Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/_yWngOUWl58870a_Zi-TClzq6Vg.roa
File: _yWngOUWl58870a_Zi-TClzq6Vg.roa (raw, json)
Hash identifier: xiRI9BmJiVcjcK0WvN57q9zMDQZaYXK4vtpxJEdfmaU=
Subject key identifier: FF:25:A7:80:E5:16:97:9F:3C:EF:46:BF:66:2F:93:0A:5C:EA:E9:58
Certificate issuer: /CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Certificate serial: 01857246EC61AA2973A02878489077B7E845
Authority key identifier: 59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/_yWngOUWl58870a_Zi-TClzq6Vg.roa
Signing time: Mon 02 Jan 2023 11:38:48 +0000
ROA not before: Mon 02 Jan 2023 11:38:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12591
IP address blocks: 193.178.152.0/24 maxlen: 24
193.178.152.0/23 maxlen: 23
193.178.153.0/24 maxlen: 24
2001:67c:2154::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ec:61:aa:29:73:a0:28:78:48:90:77:b7:e8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Validity
Not Before: Jan 2 11:38:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff25a780e516979f3cef46bf662f930a5ceae958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:27:3f:bb:a5:80:14:74:14:43:e7:11:a2:
00:bb:8d:30:f1:f5:ce:f6:74:d3:24:39:1c:06:37:
cb:82:f5:a6:6b:92:cb:bd:53:f0:dd:b8:87:77:aa:
d4:4f:5f:77:e2:ea:18:c7:12:bf:45:c5:6d:08:32:
bf:42:42:4f:7e:7f:98:f3:5f:1e:64:6e:90:45:36:
4d:fc:1c:cb:f0:17:82:c5:1a:0d:52:79:64:0d:3a:
31:ad:e1:0b:b1:ca:b0:a9:d0:25:20:80:8c:5e:6d:
02:f0:e1:fd:ab:9b:b1:b3:7d:ba:ca:99:fd:ee:52:
80:25:56:2c:fe:93:f9:8e:f8:34:f4:2f:e5:a9:19:
f5:84:65:ef:fe:6e:4a:03:62:ad:6d:ea:50:04:06:
91:b9:e6:71:c6:09:49:9d:9c:19:69:7e:a0:0e:ce:
7d:36:2a:b9:1c:48:94:d7:b3:e0:b3:4f:e8:86:68:
ab:35:d3:22:68:82:0e:02:20:0f:e4:5e:37:70:3d:
86:8a:a6:cf:fa:d3:97:46:62:cb:a3:f1:2d:3d:4a:
b6:b6:a1:fc:3f:15:76:d4:7e:44:5e:e7:7e:eb:24:
aa:59:7f:c7:ae:c3:ba:2b:ed:8f:c8:3d:2c:ff:96:
18:35:16:e3:84:b7:96:08:80:7c:6c:8c:10:58:89:
22:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:25:A7:80:E5:16:97:9F:3C:EF:46:BF:66:2F:93:0A:5C:EA:E9:58
X509v3 Authority Key Identifier:
keyid:59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/_yWngOUWl58870a_Zi-TClzq6Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/WfJfgmyjg6C3pcA2eteB_id_Z88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.152.0/23
IPv6:
2001:67c:2154::/48
Signature Algorithm: sha256WithRSAEncryption
36:db:80:a0:23:d5:41:bb:2d:6f:a7:47:46:05:52:23:0a:d7:
b3:e6:26:97:23:9f:dc:b5:7a:0a:c1:84:3d:7a:e3:44:a7:b0:
80:fa:ba:42:b6:25:fb:8e:50:19:ba:86:08:98:68:58:0f:2c:
22:e3:74:e4:de:b4:7a:ae:4c:db:a4:1c:a2:68:77:9a:2a:fa:
5e:08:a4:ec:09:76:26:ec:c4:04:0b:24:1a:0c:3f:a8:26:ac:
37:fa:0d:2c:d5:1c:ef:e4:1c:b6:77:60:9d:a1:3e:3e:cb:f6:
95:f9:4d:7d:1d:b0:9e:2d:7e:a5:21:15:15:73:12:8d:bc:1e:
00:e9:51:dd:b4:ec:74:90:ad:0d:7b:f9:36:ab:86:40:03:8b:
a0:33:2a:b9:17:bf:d4:bb:a0:81:d4:31:24:3d:c0:b2:04:54:
b5:38:68:a7:83:c1:98:d4:d7:72:98:fe:39:f1:fa:65:1b:0a:
f8:1e:54:03:95:74:75:19:bd:c0:39:98:b1:33:61:cd:2f:a8:
e3:90:8d:66:0d:a6:f0:f5:74:49:73:90:83:33:6f:e6:1f:ee:
a2:11:ec:38:7f:94:49:88:98:ff:57:0b:78:fb:05:39:5a:71:
ac:b5:17:33:73:4e:db:e4:55:23:27:3e:ab:18:7e:26:d2:a2:
aa:43:62:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRuxhqilzoCh4SJB3t+hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZjI1ZjgyNmNhMzgzYTBiN2E1YzAzNjdhZDc4MWZlMjc3
ZjY3Y2YwHhcNMjMwMTAyMTEzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI1YTc4MGU1MTY5NzlmM2NlZjQ2YmY2NjJmOTMwYTVjZWFlOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuQnP7ulgBR0FEPnEaIAu40w8fXO
9nTTJDkcBjfLgvWma5LLvVPw3biHd6rUT1934uoYxxK/RcVtCDK/QkJPfn+Y818e
ZG6QRTZN/BzL8BeCxRoNUnlkDToxreELscqwqdAlIICMXm0C8OH9q5uxs326ypn9
7lKAJVYs/pP5jvg09C/lqRn1hGXv/m5KA2KtbepQBAaRueZxxglJnZwZaX6gDs59
Niq5HEiU17Pgs0/ohmirNdMiaIIOAiAP5F43cD2GiqbP+tOXRmLLo/EtPUq2tqH8
PxV21H5EXud+6ySqWX/HrsO6K+2PyD0s/5YYNRbjhLeWCIB8bIwQWIkiCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP8lp4DlFpefPO9Gv2Yvkwpc6ulYMB8GA1UdIwQY
MBaAFFnyX4Jso4Ogt6XANnrXgf4nf2fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ZKZmdteWpnNkMzcGNBMmV0ZUJfaWRfWjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wZjA2ZmItYTgyMi00NWU1LTk3M2Ut
NjQyNWU0MzgyMzMzLzEvX3lXbmdPVVdsNTg4NzBhX1ppLVRDbHpxNlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8wZjA2ZmItYTgyMi00NWU1LTk3M2UtNjQyNWU0MzgyMzMz
LzEvV2ZKZmdteWpnNkMzcGNBMmV0ZUJfaWRfWjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwbKYMA8E
AgACMAkDBwAgAQZ8IVQwDQYJKoZIhvcNAQELBQADggEBADbbgKAj1UG7LW+nR0YF
UiMK17PmJpcjn9y1egrBhD1640SnsID6ukK2JfuOUBm6hgiYaFgPLCLjdOTetHqu
TNukHKJod5oq+l4IpOwJdibsxAQLJBoMP6gmrDf6DSzVHO/kHLZ3YJ2hPj7L9pX5
TX0dsJ4tfqUhFRVzEo28HgDpUd207HSQrQ17+TarhkADi6AzKrkXv9S7oIHUMSQ9
wLIEVLU4aKeDwZjU13KY/jnx+mUbCvgeVAOVdHUZvcA5mLEzYc0vqOOQjWYNpvD1
dElzkIMzb+Yf7qIR7Dh/lEmImP9XC3j7BTlacay1FzNzTtvkVSMnPqsYfibSoqpD
Yro=
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:54 2024 by rpki-client on console.sobornost.net