Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/bPXIAz96Nf_6YrfJ-cP4fkc9DUI.roa
File: bPXIAz96Nf_6YrfJ-cP4fkc9DUI.roa (raw, json)
Hash identifier: gdJcuL5QhIjzMzh/8yWXcJUJbOf5rvBTxxxk7MjqpRM=
Subject key identifier: 6C:F5:C8:03:3F:7A:35:FF:FA:62:B7:C9:F9:C3:F8:7E:47:3D:0D:42
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 01856F9493DD86BAABE86A61328A5C770E11
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/bPXIAz96Nf_6YrfJ-cP4fkc9DUI.roa
Signing time: Sun 01 Jan 2023 23:04:46 +0000
ROA not before: Sun 01 Jan 2023 23:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52052
IP address blocks: 194.247.33.0/24 maxlen: 24
185.166.72.0/22 maxlen: 22
2a09:f880::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:93:dd:86:ba:ab:e8:6a:61:32:8a:5c:77:0e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Jan 1 23:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cf5c8033f7a35fffa62b7c9f9c3f87e473d0d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:04:d6:66:5d:aa:ba:41:5d:0e:10:0e:d6:
87:d7:82:ac:22:50:78:0f:77:1c:c2:4f:19:07:96:
0b:1a:19:e5:49:f1:54:96:ef:45:e3:22:af:55:79:
ed:9b:cf:d0:2b:2b:a6:87:c6:78:a0:3b:2a:46:c4:
53:b0:e6:8a:70:f5:f6:d1:61:e4:e3:45:bf:a1:48:
75:cf:91:7f:2c:39:b0:7f:b9:63:64:7c:98:87:04:
96:37:a9:e4:09:9b:e1:30:2a:b1:eb:d9:02:21:57:
3d:33:af:be:b5:5b:07:c8:a3:a5:b0:5f:0c:b9:f7:
92:eb:46:f8:7d:05:78:64:9c:3b:85:27:48:62:59:
58:16:6b:20:bd:4e:e2:d7:29:de:24:44:e3:6d:47:
39:e1:d2:2f:6f:ea:d5:51:56:72:2b:fd:94:d3:9f:
cc:0b:cf:5e:82:ec:49:67:28:e8:c4:39:5b:0d:fa:
c0:07:22:2b:46:9a:62:d3:a2:f2:01:42:06:98:d5:
15:1f:10:22:d2:18:82:e4:8e:b1:c0:49:40:4e:71:
2d:5c:a0:6a:0a:61:b2:5e:5d:95:0a:29:d5:b3:a5:
2c:1e:e2:8e:33:31:97:ba:0a:28:be:e2:f2:b5:42:
ff:59:8c:39:c6:0c:68:44:b9:aa:db:0d:c6:6f:12:
ba:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F5:C8:03:3F:7A:35:FF:FA:62:B7:C9:F9:C3:F8:7E:47:3D:0D:42
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/bPXIAz96Nf_6YrfJ-cP4fkc9DUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
194.247.33.0/24
IPv6:
2a09:f880::/32
Signature Algorithm: sha256WithRSAEncryption
70:65:ff:a7:aa:1e:0a:07:f1:1a:5a:ec:ec:3e:40:0b:d5:49:
99:ce:d7:c7:84:fc:d7:10:06:23:7e:c3:4a:1e:62:35:b3:f3:
3a:d9:06:52:d8:16:06:d7:84:17:89:43:b6:47:62:a6:bc:a9:
53:c6:40:de:2c:c0:84:bc:88:92:c9:08:92:5e:32:e3:e2:04:
49:8a:99:e9:43:a0:56:56:59:ea:66:b0:7c:2c:c0:5a:48:5f:
f7:55:a1:73:56:83:72:94:11:dc:72:9d:9d:99:b3:c1:e8:c8:
25:c3:16:9e:ae:e5:c1:b9:c5:fc:74:84:d7:42:9f:a7:c1:50:
44:d6:aa:ea:3e:f4:71:92:c0:70:fc:71:25:de:aa:d6:3c:0b:
74:58:16:9d:ca:c6:a6:6d:8f:e2:fd:de:4d:5c:24:0b:65:8b:
0c:3e:07:1a:04:07:77:d3:ea:82:cf:6e:1f:53:6e:2c:a4:11:
cc:b0:41:63:41:d8:1e:da:3b:3e:98:ba:67:76:55:6c:79:e4:
fc:e9:9e:35:c7:b0:ee:77:33:8b:72:90:b9:1a:6f:9c:30:7a:
76:e5:23:d8:0d:7a:3d:e5:4e:3b:7c:1f:20:3e:0b:76:20:6a:
11:7e:01:fd:ef:cd:58:4b:fc:53:1f:a4:e2:be:a1:b4:2a:a4:
d8:4f:81:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvlJPdhrqr6GphMopcdw4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjMwMTAxMjMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y1YzgwMzNmN2EzNWZmZmE2MmI3YzlmOWMzZjg3ZTQ3M2QwZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOYE1mZdqrpBXQ4QDtaH14KsIlB4
D3ccwk8ZB5YLGhnlSfFUlu9F4yKvVXntm8/QKyumh8Z4oDsqRsRTsOaKcPX20WHk
40W/oUh1z5F/LDmwf7ljZHyYhwSWN6nkCZvhMCqx69kCIVc9M6++tVsHyKOlsF8M
ufeS60b4fQV4ZJw7hSdIYllYFmsgvU7i1yneJETjbUc54dIvb+rVUVZyK/2U05/M
C89eguxJZyjoxDlbDfrAByIrRppi06LyAUIGmNUVHxAi0hiC5I6xwElATnEtXKBq
CmGyXl2VCinVs6UsHuKOMzGXugoovuLytUL/WYw5xgxoRLmq2w3GbxK6GQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGz1yAM/ejX/+mK3yfnD+H5HPQ1CMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvYlBYSUF6OTZOZl82WXJmSi1jUDRma2M5RFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaZIAwQA
wvchMA0EAgACMAcDBQAqCfiAMA0GCSqGSIb3DQEBCwUAA4IBAQBwZf+nqh4KB/Ea
WuzsPkAL1UmZztfHhPzXEAYjfsNKHmI1s/M62QZS2BYG14QXiUO2R2KmvKlTxkDe
LMCEvIiSyQiSXjLj4gRJipnpQ6BWVlnqZrB8LMBaSF/3VaFzVoNylBHccp2dmbPB
6MglwxaeruXBucX8dITXQp+nwVBE1qrqPvRxksBw/HEl3qrWPAt0WBadysambY/i
/d5NXCQLZYsMPgcaBAd30+qCz24fU24spBHMsEFjQdge2js+mLpndlVseeT86Z41
x7DudzOLcpC5Gm+cMHp25SPYDXo95U47fB8gPgt2IGoRfgH9781YS/xTH6TivqG0
KqTYT4Gr
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:41 2024 by rpki-client on console.sobornost.net