Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/j7_gHnsBeL-Y4DHqheZPgBBTLQ8.roa
File: j7_gHnsBeL-Y4DHqheZPgBBTLQ8.roa (raw, json)
Hash identifier: kmuEmhDcMWWcOrIAF5CV2KxlxoceKau+0UXv8XRC/NI=
Subject key identifier: 8F:BF:E0:1E:7B:01:78:BF:98:E0:31:EA:85:E6:4F:80:10:53:2D:0F
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01866E3EDA1252DE1E98ACD39040FC500DAF
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/j7_gHnsBeL-Y4DHqheZPgBBTLQ8.roa
Signing time: Mon 20 Feb 2023 09:54:18 +0000
ROA not before: Mon 20 Feb 2023 09:54:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:3e:da:12:52:de:1e:98:ac:d3:90:40:fc:50:0d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 20 09:54:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fbfe01e7b0178bf98e031ea85e64f8010532d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2a:8b:04:5b:e5:4a:af:58:ca:1f:6d:3d:76:
3b:5f:e0:d0:0a:55:52:f9:3f:53:e9:df:fd:7b:3e:
78:24:83:46:f6:eb:a9:7d:8e:e7:b1:d7:b4:f8:7d:
2f:b3:3c:a5:54:54:3d:0d:bb:ae:db:37:9f:4d:e7:
12:94:d1:70:f4:03:bb:03:0a:f9:7c:5f:cb:07:8c:
0d:54:8a:72:ff:61:2d:07:db:bc:9f:01:4e:95:d8:
68:60:2a:f6:ff:3f:79:1b:2e:87:39:75:62:3b:da:
99:ec:5a:6e:88:b0:38:dd:47:2e:51:55:88:23:34:
fd:0d:ac:e4:a9:da:5b:8a:7a:22:66:20:56:26:26:
1d:ea:40:d2:95:1f:c8:a9:c0:c9:b8:2d:85:2c:dc:
29:b8:86:22:99:f8:95:64:5d:e7:f2:b2:66:05:75:
ea:3c:a2:9e:8e:8c:e0:5c:35:8e:3d:de:06:35:1c:
4f:9e:a0:2e:91:4c:05:68:e3:d9:e3:b2:d5:16:5d:
ab:8e:a1:ac:d6:f4:05:b1:89:62:29:c7:7a:23:43:
4a:e5:af:e2:23:f3:c7:0a:0d:3c:b7:f6:13:ff:1e:
19:a5:d2:97:fc:a2:66:d0:91:19:d2:a9:09:ad:95:
58:69:b2:99:36:a5:0f:18:e3:ed:57:94:b0:a6:02:
88:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BF:E0:1E:7B:01:78:BF:98:E0:31:EA:85:E6:4F:80:10:53:2D:0F
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/j7_gHnsBeL-Y4DHqheZPgBBTLQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.140.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:f7:16:16:a1:89:b9:97:95:58:df:aa:e6:c7:0b:69:44:8c:
11:1e:fc:df:e5:6b:1e:3f:43:39:31:bc:3b:49:3e:a3:79:87:
87:23:e1:06:bb:35:1d:1a:ff:69:28:a0:ad:7f:88:71:bb:5d:
b0:9f:f6:f3:92:41:df:a8:5a:3a:c0:c7:c7:c9:94:5a:85:5a:
5b:45:ab:25:a9:95:54:6a:97:55:1e:81:f1:97:c1:04:cd:be:
ef:6b:dd:99:f8:bb:91:32:b9:cb:dc:8a:1d:5c:7c:67:7a:65:
ce:4a:ae:dc:a9:df:cc:c0:46:74:98:04:ba:69:1c:52:cd:f9:
25:3e:ed:e3:25:67:17:59:f8:0c:de:58:12:f3:f5:6b:ee:72:
dc:09:31:89:d6:fe:76:91:87:f1:08:2b:8d:54:c6:56:5b:36:
04:5d:55:de:1a:ba:fb:32:7f:e1:a8:70:4f:5b:65:29:44:36:
aa:83:06:72:1f:c7:cb:bb:3c:bb:60:6b:54:d8:4e:c6:59:fe:
0e:cd:25:25:55:8a:41:3b:8a:36:62:9c:9a:92:db:07:bb:47:
82:81:89:d5:cf:6b:b4:51:45:62:00:91:76:92:73:73:5d:2c:
fd:81:78:81:fc:df:f1:b1:83:b4:0c:44:ff:56:e3:ea:bf:2d:
5a:4b:05:ff
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYZuPtoSUt4emKzTkED8UA2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMjIwMDk1NDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmJmZTAxZTdiMDE3OGJmOThlMDMxZWE4NWU2NGY4MDEwNTMyZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyqLBFvlSq9Yyh9tPXY7X+DQClVS
+T9T6d/9ez54JING9uupfY7nsde0+H0vszylVFQ9Dbuu2zefTecSlNFw9AO7Awr5
fF/LB4wNVIpy/2EtB9u8nwFOldhoYCr2/z95Gy6HOXViO9qZ7FpuiLA43UcuUVWI
IzT9DazkqdpbinoiZiBWJiYd6kDSlR/IqcDJuC2FLNwpuIYimfiVZF3n8rJmBXXq
PKKejozgXDWOPd4GNRxPnqAukUwFaOPZ47LVFl2rjqGs1vQFsYliKcd6I0NK5a/i
I/PHCg08t/YT/x4ZpdKX/KJm0JEZ0qkJrZVYabKZNqUPGOPtV5SwpgKIrQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFI+/4B57AXi/mOAx6oXmT4AQUy0PMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvajdfZ0huc0JlTC1ZNERIcWhlWlBnQkJUTFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCbWiMAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkE
AgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG
9w0BAQsFAAOCAQEAIfcWFqGJuZeVWN+q5scLaUSMER783+VrHj9DOTG8O0k+o3mH
hyPhBrs1HRr/aSigrX+IcbtdsJ/285JB36haOsDHx8mUWoVaW0WrJamVVGqXVR6B
8ZfBBM2+72vdmfi7kTK5y9yKHVx8Z3plzkqu3KnfzMBGdJgEumkcUs35JT7t4yVn
F1n4DN5YEvP1a+5y3Akxidb+dpGH8QgrjVTGVls2BF1V3hq6+zJ/4ahwT1tlKUQ2
qoMGch/Hy7s8u2BrVNhOxln+Ds0lJVWKQTuKNmKcmpLbB7tHgoGJ1c9rtFFFYgCR
dpJzc10s/YF4gfzf8bGDtAxE/1bj6r8tWksF/w==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net