Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/8C66AzkPQwWCPSTlwgRwPIiPZBs.roa
File: 8C66AzkPQwWCPSTlwgRwPIiPZBs.roa (raw, json)
Hash identifier: 5jNXHnoSSjSl4RzQDgLdHb9T3SA5K79uU3FZmpCBqV4=
Subject key identifier: F0:2E:BA:03:39:0F:43:05:82:3D:24:E5:C2:04:70:3C:88:8F:64:1B
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 018571B0B6539DD08A7865987A93FE62A930
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/8C66AzkPQwWCPSTlwgRwPIiPZBs.roa
Signing time: Mon 02 Jan 2023 08:54:44 +0000
ROA not before: Mon 02 Jan 2023 08:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60175
IP address blocks: 185.35.12.0/22 maxlen: 22
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:b6:53:9d:d0:8a:78:65:98:7a:93:fe:62:a9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Jan 2 08:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f02eba03390f4305823d24e5c204703c888f641b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:59:94:b6:d6:42:3b:78:fa:cb:99:29:b2:ba:
31:62:e0:84:73:86:47:b2:7f:90:48:d0:30:d8:f5:
96:b8:51:3c:e3:29:f0:46:c8:92:76:0d:f0:bc:83:
cf:2f:4f:84:c0:93:23:ef:21:a5:ae:d6:0a:9d:1a:
44:09:bc:04:bd:e9:43:72:e2:e2:35:23:30:d2:8e:
37:7c:b6:ef:07:4d:47:14:11:e2:98:8d:72:e2:5f:
8d:6d:9a:27:8b:94:f5:39:72:7c:29:59:17:0c:d9:
49:ab:9a:ff:00:cf:4c:43:27:89:be:c3:df:27:41:
d3:51:e5:5e:59:80:96:74:f7:3d:68:78:52:9f:b8:
07:26:f5:7b:bd:bd:a6:92:6c:c2:70:f8:15:b9:42:
62:ad:14:d9:08:6f:da:5d:4e:1b:85:fa:1b:b1:af:
6e:a7:66:d0:66:45:d7:f8:67:22:ec:37:15:e3:84:
bf:f0:06:c5:40:27:fe:1f:fd:ae:7f:60:e2:5c:33:
57:f0:f6:0e:f8:7e:3c:db:c4:f1:c3:87:71:bd:35:
2f:dc:26:db:28:af:6a:a8:d6:a4:79:07:ad:6f:09:
64:9a:9d:87:a3:d1:1a:fe:04:32:1d:b9:02:18:aa:
96:08:39:bc:df:c1:ad:e8:ee:45:b8:b6:3c:2d:0c:
95:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2E:BA:03:39:0F:43:05:82:3D:24:E5:C2:04:70:3C:88:8F:64:1B
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/8C66AzkPQwWCPSTlwgRwPIiPZBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.12.0/22
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:25:e4:07:de:67:4c:0c:89:50:f8:a0:27:55:33:73:c2:f0:
34:fc:00:94:50:75:1b:34:43:12:a9:80:ac:68:58:19:d9:02:
04:1a:b1:20:91:ed:78:b1:22:60:6c:92:81:26:6c:ee:a9:11:
66:4a:09:ff:35:db:a5:f0:6e:82:c9:e8:07:f6:3b:1e:a0:20:
c6:2a:92:90:bf:5f:d0:39:c0:fc:0f:b8:f8:65:df:18:aa:cb:
f5:80:3a:d5:48:47:e2:10:31:d8:8e:d4:c9:7e:c9:b7:b5:c1:
df:54:1f:24:c6:f8:1e:9f:f9:d0:10:7a:a5:f6:62:3c:3d:fd:
a5:de:aa:0c:fe:3f:68:92:b1:a7:63:b4:15:01:4e:59:9e:e4:
59:86:d5:5d:dd:d1:c1:c6:17:6e:51:7a:20:8f:83:0a:c5:30:
98:d1:b6:0d:f8:a6:64:1f:cc:38:ff:35:5e:66:30:ef:ed:05:
a8:a5:12:1d:e0:42:c4:a7:65:d9:ad:d4:5b:8b:bd:bb:ee:4a:
94:82:a1:39:4f:54:b6:84:39:aa:93:07:72:34:75:0b:ca:73:
fa:58:92:b8:df:26:90:91:1b:04:c1:81:d9:2c:19:91:ea:ba:
5f:19:ac:ba:38:e3:bb:5d:c2:bd:c7:ec:da:3d:43:c3:ac:0f:
6d:31:c7:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsLZTndCKeGWYepP+YqkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjMwMTAyMDg1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJlYmEwMzM5MGY0MzA1ODIzZDI0ZTVjMjA0NzAzYzg4OGY2NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFmUttZCO3j6y5kpsroxYuCEc4ZH
sn+QSNAw2PWWuFE84ynwRsiSdg3wvIPPL0+EwJMj7yGlrtYKnRpECbwEvelDcuLi
NSMw0o43fLbvB01HFBHimI1y4l+NbZoni5T1OXJ8KVkXDNlJq5r/AM9MQyeJvsPf
J0HTUeVeWYCWdPc9aHhSn7gHJvV7vb2mkmzCcPgVuUJirRTZCG/aXU4bhfobsa9u
p2bQZkXX+Gci7DcV44S/8AbFQCf+H/2uf2DiXDNX8PYO+H4828Txw4dxvTUv3Cbb
KK9qqNakeQetbwlkmp2Ho9Ea/gQyHbkCGKqWCDm838Gt6O5FuLY8LQyVmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPAuugM5D0MFgj0k5cIEcDyIj2QbMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvOEM2NkF6a1BRd1dDUFNUbHdnUndQSWlQWkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSMMMA0E
AgACMAcDBQMqANygMA0GCSqGSIb3DQEBCwUAA4IBAQDAJeQH3mdMDIlQ+KAnVTNz
wvA0/ACUUHUbNEMSqYCsaFgZ2QIEGrEgke14sSJgbJKBJmzuqRFmSgn/Ndul8G6C
yegH9jseoCDGKpKQv1/QOcD8D7j4Zd8Yqsv1gDrVSEfiEDHYjtTJfsm3tcHfVB8k
xvgen/nQEHql9mI8Pf2l3qoM/j9okrGnY7QVAU5ZnuRZhtVd3dHBxhduUXogj4MK
xTCY0bYN+KZkH8w4/zVeZjDv7QWopRId4ELEp2XZrdRbi7277kqUgqE5T1S2hDmq
kwdyNHULynP6WJK43yaQkRsEwYHZLBmR6rpfGay6OOO7XcK9x+zaPUPDrA9tMcc2
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:07 2024 by rpki-client on console.sobornost.net