Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/xj2bH1Ye8rVvbRXESBR3RAKrWiw.roa
File: xj2bH1Ye8rVvbRXESBR3RAKrWiw.roa (raw, json)
Hash identifier: BU+ZlhYeOU7RJUnG6zx/kgVZ1wq0Jlcd/baHPOqzs4I=
Subject key identifier: C6:3D:9B:1F:56:1E:F2:B5:6F:6D:15:C4:48:14:77:44:02:AB:5A:2C
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 01856F1DB1F14B5CD994E6D0A4555E293A97
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/xj2bH1Ye8rVvbRXESBR3RAKrWiw.roa
Signing time: Sun 01 Jan 2023 20:54:55 +0000
ROA not before: Sun 01 Jan 2023 20:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21217
IP address blocks: 45.66.220.0/22 maxlen: 22
185.54.7.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b1:f1:4b:5c:d9:94:e6:d0:a4:55:5e:29:3a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Jan 1 20:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c63d9b1f561ef2b56f6d15c44814774402ab5a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:ba:24:a6:3e:bb:1d:8d:85:e4:fa:7b:a3:
6b:a1:9d:e8:00:ba:6c:59:9a:70:15:e2:95:83:48:
35:c0:65:7a:94:de:a1:51:88:ac:10:63:86:55:e6:
4a:cc:9a:8e:ba:d6:1e:2d:00:f3:58:5f:5a:76:f2:
51:30:8f:bb:88:53:3b:5a:43:35:25:3f:c4:68:81:
ca:27:a3:91:b2:26:87:13:32:6b:9f:81:cd:f1:74:
50:ac:7a:2a:a6:80:c6:af:c9:f1:18:1e:4d:cc:0f:
b0:3b:e8:cb:e1:c4:6f:15:18:a9:d1:8b:66:96:5a:
64:8c:c1:1d:63:13:a4:2b:b5:21:63:c1:3c:f1:2e:
6b:70:b7:8b:a5:2c:21:23:25:4e:81:6d:c3:6c:e5:
50:fe:20:20:48:e6:08:ff:43:59:33:a4:a7:e6:13:
3f:7c:80:84:8c:d5:0d:e3:74:c2:e7:ec:55:23:0b:
d6:59:11:82:67:6a:93:08:08:94:33:31:8f:52:7b:
39:14:e0:4b:1b:24:e6:b8:3e:f2:8a:f7:7b:8d:ac:
d1:b9:95:2b:8c:49:bd:27:15:76:5e:07:9d:a2:4c:
e3:a2:46:0b:ce:72:bd:e9:60:0a:d0:6c:13:e8:9f:
ea:06:29:e3:30:02:65:67:da:bd:7a:ac:25:36:41:
fb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3D:9B:1F:56:1E:F2:B5:6F:6D:15:C4:48:14:77:44:02:AB:5A:2C
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/xj2bH1Ye8rVvbRXESBR3RAKrWiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
185.54.7.0/24
IPv6:
2a0f:9180::/29
Signature Algorithm: sha256WithRSAEncryption
94:da:f0:05:a1:d0:7d:67:c6:75:70:94:7a:02:46:99:9e:ca:
ea:58:ac:22:a6:fe:26:e8:d1:f2:ef:01:0e:42:61:87:30:e7:
f8:c3:35:38:a1:66:6a:f7:16:33:e4:8c:b3:dc:cc:c8:51:64:
f7:e8:bf:ec:9b:8f:ef:69:ee:f4:8a:47:80:ea:2e:07:d2:ed:
0a:f3:1d:d0:d7:43:de:a1:f7:45:48:3f:0a:78:4c:6e:62:35:
6e:dc:60:71:2a:80:a7:89:79:22:a5:c6:67:cb:9e:50:8a:22:
60:1b:b7:6b:cd:a9:fb:06:33:bb:6a:22:bf:b8:f5:34:b7:7d:
af:22:8c:1f:fa:25:63:3d:75:06:01:44:d8:8c:2b:62:4d:52:
81:7d:1e:e9:4c:9b:14:45:11:7e:43:3d:cd:ad:86:3e:98:89:
be:70:c1:d8:99:d7:3d:83:bd:7e:9d:75:77:91:cb:8e:55:96:
05:75:d5:3a:48:5b:6a:90:9e:1a:55:6e:52:d5:c1:55:a0:f3:
e0:a4:0f:bb:1d:ba:f3:43:0a:d1:c0:01:14:87:ee:99:41:27:
d4:c7:c2:d2:30:73:1d:19:48:af:67:08:bb:58:12:42:df:b3:
35:a4:d9:99:09:be:26:0c:8b:4b:63:33:da:9b:51:89:a2:50:
c8:d2:e7:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvHbHxS1zZlObQpFVeKTqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjMwMTAxMjA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNkOWIxZjU2MWVmMmI1NmY2ZDE1YzQ0ODE0Nzc0NDAyYWI1YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFe6JKY+ux2NheT6e6NroZ3oALps
WZpwFeKVg0g1wGV6lN6hUYisEGOGVeZKzJqOutYeLQDzWF9advJRMI+7iFM7WkM1
JT/EaIHKJ6ORsiaHEzJrn4HN8XRQrHoqpoDGr8nxGB5NzA+wO+jL4cRvFRip0Ytm
llpkjMEdYxOkK7UhY8E88S5rcLeLpSwhIyVOgW3DbOVQ/iAgSOYI/0NZM6Sn5hM/
fICEjNUN43TC5+xVIwvWWRGCZ2qTCAiUMzGPUns5FOBLGyTmuD7yivd7jazRuZUr
jEm9JxV2XgedokzjokYLznK96WAK0GwT6J/qBinjMAJlZ9q9eqwlNkH7YwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMY9mx9WHvK1b20VxEgUd0QCq1osMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEveGoyYkgxWWU4clZ2YlJYRVNCUjNSQUtyV2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULcAwQA
uTYHMA0EAgACMAcDBQMqD5GAMA0GCSqGSIb3DQEBCwUAA4IBAQCU2vAFodB9Z8Z1
cJR6AkaZnsrqWKwipv4m6NHy7wEOQmGHMOf4wzU4oWZq9xYz5Iyz3MzIUWT36L/s
m4/vae70ikeA6i4H0u0K8x3Q10PeofdFSD8KeExuYjVu3GBxKoCniXkipcZny55Q
iiJgG7drzan7BjO7aiK/uPU0t32vIowf+iVjPXUGAUTYjCtiTVKBfR7pTJsURRF+
Qz3NrYY+mIm+cMHYmdc9g71+nXV3kcuOVZYFddU6SFtqkJ4aVW5S1cFVoPPgpA+7
HbrzQwrRwAEUh+6ZQSfUx8LSMHMdGUivZwi7WBJC37M1pNmZCb4mDItLYzPam1GJ
olDI0uf7
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net