Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/0DHWli_RlkUqiDzHHWJbupnD0z0.roa
File: 0DHWli_RlkUqiDzHHWJbupnD0z0.roa (raw, json)
Hash identifier: QkhxsOF0Rp+rSvmJNb6aXvtiVCH4a7Ba1n+zzJR6Qs4=
Subject key identifier: D0:31:D6:96:2F:D1:96:45:2A:88:3C:C7:1D:62:5B:BA:99:C3:D3:3D
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 0185703063C9581B1A7E2A3BBBA8CB5E7DA5
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/0DHWli_RlkUqiDzHHWJbupnD0z0.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 85.158.134.0/24 maxlen: 24
85.158.133.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
85.158.128.0/24 maxlen: 24
85.158.130.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:63:c9:58:1b:1a:7e:2a:3b:bb:a8:cb:5e:7d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d031d6962fd196452a883cc71d625bba99c3d33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:66:7a:d1:07:f7:27:f5:28:a1:ba:00:a6:fb:
e5:9d:f1:9f:a2:64:3f:d5:7f:ab:59:10:43:b4:4e:
d4:cc:cc:3b:39:16:a2:91:12:3a:0e:ef:0a:ed:b1:
95:8b:31:06:19:f5:f3:9c:46:3a:f1:79:38:19:ad:
a5:0e:70:af:ab:fc:ef:d5:9b:55:69:74:12:08:ca:
33:e5:10:51:71:05:e8:8f:ed:38:1b:4d:f2:e3:f7:
7a:76:35:73:93:b3:03:eb:85:0f:e1:cd:e2:1e:0a:
2a:25:c1:dd:f6:97:26:73:8c:56:16:53:30:9d:80:
c7:a7:e3:0d:93:6c:39:f7:d2:3b:e4:90:9f:21:e5:
de:f0:9a:b7:79:81:42:cb:5a:51:83:4d:3b:43:0b:
a2:27:4c:07:3e:5d:11:c8:41:1d:e6:20:6e:96:03:
3c:a9:fb:7a:f2:f1:9e:8b:5a:c2:f9:8e:5f:60:3f:
fe:dd:84:2b:0c:0c:e0:3f:76:11:f9:f6:06:83:ac:
e9:3b:92:3a:c9:dd:0d:e5:33:03:34:b9:be:34:6b:
c6:78:60:eb:4d:16:7d:c4:11:b5:49:f6:c2:bf:b0:
35:87:82:8e:cd:3b:87:f7:5e:d9:56:fc:6c:2c:ff:
e5:1d:3e:98:24:d6:9d:d3:dd:88:96:d9:48:ce:87:
20:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:D6:96:2F:D1:96:45:2A:88:3C:C7:1D:62:5B:BA:99:C3:D3:3D
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/0DHWli_RlkUqiDzHHWJbupnD0z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
Signature Algorithm: sha256WithRSAEncryption
83:bb:59:9f:eb:e8:c8:ba:31:47:69:0a:9a:f3:ab:eb:40:74:
6e:c9:4e:10:03:ba:8d:61:bf:85:af:10:e8:e1:3d:db:b2:8b:
ca:87:14:c4:8a:0f:52:e4:8c:97:b2:8f:59:f7:b4:cd:8d:b7:
03:51:d7:64:3b:00:b6:86:42:72:90:ec:6c:73:4a:66:39:55:
d6:8c:d0:6f:e9:1c:9a:69:40:23:04:cc:2d:ac:1c:16:0e:cb:
2a:b6:51:f2:49:47:15:d7:b2:56:9b:62:df:6b:85:7a:de:3a:
ed:fe:57:27:cb:4c:4e:c6:68:6b:64:fa:81:ac:4e:be:ac:7c:
c8:a4:00:23:8e:ac:33:c7:8c:48:49:c8:50:b9:92:21:15:96:
80:5b:16:88:ff:07:dd:9b:d9:94:f0:05:4b:fd:4c:0a:7b:a7:
bc:5d:d1:2c:1f:e8:d2:d1:91:32:98:c8:66:a8:21:6c:51:c1:
41:64:37:13:65:88:7a:21:9c:cb:ef:f2:1c:2f:ff:f7:ba:be:
95:e3:3c:00:af:6f:0a:c3:cb:4c:e2:49:23:ed:85:d8:06:2c:
b2:4d:9c:cb:c3:87:86:cb:5c:15:f4:a7:0f:5f:31:c9:1b:c6:
5e:a0:39:cd:be:ff:ff:28:a6:d8:3d:80:4a:60:6a:7c:d5:33:
f8:5d:76:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGPJWBsafio7u6jLXn2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMxZDY5NjJmZDE5NjQ1MmE4ODNjYzcxZDYyNWJiYTk5YzNkMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Z60Qf3J/UooboApvvlnfGfomQ/
1X+rWRBDtE7UzMw7ORaikRI6Du8K7bGVizEGGfXznEY68Xk4Ga2lDnCvq/zv1ZtV
aXQSCMoz5RBRcQXoj+04G03y4/d6djVzk7MD64UP4c3iHgoqJcHd9pcmc4xWFlMw
nYDHp+MNk2w599I75JCfIeXe8Jq3eYFCy1pRg007QwuiJ0wHPl0RyEEd5iBulgM8
qft68vGei1rC+Y5fYD/+3YQrDAzgP3YR+fYGg6zpO5I6yd0N5TMDNLm+NGvGeGDr
TRZ9xBG1SfbCv7A1h4KOzTuH917ZVvxsLP/lHT6YJNad092IltlIzocgUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAx1pYv0ZZFKog8xx1iW7qZw9M9MB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvMERIV2xpX1Jsa1VxaUR6SEhXSmJ1cG5EMHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0G
CSqGSIb3DQEBCwUAA4IBAQCDu1mf6+jIujFHaQqa86vrQHRuyU4QA7qNYb+FrxDo
4T3bsovKhxTEig9S5IyXso9Z97TNjbcDUddkOwC2hkJykOxsc0pmOVXWjNBv6Rya
aUAjBMwtrBwWDssqtlHySUcV17JWm2Lfa4V63jrt/lcny0xOxmhrZPqBrE6+rHzI
pAAjjqwzx4xISchQuZIhFZaAWxaI/wfdm9mU8AVL/UwKe6e8XdEsH+jS0ZEymMhm
qCFsUcFBZDcTZYh6IZzL7/IcL//3ur6V4zwAr28Kw8tM4kkj7YXYBiyyTZzLw4eG
y1wV9KcPXzHJG8ZeoDnNvv//KKbYPYBKYGp81TP4XXYZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:06 2024 by rpki-client on console.sobornost.net