Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xMSH7aDlYThWCvLL6I2QJl7VQeM.roa
File: xMSH7aDlYThWCvLL6I2QJl7VQeM.roa (raw, json)
Hash identifier: UZlaBpwqlGhxZ8elwvoJRPL+IvhA4BSSiwhzdVj7r2w=
Subject key identifier: C4:C4:87:ED:A0:E5:61:38:56:0A:F2:CB:E8:8D:90:26:5E:D5:41:E3
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0189FE07641134E4679976BDEE48D2233A64
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xMSH7aDlYThWCvLL6I2QJl7VQeM.roa
Signing time: Wed 16 Aug 2023 11:07:24 +0000
ROA not before: Wed 16 Aug 2023 11:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 194.110.172.0/23 maxlen: 24
85.117.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:07:64:11:34:e4:67:99:76:bd:ee:48:d2:23:3a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 16 11:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4c487eda0e56138560af2cbe88d90265ed541e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:76:69:04:44:e3:88:65:a9:b5:dd:72:dd:f8:
c0:cf:31:65:65:5d:d3:b4:54:d5:2a:46:05:7c:58:
46:80:b0:e4:33:32:c0:0f:d0:7e:68:5d:e2:35:b8:
3b:3e:26:86:8f:fb:6b:5d:27:26:2e:39:ac:f4:87:
9b:56:dc:f8:d2:67:7f:a0:c4:d5:fa:30:e0:25:5b:
11:48:7e:9d:a6:d4:27:4c:4f:26:fc:30:51:03:48:
2c:54:f7:77:e8:4c:92:22:5d:75:32:df:2c:fa:b4:
41:cc:d2:c9:48:d8:ce:ca:b9:e7:3c:5c:86:1b:3e:
1f:78:d8:96:d9:68:08:fb:42:4e:d0:33:35:85:66:
fc:e2:f4:af:98:3d:20:8a:ba:34:f2:b5:b7:dc:65:
42:69:72:05:f4:97:cc:69:e4:91:b3:7f:d0:fe:8b:
4e:d4:7c:89:22:1f:66:8b:24:da:2e:56:28:1c:27:
2d:74:db:3f:3f:37:88:b9:01:d7:e4:d0:9d:d2:c3:
3f:33:a6:d1:aa:df:27:ad:89:eb:e2:64:a3:fe:a2:
e7:e4:4a:bb:07:c8:e9:05:de:6a:ab:3e:1b:61:fa:
11:56:94:b1:15:1e:84:16:be:59:b0:19:ea:b2:74:
1d:e1:4e:9b:12:88:25:00:d8:10:8e:e6:01:71:48:
20:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C4:87:ED:A0:E5:61:38:56:0A:F2:CB:E8:8D:90:26:5E:D5:41:E3
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/xMSH7aDlYThWCvLL6I2QJl7VQeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.242.0/24
194.110.172.0/23
Signature Algorithm: sha256WithRSAEncryption
10:e9:ba:e0:d7:56:b7:33:7c:c1:75:85:b6:f8:79:96:3d:e0:
87:a9:17:b7:d2:28:fb:d7:d2:c2:36:c9:ec:79:22:7f:2f:e9:
5e:8e:41:8e:9b:e7:84:2e:11:53:5d:ea:21:11:e4:1b:1b:13:
fc:00:ce:26:58:68:79:e7:6a:12:32:78:26:26:d6:73:2d:88:
92:43:c1:ae:33:e5:11:37:57:2a:18:a3:aa:14:11:47:55:86:
cd:04:11:a3:c0:fc:35:00:a9:15:c8:bc:eb:66:e7:f9:82:c6:
b0:a1:81:96:c4:cd:6d:6d:41:e2:da:0a:8f:49:15:2a:65:9f:
f4:8f:b1:01:7b:7b:3f:b1:37:b5:1b:2a:b4:63:4a:60:76:54:
27:9e:0a:bc:f1:25:c0:d5:ea:a0:40:0d:d8:9a:d5:b1:40:58:
38:18:f2:5e:41:e6:64:88:98:cd:4e:21:6b:6b:08:fb:39:f7:
07:c1:92:14:a6:c3:e5:88:4c:33:4c:7a:50:6f:c3:3f:4a:9d:
e0:3e:e1:83:11:52:6a:9f:8d:5f:6c:fd:8b:d4:56:3f:57:67:
7e:0c:ea:95:02:fd:2d:70:b4:0e:e1:ae:6e:58:9d:a0:12:c1:
33:54:27:94:45:b3:bb:fe:0a:95:04:69:b3:10:69:f0:fd:73:
a2:22:92:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn+B2QRNORnmXa97kjSIzpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwODE2MTEwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM0ODdlZGEwZTU2MTM4NTYwYWYyY2JlODhkOTAyNjVlZDU0MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXZpBETjiGWptd1y3fjAzzFlZV3T
tFTVKkYFfFhGgLDkMzLAD9B+aF3iNbg7PiaGj/trXScmLjms9IebVtz40md/oMTV
+jDgJVsRSH6dptQnTE8m/DBRA0gsVPd36EySIl11Mt8s+rRBzNLJSNjOyrnnPFyG
Gz4feNiW2WgI+0JO0DM1hWb84vSvmD0giro08rW33GVCaXIF9JfMaeSRs3/Q/otO
1HyJIh9miyTaLlYoHCctdNs/PzeIuQHX5NCd0sM/M6bRqt8nrYnr4mSj/qLn5Eq7
B8jpBd5qqz4bYfoRVpSxFR6EFr5ZsBnqsnQd4U6bEoglANgQjuYBcUgg8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMTEh+2g5WE4Vgryy+iNkCZe1UHjMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEveE1TSDdhRGxZVGhXQ3ZMTDZJMlFKbDdWUWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXyAwQB
wm6sMA0GCSqGSIb3DQEBCwUAA4IBAQAQ6brg11a3M3zBdYW2+HmWPeCHqRe30ij7
19LCNsnseSJ/L+lejkGOm+eELhFTXeohEeQbGxP8AM4mWGh552oSMngmJtZzLYiS
Q8GuM+URN1cqGKOqFBFHVYbNBBGjwPw1AKkVyLzrZuf5gsawoYGWxM1tbUHi2gqP
SRUqZZ/0j7EBe3s/sTe1Gyq0Y0pgdlQnngq88SXA1eqgQA3YmtWxQFg4GPJeQeZk
iJjNTiFrawj7OfcHwZIUpsPliEwzTHpQb8M/Sp3gPuGDEVJqn41fbP2L1FY/V2d+
DOqVAv0tcLQO4a5uWJ2gEsEzVCeURbO7/gqVBGmzEGnw/XOiIpLc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:54 2023 by rpki-client on console.sobornost.net