Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/pqWjUHO3sul698T3gqGbKWg4a1c.roa
File: pqWjUHO3sul698T3gqGbKWg4a1c.roa (raw, json)
Hash identifier: IriLGEzJVRBR6nlxusRrElH0CapAop6s4SZCx/O1eQc=
Subject key identifier: A6:A5:A3:50:73:B7:B2:E9:7A:F7:C4:F7:82:A1:9B:29:68:38:6B:57
Certificate issuer: /CN=af413fd2ad9e25c84bc0b59e608a643663e6bb68
Certificate serial: 018AD68D1E0A207CA5B88CC65973607CFB39
Authority key identifier: AF:41:3F:D2:AD:9E:25:C8:4B:C0:B5:9E:60:8A:64:36:63:E6:BB:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0E_0q2eJchLwLWeYIpkNmPmu2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/pqWjUHO3sul698T3gqGbKWg4a1c.roa
Signing time: Wed 27 Sep 2023 12:11:27 +0000
ROA not before: Wed 27 Sep 2023 12:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216275
IP address blocks: 91.226.144.0/23 maxlen: 23
2a13:e740::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:8d:1e:0a:20:7c:a5:b8:8c:c6:59:73:60:7c:fb:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af413fd2ad9e25c84bc0b59e608a643663e6bb68
Validity
Not Before: Sep 27 12:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6a5a35073b7b2e97af7c4f782a19b2968386b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:13:79:64:a0:69:62:4c:31:b1:58:9c:f1:7a:
cc:9f:6b:b4:e1:ba:74:8d:aa:b7:d9:4f:3f:00:6d:
a2:72:bf:8c:1f:aa:83:d3:31:0f:5d:84:1c:d1:dd:
c9:5c:90:57:a0:d5:f5:d5:2a:d6:e7:10:3f:50:e6:
b3:0b:8a:9e:09:ba:2b:7b:2a:8c:79:28:b1:c0:f4:
64:5d:79:91:fa:bb:18:0e:87:1d:bb:b4:75:a0:98:
c5:75:e0:7e:d1:29:92:73:83:ba:db:f6:c5:c5:37:
e6:c4:78:9a:39:f9:ef:c9:68:e8:5d:cd:89:f0:0b:
b6:51:61:38:cb:33:b3:21:f9:68:c3:28:05:71:c8:
f5:ac:2c:17:bb:74:b9:c8:29:e7:eb:d1:a0:2e:b1:
98:68:75:54:0e:11:fe:41:e4:c4:2c:39:f3:dc:81:
e7:8c:79:61:75:06:44:65:7c:b0:48:10:11:47:f2:
c1:0b:69:75:d2:16:59:c0:df:c5:b9:76:82:55:97:
d7:ed:35:84:36:39:6c:31:c3:d5:fc:0e:13:76:01:
2d:36:4a:ea:59:b0:a4:e9:34:cf:c9:a9:09:4e:cd:
10:6f:d9:9b:76:9c:4f:21:f4:d1:1e:4c:e0:a2:a4:
8a:7e:1c:51:d7:1f:52:9d:bb:3d:b3:17:98:3e:94:
d6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A5:A3:50:73:B7:B2:E9:7A:F7:C4:F7:82:A1:9B:29:68:38:6B:57
X509v3 Authority Key Identifier:
keyid:AF:41:3F:D2:AD:9E:25:C8:4B:C0:B5:9E:60:8A:64:36:63:E6:BB:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0E_0q2eJchLwLWeYIpkNmPmu2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/pqWjUHO3sul698T3gqGbKWg4a1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/r0E_0q2eJchLwLWeYIpkNmPmu2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.144.0/23
IPv6:
2a13:e740::/29
Signature Algorithm: sha256WithRSAEncryption
24:d1:40:f5:fe:3e:aa:07:af:46:63:ea:8c:40:03:40:2c:53:
84:da:75:88:6c:1c:ee:ae:bc:b0:ee:55:63:75:09:a1:53:ef:
e8:9a:6a:0d:96:0f:e1:d5:5a:9e:8b:d2:9a:93:20:90:f2:e2:
d1:fc:ab:12:34:4c:a6:b1:42:a7:6e:c7:70:d0:65:ad:45:9e:
69:8d:b2:1e:b2:fb:94:b7:27:f6:29:f8:46:7c:41:df:f0:59:
1a:71:57:1f:07:77:b6:ab:87:f1:2d:63:4e:c9:cc:77:a0:15:
c3:44:62:6c:7a:cf:91:32:c9:d0:e4:36:29:9a:ad:6d:62:13:
91:97:44:e8:7b:30:ca:1b:c8:e3:ad:7a:f7:a0:13:2c:58:73:
c0:e7:57:0d:92:f3:65:35:a7:12:69:89:ce:b7:80:e4:3a:9b:
76:20:cc:c9:02:9f:1c:21:e7:62:1d:1e:1e:4f:74:8d:e1:3b:
a7:01:62:6d:01:36:24:61:bc:c7:d4:1c:be:5f:67:4a:2c:21:
98:b4:88:b8:2a:9d:49:02:c3:02:9c:0a:ca:9d:cf:43:f5:67:
23:99:21:07:83:3e:3c:af:a0:38:fb:5d:c9:89:2c:22:95:6e:
8f:50:d6:8e:60:43:74:ad:15:14:d2:35:3a:1c:ac:20:57:e0:
ba:00:35:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrWjR4KIHyluIzGWXNgfPs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNDEzZmQyYWQ5ZTI1Yzg0YmMwYjU5ZTYwOGE2NDM2NjNl
NmJiNjgwHhcNMjMwOTI3MTIxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE1YTM1MDczYjdiMmU5N2FmN2M0Zjc4MmExOWIyOTY4Mzg2YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxN5ZKBpYkwxsVic8XrMn2u04bp0
jaq32U8/AG2icr+MH6qD0zEPXYQc0d3JXJBXoNX11SrW5xA/UOazC4qeCboreyqM
eSixwPRkXXmR+rsYDocdu7R1oJjFdeB+0SmSc4O62/bFxTfmxHiaOfnvyWjoXc2J
8Au2UWE4yzOzIflowygFccj1rCwXu3S5yCnn69GgLrGYaHVUDhH+QeTELDnz3IHn
jHlhdQZEZXywSBARR/LBC2l10hZZwN/FuXaCVZfX7TWENjlsMcPV/A4TdgEtNkrq
WbCk6TTPyakJTs0Qb9mbdpxPIfTRHkzgoqSKfhxR1x9Snbs9sxeYPpTWWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKalo1Bzt7LpevfE94KhmyloOGtXMB8GA1UdIwQY
MBaAFK9BP9KtniXIS8C1nmCKZDZj5rtoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjBFXzBxMmVKY2hMd0xXZVlJcGtObVBtdTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85YWY2MTUtMmM0ZS00Y2FmLWI1YWYt
ZWJiZTFmNDc3ZjY4LzEvcHFXalVITzNzdWw2OThUM2dxR2JLV2c0YTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85YWY2MTUtMmM0ZS00Y2FmLWI1YWYtZWJiZTFmNDc3ZjY4
LzEvcjBFXzBxMmVKY2hMd0xXZVlJcGtObVBtdTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW+KQMA0E
AgACMAcDBQMqE+dAMA0GCSqGSIb3DQEBCwUAA4IBAQAk0UD1/j6qB69GY+qMQANA
LFOE2nWIbBzurryw7lVjdQmhU+/ommoNlg/h1Vqei9KakyCQ8uLR/KsSNEymsUKn
bsdw0GWtRZ5pjbIesvuUtyf2KfhGfEHf8FkacVcfB3e2q4fxLWNOycx3oBXDRGJs
es+RMsnQ5DYpmq1tYhORl0ToezDKG8jjrXr3oBMsWHPA51cNkvNlNacSaYnOt4Dk
Opt2IMzJAp8cIediHR4eT3SN4TunAWJtATYkYbzH1By+X2dKLCGYtIi4Kp1JAsMC
nArKnc9D9WcjmSEHgz48r6A4+13JiSwilW6PUNaOYEN0rRUU0jU6HKwgV+C6ADUR
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:20 2024 by rpki-client on console.sobornost.net