Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/T1esTm04zXyfhg8j7Q-wnWGjWzE.roa
File: T1esTm04zXyfhg8j7Q-wnWGjWzE.roa (raw, json)
Hash identifier: b2EJPxckBcOQBmeiwEp5N1d9whGH9av4XDU4j/MzKOI=
Subject key identifier: 4F:57:AC:4E:6D:38:CD:7C:9F:86:0F:23:ED:0F:B0:9D:61:A3:5B:31
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 01863A6D9F0FBF694AE306DDEC7F618E4423
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/T1esTm04zXyfhg8j7Q-wnWGjWzE.roa
Signing time: Fri 10 Feb 2023 08:25:08 +0000
ROA not before: Fri 10 Feb 2023 08:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20668
IP address blocks: 93.113.128.0/24 maxlen: 24
188.213.35.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:6d:9f:0f:bf:69:4a:e3:06:dd:ec:7f:61:8e:44:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Feb 10 08:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f57ac4e6d38cd7c9f860f23ed0fb09d61a35b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:d0:c8:f2:3e:d9:6a:28:8b:5b:77:d0:3b:
cc:24:87:8b:6a:af:5b:cc:8a:80:c3:8f:f5:78:91:
8a:07:26:bb:0f:1c:5d:a8:f4:5a:2d:27:fd:33:76:
e8:4b:9a:2f:9c:ba:c0:13:d5:20:a7:09:32:66:bc:
ab:4f:74:80:af:6c:57:f2:33:93:fa:6d:2b:6f:8c:
be:b5:39:05:58:22:43:c2:a2:c9:66:06:e0:fc:d4:
ca:da:eb:14:3d:7f:3d:3b:d4:c3:f4:1a:f1:c6:99:
e5:f7:36:e5:16:ba:9f:ec:5a:7a:46:92:5a:46:75:
42:92:8b:c8:d9:fc:b3:23:5d:41:e7:78:70:7c:0a:
1f:e7:75:23:f5:4c:3f:ab:7a:94:b1:bb:21:34:9c:
b6:75:50:69:75:a2:65:16:18:8f:a8:52:d5:ce:a9:
80:55:71:00:db:67:af:60:01:c9:88:9b:10:12:53:
3a:56:4e:6b:6f:fa:5b:a8:98:f9:19:72:93:a4:1b:
e9:93:ea:cc:d9:cc:10:5c:87:e7:23:ca:c8:33:ee:
c1:d8:26:4e:e5:42:85:d0:c0:c5:89:fd:3b:8c:80:
c8:de:dd:f1:af:7e:65:a2:78:55:49:fa:cd:62:3a:
31:d3:ae:df:ed:bf:48:a3:dc:17:ab:2d:cb:15:91:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:57:AC:4E:6D:38:CD:7C:9F:86:0F:23:ED:0F:B0:9D:61:A3:5B:31
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/T1esTm04zXyfhg8j7Q-wnWGjWzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.128.0/24
93.113.205.0/24
188.213.35.0/24
Signature Algorithm: sha256WithRSAEncryption
35:71:3f:53:20:67:3e:aa:52:ba:ef:1c:9c:9f:ec:b6:59:68:
a0:d2:f3:56:68:c2:4c:91:aa:25:6c:b0:8e:d2:70:70:6a:50:
87:4e:a0:b6:5b:48:b6:61:b7:1a:6a:93:69:75:ac:3f:a8:bf:
0f:2f:a4:99:bf:0a:cd:2a:9c:de:fc:18:35:6b:45:51:3a:73:
8f:67:22:ad:3e:f2:83:3f:fa:49:10:d3:60:5e:aa:64:26:08:
33:69:79:4e:0c:9c:b3:21:88:63:18:56:8e:23:16:1c:26:18:
9b:2a:cf:e2:36:a6:0b:40:21:31:c4:f0:c0:6a:e5:e2:86:70:
91:be:0a:1c:be:59:83:e7:ca:95:32:d6:0f:75:40:4e:78:2d:
0b:35:82:35:31:c0:08:fb:bb:cd:63:99:78:65:eb:ef:b0:06:
66:52:a0:25:a4:47:4d:13:03:cc:0b:90:17:34:43:03:99:e7:
15:01:ec:c4:f2:09:86:c2:37:61:c2:d8:17:46:af:7e:b8:2d:
c2:5c:aa:1f:58:69:44:a9:41:3b:ba:40:9e:3b:20:ca:54:bb:
64:38:b6:7b:33:10:73:6e:30:c0:7f:41:2d:5b:97:dd:22:94:
f9:0d:3c:82:e8:43:91:8e:05:dc:bf:10:b6:9b:b8:c6:92:c0:
c0:dc:49:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY6bZ8Pv2lK4wbd7H9hjkQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjMwMjEwMDgyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjU3YWM0ZTZkMzhjZDdjOWY4NjBmMjNlZDBmYjA5ZDYxYTM1YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcrQyPI+2Wooi1t30DvMJIeLaq9b
zIqAw4/1eJGKBya7DxxdqPRaLSf9M3boS5ovnLrAE9UgpwkyZryrT3SAr2xX8jOT
+m0rb4y+tTkFWCJDwqLJZgbg/NTK2usUPX89O9TD9Brxxpnl9zblFrqf7Fp6RpJa
RnVCkovI2fyzI11B53hwfAof53Uj9Uw/q3qUsbshNJy2dVBpdaJlFhiPqFLVzqmA
VXEA22evYAHJiJsQElM6Vk5rb/pbqJj5GXKTpBvpk+rM2cwQXIfnI8rIM+7B2CZO
5UKF0MDFif07jIDI3t3xr35lonhVSfrNYjox067f7b9Io9wXqy3LFZERUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE9XrE5tOM18n4YPI+0PsJ1ho1sxMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvVDFlc1RtMDR6WHlmaGc4ajdRLXduV0dqV3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXGAAwQA
XXHNAwQAvNUjMA0GCSqGSIb3DQEBCwUAA4IBAQA1cT9TIGc+qlK67xycn+y2WWig
0vNWaMJMkaolbLCO0nBwalCHTqC2W0i2YbcaapNpdaw/qL8PL6SZvwrNKpze/Bg1
a0VROnOPZyKtPvKDP/pJENNgXqpkJggzaXlODJyzIYhjGFaOIxYcJhibKs/iNqYL
QCExxPDAauXihnCRvgocvlmD58qVMtYPdUBOeC0LNYI1McAI+7vNY5l4ZevvsAZm
UqAlpEdNEwPMC5AXNEMDmecVAezE8gmGwjdhwtgXRq9+uC3CXKofWGlEqUE7ukCe
OyDKVLtkOLZ7MxBzbjDAf0EtW5fdIpT5DTyC6EORjgXcvxC2m7jGksDA3EmZ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:41 2023 by rpki-client on console.sobornost.net