff:35:57:2c:7a:65:
1a:39:93:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsE5K8vtPOInVu4czSs9ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjMwMTAxMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZhNjJkMWNmNWVlYWY0ZWU4NGJkNWI1N2U0OWNiNDgyOWNjMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou3fbyGFJ3iTveI9C9utcHhTA0qI
/e4PxGIoS0jfoXxCCmq4tAPzMWG1qcWVhzYgHrzSRkIx+QXyjDMygjwwP3j2PlMs
EwpVX4ugXtl2j2Yi5sms+eG3Wbz9OhyqcJAnX/0SFcbxx73m1dKlt9JNbJW98qiO
2PDxHT40y3XUjvwQuidIFIpCRX9BJ8bXY8MMW7qa/UQFKfmphLqlQoEUgPjTaMR4
TIdAeMkMsB2ZSz9umdMmjicIgXLS5PNCPKWZtbseZeg/mnn8zUOHs/f6V0PkFLSR
VVkNfBFDDz6GZ3z+wB3ErF8CZJEsflrw6dZhOXACiv+QWdOI50Zv02sMGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFP6YtHPXur07oS9W1fknLSCnMGJMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvVV9waTBjOWU2dlR1aEwxYlYtU2N0SUtjd1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAwpPTMB8E
AgACMBkDBQAqEmbAMBADBQEqEmbGAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdzwEhiE7k4G0FCbrq5Xh1k8HkxZ4M2QppYlX/fALpEWkYuBC2dTcNDumoSE/Z
1PxzofMZWgHf2xtpAMsSeg8z3aNzSTaEu1TdLjWpBzMB1j/RFDFRTEXxG9s0sTN7
u9kyB0Isd1F5FmksjGaHR2ZIjmCHWogxv1BsqbFlk8XyXu0TBQATnowhMb4zNZK9
KsxUzMjcAuxywXGGvGDvfC3tHs7G5955oiig6+oqCqRHskT/AK/00tCdViVoiApS
Cccd4qYGLthGzXblblRw6msRv+a/64hE421t3/2EeqAZGP0Y8hGl4gbw+IWAQMiy
ip+UKJ8oahz/NVcsemUaOZMw
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:25 2024 by rpki-client on console.sobornost.net