Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/oE7Br7jRzCPlOQoBWIhtVfBuaxs.roa
File: oE7Br7jRzCPlOQoBWIhtVfBuaxs.roa (raw, json)
Hash identifier: tGazG98wSWtDnjEDCQvREq7Ma3t5ME2kuHOmi5dStPI=
Subject key identifier: A0:4E:C1:AF:B8:D1:CC:23:E5:39:0A:01:58:88:6D:55:F0:6E:6B:1B
Certificate issuer: /CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Certificate serial: 01856DCAF78AA6D6C04C5146045185819F64
Authority key identifier: B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/oE7Br7jRzCPlOQoBWIhtVfBuaxs.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41729
IP address blocks: 89.248.0.0/20 maxlen: 20
88.151.160.0/21 maxlen: 21
45.158.92.0/22 maxlen: 22
91.184.128.0/19 maxlen: 19
195.177.96.0/24 maxlen: 24
195.177.97.0/24 maxlen: 24
195.177.99.0/24 maxlen: 24
2a00:1a78::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f7:8a:a6:d6:c0:4c:51:46:04:51:85:81:9f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a04ec1afb8d1cc23e5390a0158886d55f06e6b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e3:59:19:ce:cc:50:5c:c7:ef:7c:dc:d1:04:
4d:26:41:33:01:36:14:4e:64:e2:32:45:2e:65:8c:
7f:e1:82:9c:b1:8a:3a:6d:c1:b1:36:a5:87:52:19:
a6:06:65:b7:97:a1:3d:f7:8c:a7:73:0d:ec:fc:9d:
8a:15:a9:86:d5:ae:b2:84:25:0b:e0:a4:a0:0e:18:
af:3a:50:eb:8b:55:c5:be:40:2c:de:4e:27:7b:9c:
6b:5a:a4:16:a1:4f:ad:3a:61:ec:31:a1:86:0e:30:
7a:59:08:09:8a:fc:39:0f:81:fa:8d:3f:cd:04:ed:
ba:ae:6a:4d:11:35:51:4f:5e:06:a7:8a:7b:1b:0e:
74:3d:23:d6:78:e3:be:ec:a3:90:6e:5e:ca:2b:4c:
8c:96:d3:7f:f1:a8:21:6d:70:43:5a:36:05:8c:6a:
67:42:2a:b8:c1:f8:ce:c5:06:e4:d6:f3:64:1a:62:
ef:a4:3e:66:da:bb:67:a5:62:9a:3b:fc:03:20:a5:
54:26:ef:da:4f:0d:b5:7d:6f:3d:60:df:f7:d8:1b:
0a:86:b8:90:29:b2:38:95:bd:56:97:0a:6b:89:6e:
de:89:7b:9d:0b:3e:7b:58:cf:ec:00:41:cf:d7:25:
52:d9:2e:cd:83:80:14:d4:a6:8a:14:e8:79:2d:18:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4E:C1:AF:B8:D1:CC:23:E5:39:0A:01:58:88:6D:55:F0:6E:6B:1B
X509v3 Authority Key Identifier:
keyid:B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/oE7Br7jRzCPlOQoBWIhtVfBuaxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/saC9QgWKA5D0Y8_rexfiHeC3VQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.92.0/22
88.151.160.0/21
89.248.0.0/20
91.184.128.0/19
195.177.96.0/23
195.177.99.0/24
IPv6:
2a00:1a78::/32
Signature Algorithm: sha256WithRSAEncryption
75:6a:28:09:55:75:81:a5:98:9c:c3:35:9b:f4:10:d8:70:5d:
66:72:94:02:24:cc:f0:23:a2:8f:e0:67:17:3e:a4:43:8e:59:
d5:9c:1c:5f:46:bc:e2:d7:5e:ca:cc:eb:df:0c:2f:8c:4f:6b:
ec:2d:36:50:82:eb:cb:2b:5e:ea:04:8d:2a:ae:e2:a6:cc:4f:
e7:db:58:20:4f:8a:0b:44:a4:12:25:46:75:70:d0:94:a6:9c:
28:99:e8:84:9a:3e:cc:b6:ca:20:ab:6a:1d:0e:9f:a3:8e:43:
45:94:f9:09:f1:5d:c3:72:c4:8a:c0:e4:7e:80:ab:c5:79:85:
73:44:b2:1f:09:0d:91:90:82:60:b7:27:82:34:c4:c0:68:d5:
84:24:c0:b8:34:bc:9e:79:3a:e0:ed:14:1b:32:b3:cd:d4:df:
7c:16:87:14:13:ec:af:a9:05:0c:96:a0:9c:67:e6:06:21:f0:
2c:1a:c9:36:ea:d0:5f:47:fe:28:ba:cc:b7:22:c0:92:3d:4c:
09:ab:d2:1f:9c:6b:77:cc:b7:72:38:f7:23:60:be:fa:2c:48:
be:69:0c:47:4b:ac:60:90:3a:17:72:74:ce:bd:a6:3b:3f:6b:
75:fb:bc:2c:4a:4e:64:ac:b6:f5:b1:e9:7f:e8:f3:88:c8:47:
35:f3:6b:5d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtyveKptbATFFGBFGFgZ9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTBiZDQyMDU4YTAzOTBmNDYzY2ZlYjdiMTdlMjFkZTBi
NzU1MDAwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRlYzFhZmI4ZDFjYzIzZTUzOTBhMDE1ODg4NmQ1NWYwNmU2YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+NZGc7MUFzH73zc0QRNJkEzATYU
TmTiMkUuZYx/4YKcsYo6bcGxNqWHUhmmBmW3l6E994yncw3s/J2KFamG1a6yhCUL
4KSgDhivOlDri1XFvkAs3k4ne5xrWqQWoU+tOmHsMaGGDjB6WQgJivw5D4H6jT/N
BO26rmpNETVRT14Gp4p7Gw50PSPWeOO+7KOQbl7KK0yMltN/8aghbXBDWjYFjGpn
Qiq4wfjOxQbk1vNkGmLvpD5m2rtnpWKaO/wDIKVUJu/aTw21fW89YN/32BsKhriQ
KbI4lb1WlwpriW7eiXudCz57WM/sAEHP1yVS2S7Ng4AU1KaKFOh5LRh4UQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKBOwa+40cwj5TkKAViIbVXwbmsbMB8GA1UdIwQY
MBaAFLGgvUIFigOQ9GPP63sX4h3gt1UAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FDOVFnV0tBNUQwWThfcmV4ZmlIZUMzVlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNmY3NmItNzg4Ny00MTJhLWJhYjQt
ZWMyODE5YzBhYzRkLzEvb0U3QnI3alJ6Q1BsT1FvQldJaHRWZkJ1YXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNmY3NmItNzg4Ny00MTJhLWJhYjQtZWMyODE5YzBhYzRk
LzEvc2FDOVFnV0tBNUQwWThfcmV4ZmlIZUMzVlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZ5cAwQD
WJegAwQEWfgAAwQFW7iAAwQBw7FgAwQAw7FjMA0EAgACMAcDBQAqABp4MA0GCSqG
SIb3DQEBCwUAA4IBAQB1aigJVXWBpZicwzWb9BDYcF1mcpQCJMzwI6KP4GcXPqRD
jlnVnBxfRrzi117KzOvfDC+MT2vsLTZQguvLK17qBI0qruKmzE/n21ggT4oLRKQS
JUZ1cNCUppwomeiEmj7Mtsogq2odDp+jjkNFlPkJ8V3DcsSKwOR+gKvFeYVzRLIf
CQ2RkIJgtyeCNMTAaNWEJMC4NLyeeTrg7RQbMrPN1N98FocUE+yvqQUMlqCcZ+YG
IfAsGsk26tBfR/4ousy3IsCSPUwJq9IfnGt3zLdyOPcjYL76LEi+aQxHS6xgkDoX
cnTOvaY7P2t1+7wsSk5krLb1sel/6POIyEc182td
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:08 2024 by rpki-client on console.sobornost.net