Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/COwRitmKm0T00HnlFlkpuL2-mM8.roa
File: COwRitmKm0T00HnlFlkpuL2-mM8.roa (raw, json)
Hash identifier: 540cpSrw3QuR8EOwm32HlZW4TBNgu3uGFebfYmCnIHc=
Subject key identifier: 08:EC:11:8A:D9:8A:9B:44:F4:D0:79:E5:16:59:29:B8:BD:BE:98:CF
Certificate issuer: /CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Certificate serial: 01856C1CC5D794368472120A31B5F0FC268E
Authority key identifier: FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/COwRitmKm0T00HnlFlkpuL2-mM8.roa
Signing time: Sun 01 Jan 2023 06:55:03 +0000
ROA not before: Sun 01 Jan 2023 06:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47692
IP address blocks: 192.166.242.0/23 maxlen: 23
192.166.241.0/24 maxlen: 24
84.242.8.0/21 maxlen: 24
146.255.56.0/21 maxlen: 24
5.183.173.0/24 maxlen: 24
5.183.174.0/23 maxlen: 23
45.155.244.0/22 maxlen: 24
83.137.112.0/21 maxlen: 24
77.244.240.0/20 maxlen: 24
217.74.8.0/21 maxlen: 24
92.42.136.0/21 maxlen: 24
212.232.24.0/21 maxlen: 24
2a02:1b9::/32 maxlen: 32
2a02:1b8::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c5:d7:94:36:84:72:12:0a:31:b5:f0:fc:26:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Validity
Not Before: Jan 1 06:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08ec118ad98a9b44f4d079e5165929b8bdbe98cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d9:42:fe:07:ab:7c:57:7d:12:5d:3f:ed:ee:
80:2b:21:2d:01:63:1c:4b:12:0c:55:51:46:48:79:
be:2e:e7:40:2b:af:96:7a:26:f0:22:8c:c5:c1:19:
41:f4:46:47:22:61:e3:c3:34:8e:6f:fb:eb:5a:df:
9e:5b:b9:86:0b:5d:7f:9b:61:46:ac:6b:53:e8:3b:
28:9b:78:0a:7c:e1:07:06:84:fb:cc:12:c3:38:cb:
25:4e:fa:9f:a0:57:29:92:e3:1d:0c:2e:d1:23:12:
44:8e:64:16:7a:07:cf:9c:15:ee:48:26:4a:38:f7:
b2:34:51:ee:e4:ec:dc:2d:31:bb:d7:b5:4e:91:5d:
d2:68:a1:ae:21:09:2a:d6:af:53:36:58:96:68:06:
d3:3c:2e:85:db:66:54:65:4c:f5:55:d8:17:d0:31:
6f:4a:99:ff:be:e2:e5:91:e9:dd:24:48:b9:24:5e:
27:bf:12:04:56:f1:95:14:9a:cb:47:d2:dd:50:0b:
89:35:36:2c:5d:b4:b0:66:87:bc:28:9d:0e:0a:5f:
e3:0a:98:73:6b:6d:8c:aa:b5:a0:0b:f3:8b:ca:30:
78:51:12:20:98:4c:26:38:77:62:75:d9:73:22:24:
c5:71:04:2a:fe:9f:6f:9a:17:53:86:bd:a5:6b:83:
a0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EC:11:8A:D9:8A:9B:44:F4:D0:79:E5:16:59:29:B8:BD:BE:98:CF
X509v3 Authority Key Identifier:
keyid:FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/COwRitmKm0T00HnlFlkpuL2-mM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/_ToehGW_xN9wCJQ3LQuYCOi2Keo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.173.0-5.183.175.255
45.155.244.0/22
77.244.240.0/20
83.137.112.0/21
84.242.8.0/21
92.42.136.0/21
146.255.56.0/21
192.166.241.0-192.166.243.255
212.232.24.0/21
217.74.8.0/21
IPv6:
2a02:1b8::/29
Signature Algorithm: sha256WithRSAEncryption
8b:86:62:c8:46:9e:f3:e6:77:95:6c:f6:94:b5:7a:3a:cc:4a:
fc:3f:fc:4d:0b:13:a1:f8:91:d9:7c:fd:03:4b:2f:93:13:03:
67:51:17:03:da:0c:3d:52:26:c3:8a:ab:b0:f7:0c:e9:c2:d6:
c4:27:f6:20:b0:0b:e4:13:bc:d6:04:84:27:ef:61:6c:3a:bc:
b5:d4:0a:2a:0a:f5:4c:b6:b8:d8:bd:23:43:7e:eb:36:e9:00:
58:6e:3c:76:c0:6b:76:dd:2d:f9:ae:e1:7b:80:57:d6:ec:23:
ff:ad:ae:0a:4b:86:41:0b:fa:9e:da:50:5f:2d:61:da:21:0f:
39:1c:78:ff:df:2f:6c:cf:a5:94:54:73:22:73:88:96:79:5a:
49:04:41:45:73:e7:ed:43:ac:99:7d:9c:ca:1b:bf:e7:91:bf:
8c:48:f8:7b:53:d7:8a:a8:55:89:9b:99:2a:71:4e:d1:87:68:
3f:83:3f:82:f7:68:bc:b1:37:ee:28:e5:b1:7f:a4:9b:7c:aa:
4e:1e:65:06:ba:47:b7:cf:07:97:9f:ec:01:67:67:55:5d:6a:
a3:3e:fe:8d:36:e8:bf:4b:44:99:d8:1d:09:fc:d9:7a:fb:7f:
31:82:55:e8:b1:35:20:e2:fe:54:48:6f:aa:61:51:9e:c0:d9:
e3:9f:e4:a9
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYVsHMXXlDaEchIKMbXw/CaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkM2ExZTg0NjViZmM0ZGY3MDA4OTQzNzJkMGI5ODA4ZThi
NjI5ZWEwHhcNMjMwMTAxMDY1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVjMTE4YWQ5OGE5YjQ0ZjRkMDc5ZTUxNjU5MjliOGJkYmU5OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9lC/gerfFd9El0/7e6AKyEtAWMc
SxIMVVFGSHm+LudAK6+WeibwIozFwRlB9EZHImHjwzSOb/vrWt+eW7mGC11/m2FG
rGtT6Dsom3gKfOEHBoT7zBLDOMslTvqfoFcpkuMdDC7RIxJEjmQWegfPnBXuSCZK
OPeyNFHu5OzcLTG717VOkV3SaKGuIQkq1q9TNliWaAbTPC6F22ZUZUz1VdgX0DFv
Spn/vuLlkendJEi5JF4nvxIEVvGVFJrLR9LdUAuJNTYsXbSwZoe8KJ0OCl/jCphz
a22MqrWgC/OLyjB4URIgmEwmOHdiddlzIiTFcQQq/p9vmhdThr2la4OgGwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFAjsEYrZiptE9NB55RZZKbi9vpjPMB8GA1UdIwQY
MBaAFP06HoRlv8TfcAiUNy0LmAjotinqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RvZWhHV194Tjl3Q0pRM0xRdVlDT2kyS2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81MTM3MzQtYTQ4NS00YzI4LThhYTYt
OTU1NWQzMGY2ZjhmLzEvQ093Uml0bUttMFQwMEhubEZsa3B1TDItbU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81MTM3MzQtYTQ4NS00YzI4LThhYTYtOTU1NWQzMGY2Zjhm
LzEvX1RvZWhHV194Tjl3Q0pRM0xRdVlDT2kyS2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAwDBAAFt60D
BAQFt6ADBAItm/QDBARN9PADBANTiXADBANU8ggDBANcKogDBAOS/zgwDAMEAMCm
8QMEAsCm8AMEA9ToGAMEA9lKCDANBAIAAjAHAwUDKgIBuDANBgkqhkiG9w0BAQsF
AAOCAQEAi4ZiyEae8+Z3lWz2lLV6OsxK/D/8TQsTofiR2Xz9A0svkxMDZ1EXA9oM
PVImw4qrsPcM6cLWxCf2ILAL5BO81gSEJ+9hbDq8tdQKKgr1TLa42L0jQ37rNukA
WG48dsBrdt0t+a7he4BX1uwj/62uCkuGQQv6ntpQXy1h2iEPORx4/98vbM+llFRz
InOIlnlaSQRBRXPn7UOsmX2cyhu/55G/jEj4e1PXiqhViZuZKnFO0YdoP4M/gvdo
vLE37ijlsX+km3yqTh5lBrpHt88Hl5/sAWdnVV1qoz7+jTbov0tEmdgdCfzZevt/
MYJV6LE1IOL+VEhvqmFRnsDZ45/kqQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:40 2024 by rpki-client on console.sobornost.net