Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/yJJqcJ72ER3IQKJnDYt8DIP-PLg.roa
File: yJJqcJ72ER3IQKJnDYt8DIP-PLg.roa (raw, json)
Hash identifier: dEV9vBHvYivjaH6ClN5Woy5sXX2ZFzlh5Tbus+/pFP4=
Subject key identifier: C8:92:6A:70:9E:F6:11:1D:C8:40:A2:67:0D:8B:7C:0C:83:FE:3C:B8
Certificate issuer: /CN=bfbb03016c83cea8aa4fa9c36a3643a565cc93e6
Certificate serial: 01856F7003E1044BE4A59A219FFCA1CCA724
Authority key identifier: BF:BB:03:01:6C:83:CE:A8:AA:4F:A9:C3:6A:36:43:A5:65:CC:93:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7sDAWyDzqiqT6nDajZDpWXMk-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/yJJqcJ72ER3IQKJnDYt8DIP-PLg.roa
Signing time: Sun 01 Jan 2023 22:24:50 +0000
ROA not before: Sun 01 Jan 2023 22:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20676
IP address blocks: 193.100.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:03:e1:04:4b:e4:a5:9a:21:9f:fc:a1:cc:a7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfbb03016c83cea8aa4fa9c36a3643a565cc93e6
Validity
Not Before: Jan 1 22:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8926a709ef6111dc840a2670d8b7c0c83fe3cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b5:b1:42:3e:84:ad:b7:86:10:73:ef:e1:17:
f3:3e:1b:3c:cc:ab:96:7f:31:11:97:12:5c:d2:75:
9a:cc:8e:db:18:ed:43:37:8e:15:a8:15:d9:cd:9f:
c1:ce:6e:8a:ae:84:eb:e1:9f:f9:1b:23:b9:f6:04:
56:9a:d0:fe:e8:4c:e7:23:cc:ce:65:01:91:a7:35:
48:4e:ee:b4:04:dc:97:3c:59:07:e9:13:a2:b9:a9:
74:b0:c8:44:34:ae:74:06:77:dc:b9:cf:96:16:6f:
58:26:5f:f5:1c:ec:d0:41:ce:21:2e:f2:19:89:c6:
d9:1f:46:a3:6d:9a:9e:9f:5a:9a:e2:e2:b2:6e:df:
3d:29:56:bb:9f:ff:e7:91:89:e1:e0:16:3e:54:4d:
06:61:b8:ac:90:c8:e2:17:6b:d7:3c:c5:af:a0:38:
94:2b:f4:b6:99:92:e4:5b:52:47:b6:ae:31:d9:2b:
1f:61:57:82:86:f1:65:ac:c8:2e:b9:23:5b:db:e4:
c1:1f:32:ab:34:07:db:d5:e6:9c:63:b4:bb:b1:ac:
b7:2d:64:db:70:93:1b:21:e7:68:64:5f:cf:11:08:
8f:47:29:0a:f9:7f:10:1d:25:97:18:de:dd:10:30:
59:98:81:32:0c:75:97:a6:01:89:d6:ad:0d:60:59:
36:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:92:6A:70:9E:F6:11:1D:C8:40:A2:67:0D:8B:7C:0C:83:FE:3C:B8
X509v3 Authority Key Identifier:
keyid:BF:BB:03:01:6C:83:CE:A8:AA:4F:A9:C3:6A:36:43:A5:65:CC:93:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7sDAWyDzqiqT6nDajZDpWXMk-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/yJJqcJ72ER3IQKJnDYt8DIP-PLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3f3e57-0e00-4f2f-976b-414f09b92c15/1/v7sDAWyDzqiqT6nDajZDpWXMk-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c2:00:35:e1:bd:c8:8f:12:41:05:84:f6:5a:9a:bc:a6:c4:
b4:7a:4a:5a:21:8d:fb:4a:d8:5c:75:70:e0:8e:0f:17:c3:a6:
eb:b4:82:51:c3:0a:a8:51:d6:a8:f3:47:de:b8:5a:d3:1d:19:
ab:20:99:46:05:9a:bc:68:62:a4:49:38:d8:52:41:f0:e7:5e:
1e:2e:78:51:c5:4b:40:e7:40:1b:5d:34:0b:3c:07:96:f1:e6:
64:a8:17:7f:1c:90:26:9e:ae:13:57:5e:d0:fb:40:43:6f:3a:
5f:29:36:6b:cb:3d:cc:a3:50:a0:fb:a4:c6:9f:da:e6:e9:8c:
56:97:2e:27:05:e8:e9:01:9b:38:21:f0:04:d8:3a:ee:55:54:
ed:3a:83:ed:77:83:2b:46:e6:8e:5a:fb:ee:1c:fc:a5:46:92:
12:66:8a:f9:e6:f9:27:0a:7e:e4:74:cb:22:32:c3:a3:a1:4f:
b4:a9:9f:8a:4e:bf:43:14:31:72:d4:5f:6c:a6:6f:96:5f:1b:
d0:b2:4c:70:b8:24:63:a1:29:4e:cb:4f:17:60:4e:8a:78:45:
7c:8b:ef:7b:c8:a7:79:5d:7b:d8:a7:38:6b:dc:af:c0:1f:ca:
75:9d:25:97:96:9b:c0:61:df:2d:1c:00:91:b0:15:1a:be:dc:
a6:33:61:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcAPhBEvkpZohn/yhzKckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmIwMzAxNmM4M2NlYThhYTRmYTljMzZhMzY0M2E1NjVj
YzkzZTYwHhcNMjMwMTAxMjIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODkyNmE3MDllZjYxMTFkYzg0MGEyNjcwZDhiN2MwYzgzZmUzY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbWxQj6ErbeGEHPv4RfzPhs8zKuW
fzERlxJc0nWazI7bGO1DN44VqBXZzZ/Bzm6KroTr4Z/5GyO59gRWmtD+6EznI8zO
ZQGRpzVITu60BNyXPFkH6ROiual0sMhENK50Bnfcuc+WFm9YJl/1HOzQQc4hLvIZ
icbZH0ajbZqen1qa4uKybt89KVa7n//nkYnh4BY+VE0GYbiskMjiF2vXPMWvoDiU
K/S2mZLkW1JHtq4x2SsfYVeChvFlrMguuSNb2+TBHzKrNAfb1eacY7S7say3LWTb
cJMbIedoZF/PEQiPRykK+X8QHSWXGN7dEDBZmIEyDHWXpgGJ1q0NYFk23QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiSanCe9hEdyECiZw2LfAyD/jy4MB8GA1UdIwQY
MBaAFL+7AwFsg86oqk+pw2o2Q6VlzJPmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdzREFXeUR6cWlxVDZuRGFqWkRwV1hNay1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zZjNlNTctMGUwMC00ZjJmLTk3NmIt
NDE0ZjA5YjkyYzE1LzEveUpKcWNKNzJFUjNJUUtKbkRZdDhESVAtUExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zZjNlNTctMGUwMC00ZjJmLTk3NmItNDE0ZjA5YjkyYzE1
LzEvdjdzREFXeUR6cWlxVDZuRGFqWkRwV1hNay1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWTRMA0G
CSqGSIb3DQEBCwUAA4IBAQAqwgA14b3IjxJBBYT2Wpq8psS0ekpaIY37SthcdXDg
jg8Xw6brtIJRwwqoUdao80feuFrTHRmrIJlGBZq8aGKkSTjYUkHw514eLnhRxUtA
50AbXTQLPAeW8eZkqBd/HJAmnq4TV17Q+0BDbzpfKTZryz3Mo1Cg+6TGn9rm6YxW
ly4nBejpAZs4IfAE2DruVVTtOoPtd4MrRuaOWvvuHPylRpISZor55vknCn7kdMsi
MsOjoU+0qZ+KTr9DFDFy1F9spm+WXxvQskxwuCRjoSlOy08XYE6KeEV8i+97yKd5
XXvYpzhr3K/AH8p1nSWXlpvAYd8tHACRsBUavtymM2Gk
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:54 2024 by rpki-client on console.sobornost.net