Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/a4X8z8lQtw1b2GH3NyZW9GNalyo.roa
File: a4X8z8lQtw1b2GH3NyZW9GNalyo.roa (raw, json)
Hash identifier: BA/tx5jpcCzn8qiUJbmwyOGaSjR7/MJU/4WWCH7UzJA=
Subject key identifier: 6B:85:FC:CF:C9:50:B7:0D:5B:D8:61:F7:37:26:56:F4:63:5A:97:2A
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 01856CEF05ADDA066825213FF47D79148C23
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/a4X8z8lQtw1b2GH3NyZW9GNalyo.roa
Signing time: Sun 01 Jan 2023 10:44:41 +0000
ROA not before: Sun 01 Jan 2023 10:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51380
IP address blocks: 195.20.4.0/23 maxlen: 23
91.218.192.0/23 maxlen: 23
195.20.6.0/24 maxlen: 24
91.218.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:05:ad:da:06:68:25:21:3f:f4:7d:79:14:8c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Jan 1 10:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b85fccfc950b70d5bd861f7372656f4635a972a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:61:c0:e2:36:ea:81:a4:11:eb:1a:e9:4a:
8f:a7:e6:f0:fb:ba:dc:89:83:4c:35:02:43:b3:a6:
7c:cf:6b:ea:db:f1:6d:dc:6b:60:e6:20:7d:14:e1:
00:fe:d8:7d:c7:44:cf:83:d2:53:0d:f8:15:6a:d1:
3e:8a:37:a2:fc:a0:3c:7a:b9:ea:a2:f0:61:b4:9d:
bb:e8:23:98:5d:3e:35:ac:05:75:a9:19:48:ff:82:
6d:51:09:c8:c4:45:9a:7b:40:4b:a9:9b:3f:a5:aa:
8f:e2:a2:61:35:30:a7:ba:e6:16:ca:5f:59:a4:bd:
3f:06:be:54:70:1a:ed:48:11:84:38:9d:71:e5:79:
30:6b:35:50:3c:32:5a:7e:ea:a0:27:b6:d1:64:b5:
0c:96:7e:25:d9:3f:1a:06:92:c6:3a:37:cd:46:65:
4b:f9:2d:13:ef:e6:72:f8:f3:b2:69:dd:47:82:0f:
f8:fe:ca:9d:c9:2e:e1:ff:94:2d:89:e2:70:6a:58:
ca:02:e1:05:1d:94:98:8d:2e:20:05:5f:65:b5:ab:
0e:d6:d8:47:03:8a:5b:7e:7c:48:0c:21:9f:73:33:
67:0f:a7:3c:50:48:5c:86:a2:74:bf:cf:f8:f4:44:
a0:9f:3e:ee:dd:23:11:b6:36:14:54:b7:7c:f8:bd:
a9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:85:FC:CF:C9:50:B7:0D:5B:D8:61:F7:37:26:56:F4:63:5A:97:2A
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/a4X8z8lQtw1b2GH3NyZW9GNalyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.192.0-91.218.194.255
195.20.4.0-195.20.6.255
Signature Algorithm: sha256WithRSAEncryption
11:06:f4:de:68:67:bb:cf:0a:1d:94:8a:9f:cf:b7:3e:da:bf:
b9:12:55:f8:74:92:b2:80:e0:e5:a9:bb:21:9d:84:d8:b6:c3:
7e:d8:22:6c:7b:45:72:d2:32:9c:2a:bf:89:85:63:bd:5f:c8:
9a:c5:4d:3f:6d:b0:8a:cb:63:58:ae:27:a1:ee:98:d4:0e:72:
c5:d2:0e:ee:21:14:3e:dd:36:37:81:06:68:21:3a:e2:97:54:
6f:27:ad:10:c3:83:b4:2c:d0:1b:39:2e:e0:db:10:09:24:db:
e9:62:91:cf:db:71:8b:b4:36:b3:74:5d:7c:0d:26:72:50:80:
56:4a:47:ac:2c:6a:8a:95:b1:6b:bf:f0:04:0c:1c:89:70:d4:
d5:38:82:cc:c6:eb:3e:93:a2:e1:9f:ab:24:00:65:85:cf:74:
1e:fa:18:d3:54:eb:bc:5a:c1:ee:64:24:47:f2:ee:88:98:e0:
4f:89:96:ac:fe:9a:d5:12:d8:6d:76:b8:5b:89:7e:af:73:5f:
5a:58:4c:3f:7a:ac:64:ea:fc:64:b1:3d:71:91:2b:ab:f6:b9:
7f:fd:65:ce:76:bb:b5:11:65:d1:ae:31:7c:fa:22:a6:20:d0:
45:e0:cb:b4:32:f1:28:51:3e:c1:9a:ec:45:d8:cf:81:4b:23:
8e:64:c0:63
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVs7wWt2gZoJSE/9H15FIwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1
OTVmNzYwHhcNMjMwMTAxMTA0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg1ZmNjZmM5NTBiNzBkNWJkODYxZjczNzI2NTZmNDYzNWE5NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkThhwOI26oGkEesa6UqPp+bw+7rc
iYNMNQJDs6Z8z2vq2/Ft3Gtg5iB9FOEA/th9x0TPg9JTDfgVatE+ijei/KA8ernq
ovBhtJ276COYXT41rAV1qRlI/4JtUQnIxEWae0BLqZs/paqP4qJhNTCnuuYWyl9Z
pL0/Br5UcBrtSBGEOJ1x5XkwazVQPDJafuqgJ7bRZLUMln4l2T8aBpLGOjfNRmVL
+S0T7+Zy+POyad1Hgg/4/sqdyS7h/5QtieJwaljKAuEFHZSYjS4gBV9ltasO1thH
A4pbfnxIDCGfczNnD6c8UEhchqJ0v8/49ESgnz7u3SMRtjYUVLd8+L2p0QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGuF/M/JULcNW9hh9zcmVvRjWpcqMB8GA1UdIwQY
MBaAFGK9bCvfYeI+r+I93gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzct
YjgyYjBlZDJkMzIzLzEvYTRYOHo4bFF0dzFiMkdIM055Wlc5R05hbHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIz
LzEvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZb2sAD
BABb2sIwDAMEAsMUBAMEAMMUBjANBgkqhkiG9w0BAQsFAAOCAQEAEQb03mhnu88K
HZSKn8+3Ptq/uRJV+HSSsoDg5am7IZ2E2LbDftgibHtFctIynCq/iYVjvV/ImsVN
P22wistjWK4noe6Y1A5yxdIO7iEUPt02N4EGaCE64pdUbyetEMODtCzQGzku4NsQ
CSTb6WKRz9txi7Q2s3RdfA0mclCAVkpHrCxqipWxa7/wBAwciXDU1TiCzMbrPpOi
4Z+rJABlhc90HvoY01TrvFrB7mQkR/LuiJjgT4mWrP6a1RLYbXa4W4l+r3NfWlhM
P3qsZOr8ZLE9cZErq/a5f/1lzna7tRFl0a4xfPoipiDQReDLtDLxKFE+wZrsRdjP
gUsjjmTAYw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:43 2023 by rpki-client on console.sobornost.net