Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/kiQE3bWxhZ-Lq5SVjdm2t3eH0MY.roa
File: kiQE3bWxhZ-Lq5SVjdm2t3eH0MY.roa (raw, json)
Hash identifier: /JNISCSwZZc6j6o4Hyk9ndpmy1tFd0LhyBVjYx8maxM=
Subject key identifier: 92:24:04:DD:B5:B1:85:9F:8B:AB:94:95:8D:D9:B6:B7:77:87:D0:C6
Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Certificate serial: 01856B49F7876A51867F64DA5FFCB66CCE5B
Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/kiQE3bWxhZ-Lq5SVjdm2t3eH0MY.roa
Signing time: Sun 01 Jan 2023 03:04:47 +0000
ROA not before: Sun 01 Jan 2023 03:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 109.68.71.0/24 maxlen: 24
109.68.67.0/24 maxlen: 24
109.68.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:f7:87:6a:51:86:7f:64:da:5f:fc:b6:6c:ce:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Validity
Not Before: Jan 1 03:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=922404ddb5b1859f8bab94958dd9b6b77787d0c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:e0:c9:01:a6:2c:1b:7c:f1:20:1c:22:37:
b9:eb:a6:62:a7:41:99:31:fd:8a:e1:55:11:7a:77:
5b:01:b8:64:03:d5:88:ea:4a:b1:81:4c:4d:11:88:
b5:04:e6:0d:db:da:73:44:bc:52:b0:38:5e:3f:35:
c5:a9:db:b4:8f:24:f1:52:6f:39:0f:84:f0:d2:e6:
52:fa:a2:71:b7:c7:b8:ef:3e:20:ad:65:89:24:f0:
60:e1:d6:c7:0f:12:df:55:4f:a4:4f:00:a8:3b:33:
1f:dd:08:f4:e9:cd:5c:f2:52:96:60:7a:bd:24:e1:
82:07:48:ac:39:fb:bc:75:3f:71:ed:82:95:82:f5:
2b:95:be:5f:89:a5:d1:ac:a2:10:d5:61:f8:69:9b:
0b:7e:38:91:d8:ba:01:93:78:dc:5a:4c:15:6a:8e:
fa:3a:5f:96:c0:a8:2d:e6:e9:cd:9c:39:8a:aa:92:
6f:54:0e:6c:a8:bb:d3:3a:9e:f6:e5:32:9e:2a:b9:
73:a7:71:87:8f:d2:86:83:74:0b:90:42:07:2d:18:
8c:9c:a1:29:65:b5:e6:74:83:11:11:e6:d3:a2:78:
ba:a8:ee:47:46:fc:22:78:5c:a8:dc:c0:95:b4:98:
bf:46:a4:f5:7a:94:ae:09:bd:51:4f:69:56:6f:01:
a6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:24:04:DD:B5:B1:85:9F:8B:AB:94:95:8D:D9:B6:B7:77:87:D0:C6
X509v3 Authority Key Identifier:
keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/kiQE3bWxhZ-Lq5SVjdm2t3eH0MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.67.0/24
109.68.70.0/23
Signature Algorithm: sha256WithRSAEncryption
04:5d:0e:27:5f:e2:f0:6e:22:a6:ec:95:d3:19:9b:f4:b6:08:
e2:24:ff:fc:e5:f6:93:ff:e2:3c:ba:c8:de:be:20:7a:b1:68:
6a:54:30:94:88:76:fd:ad:5d:de:0f:e4:3f:81:fe:2e:e6:18:
ef:1c:7d:6e:06:a0:87:88:6f:04:bb:b3:1f:d2:36:97:ec:67:
d5:96:0d:c7:06:c3:1a:95:1c:24:9c:96:cb:cc:1c:f4:bb:68:
d3:7e:fd:2c:fa:fc:fa:c7:78:07:6b:f1:c4:11:54:3a:1b:79:
6c:b2:f1:87:2a:b3:9c:19:29:86:6b:ff:92:93:e1:f0:e4:d9:
12:77:4c:b6:95:15:2e:a4:b1:22:6f:f1:04:f3:ba:12:2a:60:
10:e0:cd:b9:7a:92:32:cf:7b:de:0b:ac:68:64:10:38:76:9c:
fe:13:1c:5c:9c:8d:f4:76:2e:2f:d6:17:4d:a0:58:68:10:e6:
ce:85:e9:9a:a4:28:b5:6b:e2:6e:a6:c2:c1:b7:ad:79:f7:db:
2e:9f:37:3c:fc:fc:38:b4:16:2e:57:f0:a3:1c:39:49:02:81:
8e:71:25:b6:c4:f3:7b:84:06:56:cf:0e:23:76:5f:95:27:b9:
74:fb:c7:00:36:6a:a2:3b:89:15:35:0b:f9:7f:76:a2:b1:17:
a0:d1:e4:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrSfeHalGGf2TaX/y2bM5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz
Mzc5NDMwHhcNMjMwMTAxMDMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI0MDRkZGI1YjE4NTlmOGJhYjk0OTU4ZGQ5YjZiNzc3ODdkMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIzgyQGmLBt88SAcIje566Zip0GZ
Mf2K4VURendbAbhkA9WI6kqxgUxNEYi1BOYN29pzRLxSsDhePzXFqdu0jyTxUm85
D4Tw0uZS+qJxt8e47z4grWWJJPBg4dbHDxLfVU+kTwCoOzMf3Qj06c1c8lKWYHq9
JOGCB0isOfu8dT9x7YKVgvUrlb5fiaXRrKIQ1WH4aZsLfjiR2LoBk3jcWkwVao76
Ol+WwKgt5unNnDmKqpJvVA5sqLvTOp725TKeKrlzp3GHj9KGg3QLkEIHLRiMnKEp
ZbXmdIMREebToni6qO5HRvwieFyo3MCVtJi/RqT1epSuCb1RT2lWbwGmDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJIkBN21sYWfi6uUlY3Ztrd3h9DGMB8GA1UdIwQY
MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt
NThkMmVlOTgyODc5LzEva2lRRTNiV3hoWi1McTVTVmpkbTJ0M2VIME1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGItNThkMmVlOTgyODc5
LzEvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbURDAwQB
bURGMA0GCSqGSIb3DQEBCwUAA4IBAQAEXQ4nX+LwbiKm7JXTGZv0tgjiJP/85faT
/+I8usjeviB6sWhqVDCUiHb9rV3eD+Q/gf4u5hjvHH1uBqCHiG8Eu7Mf0jaX7GfV
lg3HBsMalRwknJbLzBz0u2jTfv0s+vz6x3gHa/HEEVQ6G3lssvGHKrOcGSmGa/+S
k+Hw5NkSd0y2lRUupLEib/EE87oSKmAQ4M25epIyz3veC6xoZBA4dpz+ExxcnI30
di4v1hdNoFhoEObOhemapCi1a+JupsLBt61599sunzc8/Pw4tBYuV/CjHDlJAoGO
cSW2xPN7hAZWzw4jdl+VJ7l0+8cANmqiO4kVNQv5f3aisReg0eTD
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:22 2024 by rpki-client on console.sobornost.net