Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1925e7-1694-43ed-8fbc-43685887436c/1/4fovZTbOe9-RKknkLeDIU9JYdjE.roa
File: 4fovZTbOe9-RKknkLeDIU9JYdjE.roa (raw, json)
Hash identifier: I+JBkljIBfNUjvqVaO7WCyPvtw8xuIsuJqg0yDPSGEA=
Subject key identifier: E1:FA:2F:65:36:CE:7B:DF:91:2A:49:E4:2D:E0:C8:53:D2:58:76:31
Certificate issuer: /CN=794f551e97a132542e3b056e905de8f3dba24c9c
Certificate serial: 01856E38DA3D5A2062628F6433F9E38015CE
Authority key identifier: 79:4F:55:1E:97:A1:32:54:2E:3B:05:6E:90:5D:E8:F3:DB:A2:4C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eU9VHpehMlQuOwVukF3o89uiTJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1925e7-1694-43ed-8fbc-43685887436c/1/4fovZTbOe9-RKknkLeDIU9JYdjE.roa
Signing time: Sun 01 Jan 2023 16:44:57 +0000
ROA not before: Sun 01 Jan 2023 16:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47597
IP address blocks: 185.152.140.0/22 maxlen: 22
2a07:8280::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:da:3d:5a:20:62:62:8f:64:33:f9:e3:80:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=794f551e97a132542e3b056e905de8f3dba24c9c
Validity
Not Before: Jan 1 16:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1fa2f6536ce7bdf912a49e42de0c853d2587631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:65:a8:c5:4b:a2:e6:47:0c:34:9b:90:64:a1:
28:98:87:63:bc:9d:0f:a7:ee:df:9d:f2:f9:3f:c9:
e3:5e:40:8a:8a:52:b2:46:a6:c6:0c:67:1b:a0:87:
0b:23:b9:3c:5f:da:1d:6e:2a:a5:dc:50:c5:6b:3a:
d3:ef:6e:15:a5:1b:a2:0f:8a:4b:e4:9a:65:1f:3b:
0f:0d:ef:13:d5:bb:5d:aa:06:bf:e2:c2:d3:76:47:
28:93:e1:ca:56:6f:a0:5d:32:a1:ee:3a:a4:7c:bd:
9a:18:e9:06:8d:a9:de:a4:a5:14:47:1d:2e:ca:e4:
76:be:75:1d:5b:5e:d5:d7:ab:bd:94:66:34:5d:51:
77:2f:08:ee:ca:c3:34:af:db:11:9f:34:8d:43:4f:
61:ff:8e:d7:58:40:7d:63:b2:0f:3f:98:eb:20:34:
37:fc:24:29:95:eb:74:98:32:9c:6e:de:44:1c:e7:
08:0e:43:55:c8:8c:ac:15:d2:35:98:6d:a2:b2:39:
33:fb:5f:c7:6f:fb:a4:52:60:fa:2d:e6:8f:c9:02:
0a:d3:52:6b:fb:7b:23:54:54:78:be:da:e6:ab:33:
b7:06:74:4a:87:82:c7:c9:05:bd:4a:40:d9:d6:d7:
f9:50:36:bd:17:c4:9c:7d:b7:a7:cc:05:2c:8b:e9:
7d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FA:2F:65:36:CE:7B:DF:91:2A:49:E4:2D:E0:C8:53:D2:58:76:31
X509v3 Authority Key Identifier:
keyid:79:4F:55:1E:97:A1:32:54:2E:3B:05:6E:90:5D:E8:F3:DB:A2:4C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eU9VHpehMlQuOwVukF3o89uiTJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1925e7-1694-43ed-8fbc-43685887436c/1/4fovZTbOe9-RKknkLeDIU9JYdjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1925e7-1694-43ed-8fbc-43685887436c/1/eU9VHpehMlQuOwVukF3o89uiTJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.140.0/22
IPv6:
2a07:8280::/29
Signature Algorithm: sha256WithRSAEncryption
93:c3:b8:cb:58:0d:a4:df:92:7f:b3:c5:14:9f:08:71:73:56:
75:b1:c1:b8:55:c4:bd:a1:06:16:fe:50:29:b0:20:82:15:0b:
76:99:8d:c9:05:04:7c:2f:8b:81:42:31:09:4a:78:50:80:e2:
de:25:88:15:e3:4b:1c:2c:36:68:ce:19:c7:65:63:03:42:42:
dc:a6:60:3a:19:7a:a8:c1:65:6a:01:70:73:c2:24:02:89:a8:
04:d3:24:02:ca:94:b7:98:d1:c6:4d:7f:c4:af:03:6b:72:6d:
4e:b7:8a:a5:02:98:43:2c:40:ba:2e:f5:94:a5:d3:8e:6e:71:
8d:0f:2d:ac:6f:fa:43:de:7a:05:a7:5d:7b:05:4a:75:f7:6a:
b1:21:1d:ce:f3:d2:b6:22:53:bc:a1:87:2e:b8:1a:e9:21:06:
88:9f:30:65:cc:69:96:ac:4e:8f:f0:60:ff:c6:d9:68:0b:82:
f2:cd:e9:f9:c6:5a:c3:5f:76:7d:7a:96:54:d0:92:12:59:58:
00:4a:54:7b:6b:40:02:51:9b:c1:6d:7b:67:63:5c:3c:a4:ff:
cd:b4:b8:76:57:2d:b9:fe:7e:30:d1:0a:4f:56:1d:ad:dc:cc:
9c:d3:fc:1c:0c:34:20:a1:81:d0:3b:57:f3:c8:de:2d:23:f9:
9e:db:b0:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuONo9WiBiYo9kM/njgBXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NGY1NTFlOTdhMTMyNTQyZTNiMDU2ZTkwNWRlOGYzZGJh
MjRjOWMwHhcNMjMwMTAxMTY0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZhMmY2NTM2Y2U3YmRmOTEyYTQ5ZTQyZGUwYzg1M2QyNTg3NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumWoxUui5kcMNJuQZKEomIdjvJ0P
p+7fnfL5P8njXkCKilKyRqbGDGcboIcLI7k8X9odbiql3FDFazrT724VpRuiD4pL
5JplHzsPDe8T1btdqga/4sLTdkcok+HKVm+gXTKh7jqkfL2aGOkGjanepKUURx0u
yuR2vnUdW17V16u9lGY0XVF3LwjuysM0r9sRnzSNQ09h/47XWEB9Y7IPP5jrIDQ3
/CQplet0mDKcbt5EHOcIDkNVyIysFdI1mG2isjkz+1/Hb/ukUmD6LeaPyQIK01Jr
+3sjVFR4vtrmqzO3BnRKh4LHyQW9SkDZ1tf5UDa9F8ScfbenzAUsi+l9awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOH6L2U2znvfkSpJ5C3gyFPSWHYxMB8GA1UdIwQY
MBaAFHlPVR6XoTJULjsFbpBd6PPbokycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVU5VkhwZWhNbFF1T3dWdWtGM284OXVpVEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xOTI1ZTctMTY5NC00M2VkLThmYmMt
NDM2ODU4ODc0MzZjLzEvNGZvdlpUYk9lOS1SS2tua0xlRElVOUpZZGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xOTI1ZTctMTY5NC00M2VkLThmYmMtNDM2ODU4ODc0MzZj
LzEvZVU5VkhwZWhNbFF1T3dWdWtGM284OXVpVEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZiMMA0E
AgACMAcDBQMqB4KAMA0GCSqGSIb3DQEBCwUAA4IBAQCTw7jLWA2k35J/s8UUnwhx
c1Z1scG4VcS9oQYW/lApsCCCFQt2mY3JBQR8L4uBQjEJSnhQgOLeJYgV40scLDZo
zhnHZWMDQkLcpmA6GXqowWVqAXBzwiQCiagE0yQCypS3mNHGTX/ErwNrcm1Ot4ql
AphDLEC6LvWUpdOObnGNDy2sb/pD3noFp117BUp192qxIR3O89K2IlO8oYcuuBrp
IQaInzBlzGmWrE6P8GD/xtloC4Lyzen5xlrDX3Z9epZU0JISWVgASlR7a0ACUZvB
bXtnY1w8pP/NtLh2Vy25/n4w0QpPVh2t3Myc0/wcDDQgoYHQO1fzyN4tI/me27Dz
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:11:13 2024 by rpki-client on console.sobornost.net