Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/nWFbDN0YXXEie8LgVEZtSsQcALQ.roa
File: nWFbDN0YXXEie8LgVEZtSsQcALQ.roa (raw, json)
Hash identifier: Bocxw2HPfoDDAiut5USgU092HVQU2PoCVJvR0NhpvzE=
Subject key identifier: 9D:61:5B:0C:DD:18:5D:71:22:7B:C2:E0:54:46:6D:4A:C4:1C:00:B4
Certificate issuer: /CN=88727fad5b5c06852e1dafa071ce4767a799e050
Certificate serial: 01863BCA71BF220C90D5B204E6A97E5350DA
Authority key identifier: 88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/nWFbDN0YXXEie8LgVEZtSsQcALQ.roa
Signing time: Fri 10 Feb 2023 14:46:08 +0000
ROA not before: Fri 10 Feb 2023 14:46:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.214.37.0/24 maxlen: 24
185.214.36.0/24 maxlen: 24
185.214.36.0/23 maxlen: 23
185.214.36.0/22 maxlen: 22
185.214.38.0/24 maxlen: 24
185.214.39.0/24 maxlen: 24
185.214.38.0/23 maxlen: 23
185.226.135.0/24 maxlen: 24
185.226.134.0/24 maxlen: 24
185.226.133.0/24 maxlen: 24
185.193.211.0/24 maxlen: 24
185.193.210.0/24 maxlen: 24
185.193.210.0/23 maxlen: 23
185.193.209.0/24 maxlen: 24
185.193.208.0/22 maxlen: 22
185.193.208.0/23 maxlen: 23
185.193.208.0/24 maxlen: 24
185.226.132.0/22 maxlen: 22
185.226.132.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:ca:71:bf:22:0c:90:d5:b2:04:e6:a9:7e:53:50:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88727fad5b5c06852e1dafa071ce4767a799e050
Validity
Not Before: Feb 10 14:46:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d615b0cdd185d71227bc2e054466d4ac41c00b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3f:b5:ed:de:75:55:0c:f4:53:8c:79:a3:98:
c3:39:28:67:a9:bd:af:83:4e:8b:99:17:43:1b:f0:
25:3c:49:41:de:fc:b7:5a:30:6c:be:af:78:13:69:
b0:e1:e7:9f:22:f2:9f:a6:53:c6:4e:cf:6d:46:dd:
4f:ff:eb:e5:c9:32:26:b8:1e:c1:3f:dd:f9:65:28:
ef:71:c0:d0:2c:4b:97:40:8e:cf:e4:d5:c5:f6:0b:
2d:4a:c0:72:06:53:aa:dd:e9:d2:f1:4c:67:61:99:
f5:58:e8:22:f4:c6:04:07:dc:ee:ae:35:f5:c2:a3:
29:03:b8:50:51:70:d2:70:06:64:cd:ab:e8:26:13:
06:07:67:e7:89:54:79:4f:a2:62:8e:2c:a0:a3:14:
43:4d:b2:75:d4:47:b7:c9:67:3b:26:7c:f0:5c:76:
29:88:65:b6:eb:48:bd:9c:7d:01:e7:41:c8:10:ce:
da:73:b4:7d:2c:98:01:bd:68:f3:51:5c:ed:89:35:
b3:74:c5:17:95:0d:f4:ec:4e:b0:d5:ca:c5:0e:25:
27:36:9b:96:fe:e3:10:cf:63:b0:1c:b7:eb:87:d5:
f4:d9:70:fe:99:d8:8d:dc:31:20:d4:a2:44:dc:15:
d5:4d:6f:a7:45:4b:e6:9b:cd:dd:63:f0:14:4a:c8:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:61:5B:0C:DD:18:5D:71:22:7B:C2:E0:54:46:6D:4A:C4:1C:00:B4
X509v3 Authority Key Identifier:
keyid:88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/nWFbDN0YXXEie8LgVEZtSsQcALQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.208.0/22
185.214.36.0/22
185.226.132.0/22
Signature Algorithm: sha256WithRSAEncryption
57:24:ab:42:9d:fb:1e:01:e1:2a:a2:59:b4:63:b3:19:d8:5d:
09:b6:4a:20:6b:22:f6:68:04:ec:29:c3:d4:7d:f1:3e:d5:f9:
a3:bc:08:d0:45:74:fa:0f:0b:fb:f7:fb:79:b3:d9:68:1d:e6:
28:e5:5e:42:dd:ab:71:07:98:36:84:fb:d8:24:83:9b:dc:7a:
64:47:86:59:00:ef:d1:95:ed:7c:37:0a:cc:15:f9:e0:b5:e1:
cf:1e:d5:72:8a:e2:72:93:1e:92:69:a5:a1:f0:42:ea:c1:fd:
d6:7b:a8:3f:0e:80:ab:cf:49:68:77:e7:ae:3b:55:c2:53:21:
a5:83:73:b7:64:8f:cd:26:51:45:9b:15:9f:5a:fb:21:1a:d6:
a8:0f:66:ab:44:54:ab:1d:7f:5a:e8:04:a8:43:7a:46:3b:06:
6f:62:38:d6:08:2f:4e:4b:61:0e:4f:04:de:31:5a:19:52:97:
4b:a4:7b:8d:5a:d0:cc:71:0d:49:5e:d3:3b:cd:1c:71:08:d4:
be:20:98:86:78:5e:ca:67:e1:d7:af:31:66:1f:10:79:5c:d2:
a8:0f:77:c4:89:40:6e:ba:64:0f:d1:cf:17:73:07:67:7e:da:
c4:40:54:40:72:12:8d:9a:1f:fe:28:33:9d:cd:58:72:b7:6b:
f5:5b:e3:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY7ynG/IgyQ1bIE5ql+U1DaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzI3ZmFkNWI1YzA2ODUyZTFkYWZhMDcxY2U0NzY3YTc5
OWUwNTAwHhcNMjMwMjEwMTQ0NjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDYxNWIwY2RkMTg1ZDcxMjI3YmMyZTA1NDQ2NmQ0YWM0MWMwMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz+17d51VQz0U4x5o5jDOShnqb2v
g06LmRdDG/AlPElB3vy3WjBsvq94E2mw4eefIvKfplPGTs9tRt1P/+vlyTImuB7B
P935ZSjvccDQLEuXQI7P5NXF9gstSsByBlOq3enS8UxnYZn1WOgi9MYEB9zurjX1
wqMpA7hQUXDScAZkzavoJhMGB2fniVR5T6JijiygoxRDTbJ11Ee3yWc7JnzwXHYp
iGW260i9nH0B50HIEM7ac7R9LJgBvWjzUVztiTWzdMUXlQ307E6w1crFDiUnNpuW
/uMQz2OwHLfrh9X02XD+mdiN3DEg1KJE3BXVTW+nRUvmm83dY/AUSshs/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ1hWwzdGF1xInvC4FRGbUrEHAC0MB8GA1UdIwQY
MBaAFIhyf61bXAaFLh2voHHOR2enmeBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTct
NWE0MTkyNmZlZDdjLzEvbldGYkROMFlYWEVpZThMZ1ZFWnRTc1FjQUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTctNWE0MTkyNmZlZDdj
LzEvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCucHQAwQC
udYkAwQCueKEMA0GCSqGSIb3DQEBCwUAA4IBAQBXJKtCnfseAeEqolm0Y7MZ2F0J
tkogayL2aATsKcPUffE+1fmjvAjQRXT6Dwv79/t5s9loHeYo5V5C3atxB5g2hPvY
JIOb3HpkR4ZZAO/Rle18NwrMFfngteHPHtVyiuJykx6SaaWh8ELqwf3We6g/DoCr
z0lod+euO1XCUyGlg3O3ZI/NJlFFmxWfWvshGtaoD2arRFSrHX9a6ASoQ3pGOwZv
YjjWCC9OS2EOTwTeMVoZUpdLpHuNWtDMcQ1JXtM7zRxxCNS+IJiGeF7KZ+HXrzFm
HxB5XNKoD3fEiUBuumQP0c8XcwdnftrEQFRAchKNmh/+KDOdzVhyt2v1W+Mq
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net