Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/bbJm83RcHPZOS2X2NIeht7jkeaQ.roa
File: bbJm83RcHPZOS2X2NIeht7jkeaQ.roa (raw, json)
Hash identifier: Grx2ho8pObfmpHQeXvf45lEMFgTshkTD0RkTF8UrZL8=
Subject key identifier: 6D:B2:66:F3:74:5C:1C:F6:4E:4B:65:F6:34:87:A1:B7:B8:E4:79:A4
Certificate issuer: /CN=79730b9ea010d832f940efb589c51889132f4c94
Certificate serial: 01856EEFFEE5ABB066FA34CB0D6D922CA8DB
Authority key identifier: 79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/bbJm83RcHPZOS2X2NIeht7jkeaQ.roa
Signing time: Sun 01 Jan 2023 20:05:00 +0000
ROA not before: Sun 01 Jan 2023 20:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 194.26.191.0/24 maxlen: 24
2a0a:a3c0:b0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:fe:e5:ab:b0:66:fa:34:cb:0d:6d:92:2c:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79730b9ea010d832f940efb589c51889132f4c94
Validity
Not Before: Jan 1 20:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6db266f3745c1cf64e4b65f63487a1b7b8e479a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3f:02:59:54:1a:bc:57:6b:e5:06:35:bb:d4:
56:70:a0:99:12:ec:2b:c3:1c:39:a3:b7:2a:92:c2:
36:4c:01:d5:c6:8d:45:7a:e5:4d:03:b0:73:e4:95:
9b:78:4b:e7:52:40:3f:2c:3d:53:d0:33:19:4c:55:
0c:2a:f4:16:12:ce:a4:d5:ff:18:b1:43:e2:82:ab:
1c:78:fc:c4:43:26:d1:66:00:8d:3e:f0:14:14:65:
76:73:af:cc:fa:c8:89:5d:f7:21:e4:69:9b:81:0a:
87:d6:02:26:10:d3:2e:71:a9:fb:3e:a8:5b:c9:4b:
3c:a9:16:d5:0a:e0:fe:fe:09:96:34:40:b8:0f:53:
14:98:1e:70:1f:c2:48:45:a6:3e:97:27:1c:47:cd:
e6:75:81:4d:d9:72:aa:80:c1:68:d2:1c:bf:73:78:
9c:f5:33:0a:ac:84:b1:fa:60:ac:b3:c1:c4:6b:7b:
77:06:0f:2c:40:fb:4e:09:95:73:2b:20:44:6f:40:
a2:de:99:14:02:d9:ea:14:0a:83:9e:4e:b8:ec:3b:
84:4f:ec:6b:63:91:67:c1:dd:d6:9c:1e:02:60:d0:
22:99:d3:26:aa:d2:7f:a3:21:76:2b:cd:e1:66:c3:
08:8e:80:cb:8d:68:3b:9b:68:6c:02:a1:c3:b8:ab:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B2:66:F3:74:5C:1C:F6:4E:4B:65:F6:34:87:A1:B7:B8:E4:79:A4
X509v3 Authority Key Identifier:
keyid:79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/bbJm83RcHPZOS2X2NIeht7jkeaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.191.0/24
IPv6:
2a0a:a3c0:b0::/44
Signature Algorithm: sha256WithRSAEncryption
5a:bc:17:db:12:e3:0d:e3:78:da:b1:5c:57:7b:23:1a:cd:8e:
b9:d6:4a:b5:a8:8c:7a:95:c3:fa:bb:b2:50:0e:91:c8:a2:84:
8c:ac:f3:ac:cb:d4:49:71:1d:55:d5:b1:62:99:47:5d:09:7a:
12:ce:6a:6a:ce:80:b6:de:ca:f9:35:a5:90:aa:71:e2:43:6e:
50:7c:9a:0e:8f:46:4d:44:b8:b5:06:08:cd:bb:ba:b7:a6:48:
34:fb:cf:c5:b9:0e:f9:13:d3:d1:90:40:a0:43:bb:a0:c7:09:
a3:27:bb:5f:d0:28:b9:85:a9:bb:2c:a3:3e:39:0a:5c:21:b6:
f7:03:b1:0f:e2:c0:90:de:b2:0d:6b:ff:fe:0c:8a:3e:60:3d:
9a:1a:cc:e0:5d:93:1a:6d:83:af:a4:16:04:a5:cc:61:c3:c7:
89:39:4f:2b:02:b2:eb:fc:c3:37:b3:dc:a9:67:17:00:ea:3f:
a6:8d:fa:fb:e2:53:ae:93:79:79:ad:9b:d0:3d:aa:08:f1:18:
aa:2b:b1:d0:be:99:cf:69:5c:17:47:39:e2:10:62:5c:25:75:
04:b7:c3:bf:25:21:4d:c5:e6:72:a3:11:62:ea:fb:c7:64:52:
89:c4:18:ab:e1:2f:1a:1a:a5:11:d0:1f:6a:16:05:49:8e:ca:
16:c1:42:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu7/7lq7Bm+jTLDW2SLKjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzMwYjllYTAxMGQ4MzJmOTQwZWZiNTg5YzUxODg5MTMy
ZjRjOTQwHhcNMjMwMTAxMjAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIyNjZmMzc0NWMxY2Y2NGU0YjY1ZjYzNDg3YTFiN2I4ZTQ3OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD8CWVQavFdr5QY1u9RWcKCZEuwr
wxw5o7cqksI2TAHVxo1FeuVNA7Bz5JWbeEvnUkA/LD1T0DMZTFUMKvQWEs6k1f8Y
sUPigqscePzEQybRZgCNPvAUFGV2c6/M+siJXfch5GmbgQqH1gImENMucan7Pqhb
yUs8qRbVCuD+/gmWNEC4D1MUmB5wH8JIRaY+lyccR83mdYFN2XKqgMFo0hy/c3ic
9TMKrISx+mCss8HEa3t3Bg8sQPtOCZVzKyBEb0Ci3pkUAtnqFAqDnk647DuET+xr
Y5Fnwd3WnB4CYNAimdMmqtJ/oyF2K83hZsMIjoDLjWg7m2hsAqHDuKvDaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2yZvN0XBz2Tktl9jSHobe45HmkMB8GA1UdIwQY
MBaAFHlzC56gENgy+UDvtYnFGIkTL0yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODct
Mzk2MDVmOTA4MWI3LzEvYmJKbTgzUmNIUFpPUzJYMk5JZWh0N2prZWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODctMzk2MDVmOTA4MWI3
LzEvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwhq/MA8E
AgACMAkDBwQqCqPAALAwDQYJKoZIhvcNAQELBQADggEBAFq8F9sS4w3jeNqxXFd7
IxrNjrnWSrWojHqVw/q7slAOkciihIys86zL1ElxHVXVsWKZR10JehLOamrOgLbe
yvk1pZCqceJDblB8mg6PRk1EuLUGCM27uremSDT7z8W5DvkT09GQQKBDu6DHCaMn
u1/QKLmFqbssoz45ClwhtvcDsQ/iwJDesg1r//4Mij5gPZoazOBdkxptg6+kFgSl
zGHDx4k5TysCsuv8wzez3KlnFwDqP6aN+vviU66TeXmtm9A9qgjxGKorsdC+mc9p
XBdHOeIQYlwldQS3w78lIU3F5nKjEWLq+8dkUonEGKvhLxoapRHQH2oWBUmOyhbB
Quw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:14:58 2024 by rpki-client on console.sobornost.net