Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/cTRQwNLHSDHvX8D4E6aeB-Ugc8o.roa
File: cTRQwNLHSDHvX8D4E6aeB-Ugc8o.roa (raw, json)
Hash identifier: yLy+A67uWKhS0DqUE9s/mEWLLHlPhEkj1HCytS77VHw=
Subject key identifier: 71:34:50:C0:D2:C7:48:31:EF:5F:C0:F8:13:A6:9E:07:E5:20:73:CA
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 018EA40C3FBA43F1ED1CDEDB946AE626E7D6
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/cTRQwNLHSDHvX8D4E6aeB-Ugc8o.roa
Signing time: Wed 03 Apr 2024 13:00:49 +0000
ROA not before: Wed 03 Apr 2024 13:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Apr 2024 14:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:0c:3f:ba:43:f1:ed:1c:de:db:94:6a:e6:26:e7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: Apr 3 13:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=713450c0d2c74831ef5fc0f813a69e07e52073ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:49:23:56:79:4b:0b:a1:b4:be:00:8a:2f:
a7:3a:85:7c:87:b1:ca:32:22:56:6e:6e:e1:38:42:
c2:4a:4d:e4:12:55:8d:d6:0f:2a:45:75:32:95:72:
34:e1:f9:0d:3d:4d:ab:3c:c2:bf:2a:07:45:94:84:
3a:1c:da:03:2e:41:93:84:fe:50:64:58:b0:0c:f1:
c1:5a:22:22:3e:40:12:1c:4f:f5:b0:20:3a:f9:45:
e1:97:83:d5:ce:7b:b8:29:a2:33:56:43:fc:43:63:
e8:52:c3:6d:63:b3:db:56:59:b3:26:ac:9a:28:6d:
80:c1:a4:7b:1e:61:7e:8e:a2:ae:2d:3a:5d:05:16:
cb:08:0c:65:2d:98:32:b2:8b:6e:59:a4:d4:cf:c6:
6b:bd:65:ad:f0:d6:93:19:84:a0:a8:30:20:29:37:
cd:0b:29:54:f7:e1:bc:5d:cb:86:2d:8f:29:05:f8:
5f:ce:54:c6:b6:34:79:23:04:b7:6e:2e:d8:97:e8:
3c:19:19:7c:74:ab:d7:fc:58:ec:19:9f:b7:09:74:
0e:e7:63:d1:c0:31:20:e6:17:5b:dd:bd:83:a7:cd:
25:f5:aa:15:f0:a5:46:08:d4:f6:3b:b6:ca:b1:6e:
67:9f:8f:9f:d2:e5:67:fd:8d:9b:7a:58:77:05:a7:
18:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:34:50:C0:D2:C7:48:31:EF:5F:C0:F8:13:A6:9E:07:E5:20:73:CA
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/cTRQwNLHSDHvX8D4E6aeB-Ugc8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
Signature Algorithm: sha256WithRSAEncryption
27:c4:43:3e:89:71:53:3a:59:e1:52:ed:d5:fc:dd:87:bc:7e:
8f:c2:34:b2:a0:66:fa:85:c5:0b:8d:e7:6b:2f:bd:e5:b1:69:
5f:bb:3f:f6:a6:b3:05:74:52:65:85:29:12:62:8b:c8:dd:d3:
45:b6:17:19:c4:6f:05:30:f1:e7:ff:4c:a3:d5:74:3b:a1:44:
ff:35:ee:26:11:f1:67:16:6b:27:6e:ad:2b:6e:29:f5:e5:dd:
c4:1b:d2:ad:3f:78:51:67:0e:ca:3c:02:c2:94:b3:79:c4:05:
c6:d2:bb:cd:bc:98:9b:ed:b8:0a:8d:3b:53:1a:ba:5a:d5:8b:
d6:62:77:41:62:d1:9b:77:7e:19:c0:24:26:95:be:3a:8a:7d:
ee:2a:92:ce:23:97:62:5f:6d:b5:f9:22:e2:ea:2c:97:88:7e:
6c:1b:d5:03:14:a6:76:1e:64:e9:66:d7:ef:fb:4a:5f:60:21:
3b:1c:e7:57:52:2d:2d:05:31:22:b1:7f:f9:a3:6e:8b:12:23:
f8:14:9d:28:ad:48:8e:fb:5e:47:9c:40:31:f5:44:e8:c9:b6:
2c:ce:07:1f:ef:ff:d1:08:29:92:ac:3c:53:6c:35:34:96:83:
1f:ae:1c:2d:ba:e6:e1:9f:76:67:43:13:54:c5:c5:19:e8:5f:
a1:0e:db:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6kDD+6Q/HtHN7blGrmJufWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjQwNDAzMTMwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM0NTBjMGQyYzc0ODMxZWY1ZmMwZjgxM2E2OWUwN2U1MjA3M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVNJI1Z5SwuhtL4Aii+nOoV8h7HK
MiJWbm7hOELCSk3kElWN1g8qRXUylXI04fkNPU2rPMK/KgdFlIQ6HNoDLkGThP5Q
ZFiwDPHBWiIiPkASHE/1sCA6+UXhl4PVznu4KaIzVkP8Q2PoUsNtY7PbVlmzJqya
KG2AwaR7HmF+jqKuLTpdBRbLCAxlLZgysotuWaTUz8ZrvWWt8NaTGYSgqDAgKTfN
CylU9+G8XcuGLY8pBfhfzlTGtjR5IwS3bi7Yl+g8GRl8dKvX/FjsGZ+3CXQO52PR
wDEg5hdb3b2Dp80l9aoV8KVGCNT2O7bKsW5nn4+f0uVn/Y2belh3BacYVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHE0UMDSx0gx71/A+BOmngflIHPKMB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEvY1RSUXdOTEhTREh2WDhENEU2YWVCLVVnYzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/KtMA8E
AgACMAkDBwAgAQZ8BtgwDQYJKoZIhvcNAQELBQADggEBACfEQz6JcVM6WeFS7dX8
3Ye8fo/CNLKgZvqFxQuN52svveWxaV+7P/amswV0UmWFKRJii8jd00W2FxnEbwUw
8ef/TKPVdDuhRP817iYR8WcWaydurStuKfXl3cQb0q0/eFFnDso8AsKUs3nEBcbS
u828mJvtuAqNO1MaulrVi9Zid0Fi0Zt3fhnAJCaVvjqKfe4qks4jl2JfbbX5IuLq
LJeIfmwb1QMUpnYeZOlm1+/7Sl9gITsc51dSLS0FMSKxf/mjbosSI/gUnSitSI77
XkecQDH1ROjJtizOBx/v/9EIKZKsPFNsNTSWgx+uHC265uGfdmdDE1TFxRnoX6EO
22k=
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:02:40 2024 by rpki-client on console.sobornost.net