Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/nRUJ4OS4acIe_N54vDItEqWnGMQ.roa
File: nRUJ4OS4acIe_N54vDItEqWnGMQ.roa (raw, json)
Hash identifier: KrqM3NZkRDT5qToG5rPcbb3FTaurAypKCiAn6pE9Pk8=
Subject key identifier: 9D:15:09:E0:E4:B8:69:C2:1E:FC:DE:78:BC:32:2D:12:A5:A7:18:C4
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 01856F949C6A176882B49D9157A73BDFF8D0
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/nRUJ4OS4acIe_N54vDItEqWnGMQ.roa
Signing time: Sun 01 Jan 2023 23:04:48 +0000
ROA not before: Sun 01 Jan 2023 23:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9c:6a:17:68:82:b4:9d:91:57:a7:3b:df:f8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 23:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d1509e0e4b869c21efcde78bc322d12a5a718c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:46:e8:9c:a7:03:98:01:7f:1b:95:5d:a4:
b5:22:f4:a9:47:56:9a:2c:b3:0f:07:cb:1c:c1:90:
3d:da:1d:e7:21:f2:05:1b:49:56:a6:2c:b5:c0:82:
05:de:01:ec:ae:d8:03:53:28:8a:b7:09:4e:ca:9a:
ae:0b:3f:e1:18:60:e9:25:12:da:8d:fe:1f:93:9c:
66:bd:60:6a:67:c1:d4:6f:fb:7e:a3:08:8a:b2:15:
bc:8b:21:f2:63:07:34:ee:8b:dd:ba:12:9b:89:ad:
31:7a:b9:3c:86:c5:99:fe:e0:85:b1:63:3f:2c:fa:
60:03:d6:31:e6:fc:f5:e6:56:ea:d2:51:11:01:cc:
d3:bb:26:c1:64:78:b3:58:ec:1e:19:49:dd:1f:c8:
ef:ce:fc:6a:c8:b4:d9:04:5d:46:b7:72:3d:68:65:
58:e0:4f:f7:94:76:af:ad:b2:ff:0c:4d:67:24:e9:
66:83:c7:43:0d:06:0a:d7:05:8c:8a:c6:fc:d3:63:
45:68:54:7a:85:76:0c:26:9c:82:82:c0:ce:bb:b8:
37:9b:c0:b9:89:fc:b5:9f:f6:8a:cf:82:68:4d:02:
8f:91:c5:e5:f4:f7:a4:e4:b6:a7:f4:13:e6:b9:6d:
b7:37:04:fb:c5:a1:4d:88:14:3e:45:c8:d7:92:9b:
98:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:15:09:E0:E4:B8:69:C2:1E:FC:DE:78:BC:32:2D:12:A5:A7:18:C4
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/nRUJ4OS4acIe_N54vDItEqWnGMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
98:df:22:40:43:b9:2e:15:59:47:cd:8d:3b:b7:12:f3:41:b4:
9b:d1:c9:43:67:b4:b3:e5:b8:85:3d:c5:04:64:ad:5c:55:8f:
98:45:ae:1c:15:1c:c9:54:b7:63:1a:ee:47:a9:ee:3d:3d:62:
a9:49:63:46:fb:aa:5f:41:02:2a:6f:c2:76:13:58:0b:eb:37:
25:bd:4e:ec:13:d3:cd:0e:a3:2e:33:fa:4e:24:09:0f:66:6f:
5c:78:5d:ed:4f:9d:79:97:3a:17:5c:64:d3:a6:6f:e9:93:d3:
a8:b6:a5:ad:68:78:16:5a:7f:c7:5d:e4:2c:6b:ae:c3:8f:b6:
47:e7:ed:ed:4e:8d:cc:c0:f0:84:8e:18:a5:72:bf:87:3c:ca:
7d:d3:17:70:e0:6a:84:b9:bc:4d:97:a2:50:fc:26:f2:5f:a9:
96:26:b6:01:d0:48:72:94:c7:c5:f7:66:70:b7:a0:7e:f1:d7:
ca:13:d9:24:1c:cc:a4:26:f2:5c:0a:c7:4a:26:4b:d6:1a:e3:
71:57:e6:3c:77:83:8c:4d:52:6f:6c:9c:57:71:87:7e:b1:6c:
8a:d8:64:1d:5e:48:19:ed:fe:18:ed:4b:9d:89:7f:5e:b3:db:
1d:0d:cd:3a:a9:7b:75:15:15:87:d2:42:7d:b5:01:af:98:58:
f8:aa:18:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJxqF2iCtJ2RV6c73/jQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDE1MDllMGU0Yjg2OWMyMWVmY2RlNzhiYzMyMmQxMmE1YTcxOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA199G6JynA5gBfxuVXaS1IvSpR1aa
LLMPB8scwZA92h3nIfIFG0lWpiy1wIIF3gHsrtgDUyiKtwlOypquCz/hGGDpJRLa
jf4fk5xmvWBqZ8HUb/t+owiKshW8iyHyYwc07ovduhKbia0xerk8hsWZ/uCFsWM/
LPpgA9Yx5vz15lbq0lERAczTuybBZHizWOweGUndH8jvzvxqyLTZBF1Gt3I9aGVY
4E/3lHavrbL/DE1nJOlmg8dDDQYK1wWMisb802NFaFR6hXYMJpyCgsDOu7g3m8C5
ify1n/aKz4JoTQKPkcXl9Pek5Lan9BPmuW23NwT7xaFNiBQ+RcjXkpuY/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0VCeDkuGnCHvzeeLwyLRKlpxjEMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvblJVSjRPUzRhY0llX041NHZESXRFcVduR01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3IMA0G
CSqGSIb3DQEBCwUAA4IBAQCY3yJAQ7kuFVlHzY07txLzQbSb0clDZ7Sz5biFPcUE
ZK1cVY+YRa4cFRzJVLdjGu5Hqe49PWKpSWNG+6pfQQIqb8J2E1gL6zclvU7sE9PN
DqMuM/pOJAkPZm9ceF3tT515lzoXXGTTpm/pk9OotqWtaHgWWn/HXeQsa67Dj7ZH
5+3tTo3MwPCEjhilcr+HPMp90xdw4GqEubxNl6JQ/CbyX6mWJrYB0EhylMfF92Zw
t6B+8dfKE9kkHMykJvJcCsdKJkvWGuNxV+Y8d4OMTVJvbJxXcYd+sWyK2GQdXkgZ
7f4Y7UudiX9es9sdDc06qXt1FRWH0kJ9tQGvmFj4qhiF
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:08 2024 by rpki-client on console.sobornost.net