Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/wUqMb8PEf4mpb7c9cwFl_UvI3pQ.roa
File: wUqMb8PEf4mpb7c9cwFl_UvI3pQ.roa (raw, json)
Hash identifier: rf7JuteHTnqQXc5dhN/9qFE/UwRxuz0dRqfUAYkFiTg=
Subject key identifier: C1:4A:8C:6F:C3:C4:7F:89:A9:6F:B7:3D:73:01:65:FD:4B:C8:DE:94
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 01856B0A2B3DB850A5E89AAAAD3E0656A168
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/wUqMb8PEf4mpb7c9cwFl_UvI3pQ.roa
Signing time: Sun 01 Jan 2023 01:55:06 +0000
ROA not before: Sun 01 Jan 2023 01:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21382
IP address blocks: 193.189.158.0/24 maxlen: 24
193.189.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:2b:3d:b8:50:a5:e8:9a:aa:ad:3e:06:56:a1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Jan 1 01:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c14a8c6fc3c47f89a96fb73d730165fd4bc8de94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:4c:07:7f:c2:05:4a:76:a5:82:e1:62:2a:
64:61:dd:10:95:71:4e:e2:46:bb:8c:aa:95:b2:da:
8a:88:fa:ba:e2:29:c9:8a:18:3a:59:9c:d8:40:b4:
0e:11:6f:fb:40:e7:3a:08:10:d3:75:0e:b4:04:06:
e5:c1:9c:1e:0b:85:9c:c2:90:e5:97:8f:e6:3f:d9:
9b:bb:9e:8e:7f:9b:4c:c7:fc:e9:76:eb:0b:34:3a:
39:f2:b7:a2:89:31:0b:e0:08:0b:3b:06:d0:bc:4a:
19:15:9e:67:98:0d:f2:56:30:fb:84:8d:91:6c:4c:
8d:19:0f:3b:6a:a5:14:3c:ab:b7:67:7b:9e:d3:db:
a2:ba:3c:a0:32:00:a7:d2:70:18:04:2f:94:73:1a:
f9:31:46:f8:c5:33:70:be:9d:23:e9:a2:26:78:10:
ee:af:5d:28:07:5f:c9:52:46:60:c1:99:64:31:86:
6d:cb:95:64:0b:e7:9b:c1:bb:b5:a4:63:3e:27:05:
1c:44:25:0c:31:15:32:9c:2f:a1:aa:3d:34:8f:ca:
16:79:07:52:b8:55:81:96:a4:0b:76:d0:c1:25:2f:
11:cc:1e:db:3c:83:7a:c2:45:18:65:89:e6:16:03:
cd:7c:4f:99:13:80:7b:6a:67:4f:6b:c9:9f:47:c6:
aa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4A:8C:6F:C3:C4:7F:89:A9:6F:B7:3D:73:01:65:FD:4B:C8:DE:94
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/wUqMb8PEf4mpb7c9cwFl_UvI3pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.157.0-193.189.158.255
Signature Algorithm: sha256WithRSAEncryption
7f:d0:6e:c2:54:6d:dc:99:4b:cf:49:c0:44:7b:4f:72:7e:56:
30:c8:b2:9f:60:a3:3a:5a:8b:fc:f7:1f:2b:09:72:57:5c:8c:
21:46:d3:5d:c9:a6:06:1d:3a:3f:00:ee:4f:8e:75:51:d8:d9:
cd:d4:af:40:a4:2a:a8:48:a6:3c:c6:ad:09:80:c2:80:ed:02:
00:64:e4:71:9f:ad:19:31:19:f6:61:8b:2c:f0:9d:d2:61:ad:
63:c5:b3:36:b8:fe:16:a2:52:21:f5:52:87:26:dd:58:6f:b5:
9e:75:01:c5:af:1e:4e:47:18:4e:23:78:ed:a7:04:6d:56:3e:
ca:5d:62:35:ed:81:e2:41:40:7a:54:44:28:eb:ca:e9:6f:09:
7c:30:1f:b5:60:36:21:fa:7a:91:81:3a:9e:dd:c1:60:80:f0:
13:4e:8e:7f:cf:a6:2c:a0:02:09:99:eb:f9:9d:b9:28:7a:bd:
e3:cb:47:0b:44:fa:6f:18:fd:3a:92:8f:65:d7:09:58:08:29:
1a:bd:0d:73:90:a4:aa:66:4f:8c:67:dc:28:cc:fc:87:90:18:
67:64:cf:f3:f1:94:5e:3f:13:99:69:81:9f:e4:82:4c:9f:4d:
4c:35:c6:a9:b0:83:7d:85:6f:ba:08:b4:86:e8:75:c6:3b:18:
52:e0:ee:13
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrCis9uFCl6JqqrT4GVqFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjMwMTAxMDE1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTRhOGM2ZmMzYzQ3Zjg5YTk2ZmI3M2Q3MzAxNjVmZDRiYzhkZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1JMB3/CBUp2pYLhYipkYd0QlXFO
4ka7jKqVstqKiPq64inJihg6WZzYQLQOEW/7QOc6CBDTdQ60BAblwZweC4WcwpDl
l4/mP9mbu56Of5tMx/zpdusLNDo58reiiTEL4AgLOwbQvEoZFZ5nmA3yVjD7hI2R
bEyNGQ87aqUUPKu3Z3ue09uiujygMgCn0nAYBC+Ucxr5MUb4xTNwvp0j6aImeBDu
r10oB1/JUkZgwZlkMYZty5VkC+ebwbu1pGM+JwUcRCUMMRUynC+hqj00j8oWeQdS
uFWBlqQLdtDBJS8RzB7bPIN6wkUYZYnmFgPNfE+ZE4B7amdPa8mfR8aq0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMFKjG/DxH+JqW+3PXMBZf1LyN6UMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvd1VxTWI4UEVmNG1wYjdjOWN3RmxfVXZJM3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBvZ0D
BADBvZ4wDQYJKoZIhvcNAQELBQADggEBAH/QbsJUbdyZS89JwER7T3J+VjDIsp9g
ozpai/z3HysJcldcjCFG013JpgYdOj8A7k+OdVHY2c3Ur0CkKqhIpjzGrQmAwoDt
AgBk5HGfrRkxGfZhiyzwndJhrWPFsza4/haiUiH1Uocm3VhvtZ51AcWvHk5HGE4j
eO2nBG1WPspdYjXtgeJBQHpURCjryulvCXwwH7VgNiH6epGBOp7dwWCA8BNOjn/P
piygAgmZ6/mduSh6vePLRwtE+m8Y/TqSj2XXCVgIKRq9DXOQpKpmT4xn3CjM/IeQ
GGdkz/PxlF4/E5lpgZ/kgkyfTUw1xqmwg32Fb7oItIbodcY7GFLg7hM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:36 2024 by rpki-client on console.sobornost.net