Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/AheNZdnRhtLIYN7SYf9IIWTbiMM.roa
File: AheNZdnRhtLIYN7SYf9IIWTbiMM.roa (raw, json)
Hash identifier: Rk7Rnt3IeZvBVpDdtQ9KkjKmtEfUtQ9Z6+Vqx2oYjx4=
Subject key identifier: 02:17:8D:65:D9:D1:86:D2:C8:60:DE:D2:61:FF:48:21:64:DB:88:C3
Certificate issuer: /CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Certificate serial: 01857246ED5B94A9B6D4E62CF82F5AEDE3D5
Authority key identifier: 59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/AheNZdnRhtLIYN7SYf9IIWTbiMM.roa
Signing time: Mon 02 Jan 2023 11:38:48 +0000
ROA not before: Mon 02 Jan 2023 11:38:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199898
IP address blocks: 91.238.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ed:5b:94:a9:b6:d4:e6:2c:f8:2f:5a:ed:e3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Validity
Not Before: Jan 2 11:38:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02178d65d9d186d2c860ded261ff482164db88c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:0e:53:f2:df:72:19:d4:33:4b:a6:8c:b0:
ac:06:83:c4:02:9d:df:5b:32:81:1a:d9:32:e4:1a:
5c:e9:c6:90:ed:af:c8:dd:0b:d5:52:bf:a0:af:60:
51:d9:39:54:07:29:df:98:6d:60:e1:63:f3:bb:bb:
d9:9f:c9:aa:8c:45:3d:ed:2b:d6:18:3b:b1:16:af:
61:79:57:b1:fd:b9:44:5f:88:72:c4:2f:f1:c5:d3:
09:6f:67:df:74:6e:56:8f:d4:af:45:d8:d3:e5:8e:
9e:74:04:7c:32:c3:ea:5d:aa:7c:b3:67:5d:1a:aa:
d0:29:b8:1e:57:99:34:2e:11:b6:98:d8:a9:78:5c:
0d:6c:45:6d:99:e9:25:4d:2e:c5:e8:26:34:1d:65:
d9:d4:a4:02:65:7e:7d:37:84:51:1f:2c:bb:78:b1:
e0:f1:ae:d1:c3:b8:40:43:91:e3:90:7b:01:d1:b5:
ae:7f:85:68:7b:32:08:8f:ea:94:83:59:23:10:22:
02:3c:3d:f2:55:12:8c:74:72:06:02:54:2b:95:40:
8f:cb:5c:ba:70:ef:b6:19:6e:45:2f:c7:cd:bc:dd:
0c:ef:ba:8f:1c:47:3d:fd:82:b5:0e:bc:7e:8f:f4:
c3:9b:6b:cc:44:6a:94:a4:24:d6:98:03:54:ed:15:
59:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:8D:65:D9:D1:86:D2:C8:60:DE:D2:61:FF:48:21:64:DB:88:C3
X509v3 Authority Key Identifier:
keyid:59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/AheNZdnRhtLIYN7SYf9IIWTbiMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/WfJfgmyjg6C3pcA2eteB_id_Z88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5c:7e:da:eb:6e:12:04:70:43:f8:df:37:21:75:60:fb:d1:
03:70:24:13:eb:2c:38:67:e0:ec:cb:96:e8:a7:39:90:71:9f:
f1:90:35:cc:3f:ad:af:43:fe:02:fe:ab:1d:39:de:f7:66:59:
76:0c:47:c2:8c:2a:8b:70:55:6a:5b:b6:67:6f:91:94:4d:f0:
28:94:db:a7:d0:b8:77:f8:b9:7c:9a:41:3b:61:25:b6:63:68:
54:6d:f6:b0:ca:eb:2a:11:cc:c3:ea:fb:69:e1:6b:63:2f:89:
69:c6:51:aa:60:64:ac:ad:02:e8:4b:7d:d7:e0:32:54:cb:0e:
19:9b:c6:3f:d6:10:2b:dc:00:8a:99:38:be:07:74:a6:e2:83:
64:74:ac:bf:13:9b:e3:6f:13:28:fa:86:e2:1f:f4:cc:fa:0f:
d3:b0:73:3a:d6:56:48:c7:5b:49:af:2f:40:50:fe:25:cd:f7:
c5:83:e4:1e:fc:b3:8e:32:c7:e7:55:71:c4:5e:82:e9:e1:a1:
19:41:6e:a9:15:29:ad:47:db:38:01:54:96:9a:60:37:35:29:
cd:86:1a:0d:8b:ce:33:53:94:fd:fa:1e:32:05:0a:c0:b5:07:
ce:9a:dc:6f:f8:20:a6:ab:1a:9b:e5:37:f8:fe:31:b5:15:27:
fd:13:97:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRu1blKm21OYs+C9a7ePVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZjI1ZjgyNmNhMzgzYTBiN2E1YzAzNjdhZDc4MWZlMjc3
ZjY3Y2YwHhcNMjMwMTAyMTEzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE3OGQ2NWQ5ZDE4NmQyYzg2MGRlZDI2MWZmNDgyMTY0ZGI4OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY8OU/LfchnUM0umjLCsBoPEAp3f
WzKBGtky5Bpc6caQ7a/I3QvVUr+gr2BR2TlUBynfmG1g4WPzu7vZn8mqjEU97SvW
GDuxFq9heVex/blEX4hyxC/xxdMJb2ffdG5Wj9SvRdjT5Y6edAR8MsPqXap8s2dd
GqrQKbgeV5k0LhG2mNipeFwNbEVtmeklTS7F6CY0HWXZ1KQCZX59N4RRHyy7eLHg
8a7Rw7hAQ5HjkHsB0bWuf4VoezIIj+qUg1kjECICPD3yVRKMdHIGAlQrlUCPy1y6
cO+2GW5FL8fNvN0M77qPHEc9/YK1Drx+j/TDm2vMRGqUpCTWmANU7RVZxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIXjWXZ0YbSyGDe0mH/SCFk24jDMB8GA1UdIwQY
MBaAFFnyX4Jso4Ogt6XANnrXgf4nf2fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ZKZmdteWpnNkMzcGNBMmV0ZUJfaWRfWjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wZjA2ZmItYTgyMi00NWU1LTk3M2Ut
NjQyNWU0MzgyMzMzLzEvQWhlTlpkblJodExJWU43U1lmOUlJV1RiaU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8wZjA2ZmItYTgyMi00NWU1LTk3M2UtNjQyNWU0MzgyMzMz
LzEvV2ZKZmdteWpnNkMzcGNBMmV0ZUJfaWRfWjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+77MA0G
CSqGSIb3DQEBCwUAA4IBAQAqXH7a624SBHBD+N83IXVg+9EDcCQT6yw4Z+Dsy5bo
pzmQcZ/xkDXMP62vQ/4C/qsdOd73Zll2DEfCjCqLcFVqW7Znb5GUTfAolNun0Lh3
+Ll8mkE7YSW2Y2hUbfawyusqEczD6vtp4WtjL4lpxlGqYGSsrQLoS33X4DJUyw4Z
m8Y/1hAr3ACKmTi+B3Sm4oNkdKy/E5vjbxMo+obiH/TM+g/TsHM61lZIx1tJry9A
UP4lzffFg+Qe/LOOMsfnVXHEXoLp4aEZQW6pFSmtR9s4AVSWmmA3NSnNhhoNi84z
U5T9+h4yBQrAtQfOmtxv+CCmqxqb5Tf4/jG1FSf9E5fZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:54 2024 by rpki-client on console.sobornost.net