Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/fti1Y0fyyr6HUYPBgJoCEsLEW8M.roa
File: fti1Y0fyyr6HUYPBgJoCEsLEW8M.roa (raw, json)
Hash identifier: MTbpHesoMwPCyEMO4Eobmg7/jmB83oVFkgf823aJoFo=
Subject key identifier: 7E:D8:B5:63:47:F2:CA:BE:87:51:83:C1:80:9A:02:12:C2:C4:5B:C3
Certificate issuer: /CN=d25b90b8981b591d75a7e935e1304a74075602fd
Certificate serial: 018934F44611BF83467C78992BBE64A2E2AB
Authority key identifier: D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/fti1Y0fyyr6HUYPBgJoCEsLEW8M.roa
Signing time: Sat 08 Jul 2023 10:02:51 +0000
ROA not before: Sat 08 Jul 2023 10:02:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205798
IP address blocks: 193.141.177.0/24 maxlen: 24
193.141.109.0/24 maxlen: 24
193.141.121.0/24 maxlen: 24
193.142.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:34:f4:46:11:bf:83:46:7c:78:99:2b:be:64:a2:e2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25b90b8981b591d75a7e935e1304a74075602fd
Validity
Not Before: Jul 8 10:02:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ed8b56347f2cabe875183c1809a0212c2c45bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:16:65:42:79:3e:d6:b5:f3:06:14:75:14:16:
c8:5d:03:a6:79:ca:98:de:76:c4:06:b4:0f:ca:4b:
98:dc:ea:b8:f4:56:42:c2:e3:84:cd:0f:ef:7a:f5:
74:c3:cd:2d:7c:76:47:fd:c5:93:5e:5c:36:ae:6b:
89:bb:d3:d5:58:21:77:1d:a6:96:b0:85:4f:48:60:
0c:09:56:4d:48:05:93:ba:d8:71:77:61:60:0f:2e:
08:6d:22:52:c0:46:bb:44:dd:03:09:cf:68:3a:5e:
23:50:ec:b4:51:6f:b7:5c:31:f3:76:d2:36:13:55:
da:f5:6b:8b:74:dd:d7:2e:bd:df:23:d4:ac:43:a3:
1f:08:58:1f:5e:67:e0:7a:21:6b:20:63:2b:11:ec:
b8:7e:04:94:93:c8:16:f5:1c:70:43:fb:41:fe:63:
5d:23:54:61:b2:cb:93:b3:b8:93:27:15:ab:36:f2:
9b:48:0c:15:ee:1c:2e:e4:44:b5:ab:64:d1:51:30:
76:19:1d:27:a0:10:ed:a9:5a:82:58:1a:7a:93:ec:
12:d7:7a:6f:0f:b7:f1:6e:32:9b:89:0e:3d:e9:ee:
3d:89:72:93:32:ed:f7:70:cb:9d:52:8e:f9:04:b7:
d5:e1:ec:5b:84:fa:c5:77:90:1a:e3:b9:4d:ab:b5:
a0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D8:B5:63:47:F2:CA:BE:87:51:83:C1:80:9A:02:12:C2:C4:5B:C3
X509v3 Authority Key Identifier:
keyid:D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/fti1Y0fyyr6HUYPBgJoCEsLEW8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.109.0/24
193.141.121.0/24
193.141.177.0/24
193.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ba:3d:e9:8f:16:4a:61:d0:83:6b:2d:5f:99:58:b2:80:aa:
38:17:b5:58:49:20:9e:a3:f0:a1:9a:66:d1:a3:f8:a9:c8:61:
9d:b1:1a:7a:ed:d2:76:47:8e:f6:4a:de:03:5f:79:60:b6:e5:
03:fe:03:01:1f:2f:6c:7a:d0:61:b2:f6:8f:50:fe:68:70:b4:
35:2c:4e:e0:41:08:05:fb:34:43:48:dc:bf:aa:18:fb:76:2b:
c2:24:fb:55:05:e1:da:5a:94:3f:d9:29:97:4a:63:31:47:6f:
c7:37:33:f8:0c:4f:ac:bb:0f:b6:51:db:5a:06:73:11:39:f5:
a6:42:9f:20:fe:f4:f8:9e:94:15:79:6e:fe:5d:a8:30:ae:27:
2d:66:4b:d2:dd:c9:62:5b:db:e6:cd:8f:e7:62:9e:ea:29:54:
d6:95:77:d1:b5:9a:00:44:45:ca:f1:ba:21:52:4a:39:d3:4e:
43:97:28:c5:53:f8:27:2a:8c:50:e7:b8:aa:bb:9f:18:1b:3c:
13:87:36:f4:ed:8b:fb:f1:ea:2a:61:5c:db:22:07:e7:4a:d9:
0d:6f:35:ee:6d:6b:99:2b:5e:cd:c9:24:5c:14:3e:66:f3:7f:
32:55:ee:a6:79:aa:5b:bd:81:11:0b:2d:64:f2:af:71:80:b8:
85:e1:73:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYk09EYRv4NGfHiZK75kouKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWI5MGI4OTgxYjU5MWQ3NWE3ZTkzNWUxMzA0YTc0MDc1
NjAyZmQwHhcNMjMwNzA4MTAwMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQ4YjU2MzQ3ZjJjYWJlODc1MTgzYzE4MDlhMDIxMmMyYzQ1YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RZlQnk+1rXzBhR1FBbIXQOmecqY
3nbEBrQPykuY3Oq49FZCwuOEzQ/vevV0w80tfHZH/cWTXlw2rmuJu9PVWCF3HaaW
sIVPSGAMCVZNSAWTuthxd2FgDy4IbSJSwEa7RN0DCc9oOl4jUOy0UW+3XDHzdtI2
E1Xa9WuLdN3XLr3fI9SsQ6MfCFgfXmfgeiFrIGMrEey4fgSUk8gW9RxwQ/tB/mNd
I1RhssuTs7iTJxWrNvKbSAwV7hwu5ES1q2TRUTB2GR0noBDtqVqCWBp6k+wS13pv
D7fxbjKbiQ496e49iXKTMu33cMudUo75BLfV4exbhPrFd5Aa47lNq7Wg/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH7YtWNH8sq+h1GDwYCaAhLCxFvDMB8GA1UdIwQY
MBaAFNJbkLiYG1kddafpNeEwSnQHVgL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODct
YTJhYmRhZGY1ZjkwLzEvZnRpMVkwZnl5cjZIVVlQQmdKb0NFc0xFVzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODctYTJhYmRhZGY1Zjkw
LzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwY1tAwQA
wY15AwQAwY2xAwQAwY4DMA0GCSqGSIb3DQEBCwUAA4IBAQA3uj3pjxZKYdCDay1f
mViygKo4F7VYSSCeo/ChmmbRo/ipyGGdsRp67dJ2R472St4DX3lgtuUD/gMBHy9s
etBhsvaPUP5ocLQ1LE7gQQgF+zRDSNy/qhj7divCJPtVBeHaWpQ/2SmXSmMxR2/H
NzP4DE+suw+2UdtaBnMROfWmQp8g/vT4npQVeW7+XagwrictZkvS3cliW9vmzY/n
Yp7qKVTWlXfRtZoAREXK8bohUko5005DlyjFU/gnKoxQ57iqu58YGzwThzb07Yv7
8eoqYVzbIgfnStkNbzXubWuZK17NySRcFD5m838yVe6meapbvYERCy1k8q9xgLiF
4XMJ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:44 2023 by rpki-client on console.sobornost.net