Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/qFOMfttpfwPQkiZCV-sRUHab6-Q.roa
File: qFOMfttpfwPQkiZCV-sRUHab6-Q.roa (raw, json)
Hash identifier: A4kq+I7tYZG3juKviyaZpJk3PVy8dpjFtydrDQV+YGw=
Subject key identifier: A8:53:8C:7E:DB:69:7F:03:D0:92:26:42:57:EB:11:50:76:9B:EB:E4
Certificate issuer: /CN=294bfb4ac4886011f06d9dc4efd45533264ed788
Certificate serial: 018572C390BAC9F2A5400AC54293240AB415
Authority key identifier: 29:4B:FB:4A:C4:88:60:11:F0:6D:9D:C4:EF:D4:55:33:26:4E:D7:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUv7SsSIYBHwbZ3E79RVMyZO14g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/qFOMfttpfwPQkiZCV-sRUHab6-Q.roa
Signing time: Mon 02 Jan 2023 13:54:57 +0000
ROA not before: Mon 02 Jan 2023 13:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44615
IP address blocks: 91.202.64.0/24 maxlen: 24
91.202.67.0/24 maxlen: 24
91.202.66.0/24 maxlen: 24
91.202.65.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:90:ba:c9:f2:a5:40:0a:c5:42:93:24:0a:b4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294bfb4ac4886011f06d9dc4efd45533264ed788
Validity
Not Before: Jan 2 13:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8538c7edb697f03d092264257eb1150769bebe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:14:1f:4e:e7:14:d6:7f:dd:52:e0:39:3f:c5:
2f:8d:ae:8f:53:eb:e5:95:90:9b:1e:9e:37:ff:ed:
d8:47:0d:04:d9:fb:10:f6:c3:59:40:73:65:17:92:
6c:b9:37:0e:3d:7d:4e:ac:88:88:1b:b4:8d:bf:99:
e0:2c:70:6b:9b:e4:13:eb:cf:91:65:77:b3:fc:3b:
2f:25:45:b4:2a:af:12:af:0a:ff:68:29:03:e3:25:
25:57:b1:70:08:72:3d:36:2e:63:a0:a9:04:54:16:
24:4c:0e:fa:d6:81:3b:80:a9:66:89:33:cd:22:96:
88:77:9f:b7:94:37:ad:90:61:87:fb:46:1e:ee:81:
99:e6:86:4e:ba:37:66:69:23:ef:d6:89:15:74:97:
7c:1e:d5:2a:f7:e0:80:f4:44:db:6f:a2:f5:a1:8e:
dd:42:f6:19:96:4d:e1:d6:79:cc:35:4c:6f:62:52:
02:65:c9:d0:71:c9:d1:5a:62:1a:e0:02:11:80:81:
e3:9d:38:d8:70:71:b1:de:20:d4:0a:35:13:0e:eb:
b9:50:9b:07:e3:b1:46:08:a8:62:d2:15:67:98:83:
24:9f:c9:76:58:19:d5:43:73:bb:ea:7f:ae:e0:d6:
c5:29:cb:4c:46:a8:52:51:8b:b4:5e:e1:d6:ed:d1:
4a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:53:8C:7E:DB:69:7F:03:D0:92:26:42:57:EB:11:50:76:9B:EB:E4
X509v3 Authority Key Identifier:
keyid:29:4B:FB:4A:C4:88:60:11:F0:6D:9D:C4:EF:D4:55:33:26:4E:D7:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUv7SsSIYBHwbZ3E79RVMyZO14g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/qFOMfttpfwPQkiZCV-sRUHab6-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/KUv7SsSIYBHwbZ3E79RVMyZO14g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.64.0/22
Signature Algorithm: sha256WithRSAEncryption
09:90:8a:32:4f:44:6b:cf:a9:49:f2:4b:07:c1:58:7e:2a:1f:
56:e4:f3:af:d1:ca:ae:49:bd:e6:bc:d1:ff:b5:e1:63:fb:6d:
cb:d5:56:70:a1:55:d3:4d:c8:60:18:c0:33:7f:53:41:6d:d8:
c8:81:74:34:e4:03:e8:a8:dd:62:46:a1:0d:15:36:79:2a:ca:
02:7b:93:19:c4:f4:17:bf:79:1b:e1:c4:62:47:0b:6f:66:14:
0e:b4:87:96:8f:4c:e8:b2:2c:20:65:49:96:3b:12:26:ff:aa:
33:4a:08:76:f9:35:99:64:43:93:45:12:db:46:00:01:a6:62:
7c:41:38:8c:b8:df:30:be:d8:61:7a:f2:b6:c8:23:ab:cc:2d:
76:7f:8b:c4:c0:52:72:f3:90:1a:ec:95:d0:06:0b:fb:6f:9c:
76:2f:39:0d:8a:ff:e1:b5:78:df:bf:17:63:3b:09:e6:b6:a1:
ae:d9:58:28:a8:0f:44:ef:9b:7b:5d:9b:23:9a:fa:2f:92:b1:
5c:ce:14:48:6e:17:16:ad:84:51:a3:28:13:bd:9a:9e:b1:ac:
3e:52:dd:75:8c:0d:ca:13:2e:59:48:32:58:84:ca:d2:60:83:
a3:23:87:96:4e:1d:36:37:2c:49:87:4b:6d:db:86:8d:58:67:
f9:a0:e5:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw5C6yfKlQArFQpMkCrQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NGJmYjRhYzQ4ODYwMTFmMDZkOWRjNGVmZDQ1NTMzMjY0
ZWQ3ODgwHhcNMjMwMTAyMTM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODUzOGM3ZWRiNjk3ZjAzZDA5MjI2NDI1N2ViMTE1MDc2OWJlYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RQfTucU1n/dUuA5P8Uvja6PU+vl
lZCbHp43/+3YRw0E2fsQ9sNZQHNlF5JsuTcOPX1OrIiIG7SNv5ngLHBrm+QT68+R
ZXez/DsvJUW0Kq8Srwr/aCkD4yUlV7FwCHI9Ni5joKkEVBYkTA761oE7gKlmiTPN
IpaId5+3lDetkGGH+0Ye7oGZ5oZOujdmaSPv1okVdJd8HtUq9+CA9ETbb6L1oY7d
QvYZlk3h1nnMNUxvYlICZcnQccnRWmIa4AIRgIHjnTjYcHGx3iDUCjUTDuu5UJsH
47FGCKhi0hVnmIMkn8l2WBnVQ3O76n+u4NbFKctMRqhSUYu0XuHW7dFKpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhTjH7baX8D0JImQlfrEVB2m+vkMB8GA1UdIwQY
MBaAFClL+0rEiGAR8G2dxO/UVTMmTteIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1V2N1NzU0lZQkh3YlozRTc5UlZNeVpPMTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iMGRhMDYtMWJhNy00OWYwLWE1Njkt
OTA5ZmU3YzgwZDk4LzEvcUZPTWZ0dHBmd1BRa2laQ1Ytc1JVSGFiNi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iMGRhMDYtMWJhNy00OWYwLWE1NjktOTA5ZmU3YzgwZDk4
LzEvS1V2N1NzU0lZQkh3YlozRTc5UlZNeVpPMTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8pAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJkIoyT0Rrz6lJ8ksHwVh+Kh9W5POv0cquSb3mvNH/
teFj+23L1VZwoVXTTchgGMAzf1NBbdjIgXQ05APoqN1iRqENFTZ5KsoCe5MZxPQX
v3kb4cRiRwtvZhQOtIeWj0zosiwgZUmWOxIm/6ozSgh2+TWZZEOTRRLbRgABpmJ8
QTiMuN8wvthhevK2yCOrzC12f4vEwFJy85Aa7JXQBgv7b5x2LzkNiv/htXjfvxdj
OwnmtqGu2VgoqA9E75t7XZsjmvovkrFczhRIbhcWrYRRoygTvZqesaw+Ut11jA3K
Ey5ZSDJYhMrSYIOjI4eWTh02NyxJh0tt24aNWGf5oOVw
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:57 2024 by rpki-client on console.sobornost.net