Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/2CeV370f7uIjzIxXtM8HEDhS9KU.roa
File: 2CeV370f7uIjzIxXtM8HEDhS9KU.roa (raw, json)
Hash identifier: AuZ/zpTqAn8LFk3xc1UrrLOLlGDb/7KRnLcD8CDa3lI=
Subject key identifier: D8:27:95:DF:BD:1F:EE:E2:23:CC:8C:57:B4:CF:07:10:38:52:F4:A5
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 018570306281F8764429F6B9D4752C3D5E54
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/2CeV370f7uIjzIxXtM8HEDhS9KU.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4755
IP address blocks: 85.158.133.0/24 maxlen: 24
85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.128.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.130.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:62:81:f8:76:44:29:f6:b9:d4:75:2c:3d:5e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d82795dfbd1feee223cc8c57b4cf07103852f4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5a:05:88:5f:a1:51:20:8d:51:b6:b1:ff:06:
68:7a:44:95:15:2b:08:99:54:d9:74:ea:9d:ed:e1:
00:98:15:de:f9:06:55:a3:70:b6:42:00:39:f5:bc:
54:0c:ed:8a:a5:d1:5c:9c:7e:e2:14:5f:45:d7:36:
9c:b3:f0:5a:2c:40:9c:96:43:ee:7c:54:77:42:c5:
08:d4:43:9a:41:d7:55:ad:04:04:da:5f:fa:7f:8d:
a7:c0:a3:36:8a:d3:c6:de:45:11:41:e8:fd:92:70:
ef:45:e1:e7:8c:c8:e7:c7:80:e1:11:76:eb:58:83:
ea:2d:b1:5b:9e:07:c8:40:2a:0c:c6:ba:04:34:f1:
ac:a2:d0:80:2f:e4:9e:22:07:a8:a0:74:97:02:0f:
f8:2d:23:e0:8f:d8:44:90:f9:74:4e:40:f7:20:b8:
3a:13:87:a9:2c:af:aa:ae:6b:c0:6e:29:fc:b6:b4:
09:28:2a:17:db:fc:ba:d6:8c:38:01:35:61:ca:f1:
fb:1b:da:1a:56:e9:07:fc:ff:cb:d5:eb:1e:17:65:
b8:9e:eb:a8:d2:ca:ab:fd:20:11:42:f4:12:59:f8:
8b:97:6d:e1:80:24:fc:f4:bd:b6:9e:bc:18:2d:0f:
bf:2b:d6:d0:29:f7:c6:e9:9d:dd:5b:d0:4b:a2:59:
c0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:27:95:DF:BD:1F:EE:E2:23:CC:8C:57:B4:CF:07:10:38:52:F4:A5
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/2CeV370f7uIjzIxXtM8HEDhS9KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
Signature Algorithm: sha256WithRSAEncryption
37:ea:47:c8:fb:58:c2:ad:7f:d2:af:06:47:3c:32:fd:47:5a:
6c:31:89:c0:3a:23:9e:b7:a9:c7:f6:45:ee:84:3c:3d:62:05:
65:31:16:f9:c5:7d:bc:38:a8:83:2f:04:6d:6a:95:ce:9e:44:
a3:ec:e0:4f:19:1c:76:1a:55:dc:e7:ca:98:27:d6:a5:dc:16:
7d:f7:21:99:2f:3e:42:b5:ce:3f:34:02:ea:4b:77:d0:d2:cf:
32:90:70:bc:91:70:fe:33:3f:64:9f:fb:ab:19:60:71:56:1e:
3c:ba:1d:e9:4b:5a:e9:99:b0:67:9f:1c:a8:d5:2f:1d:c0:75:
42:0e:fe:84:e9:c5:e8:e3:2d:b0:24:1a:d6:4f:3c:66:29:ff:
b0:7b:61:22:d5:c7:98:d5:8a:d8:dd:36:9a:39:b3:6a:36:a0:
32:9d:75:a3:dc:4b:f5:06:59:0a:cf:8a:04:d2:c1:d8:d3:ac:
98:db:60:e9:28:bb:25:59:31:91:c3:8a:f1:0f:8a:97:bd:b5:
7d:52:f7:5f:9f:88:6e:ea:de:d6:eb:22:c2:5d:9f:55:54:e5:
8d:f8:f5:73:38:65:83:cd:3f:44:ef:08:31:24:00:fe:66:71:
72:0d:5f:af:e0:7a:55:79:1c:8e:6c:5c:cf:7e:f3:e5:74:1f:
e0:30:2e:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGKB+HZEKfa51HUsPV5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI3OTVkZmJkMWZlZWUyMjNjYzhjNTdiNGNmMDcxMDM4NTJmNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1oFiF+hUSCNUbax/wZoekSVFSsI
mVTZdOqd7eEAmBXe+QZVo3C2QgA59bxUDO2KpdFcnH7iFF9F1zacs/BaLECclkPu
fFR3QsUI1EOaQddVrQQE2l/6f42nwKM2itPG3kURQej9knDvReHnjMjnx4DhEXbr
WIPqLbFbngfIQCoMxroENPGsotCAL+SeIgeooHSXAg/4LSPgj9hEkPl0TkD3ILg6
E4epLK+qrmvAbin8trQJKCoX2/y61ow4ATVhyvH7G9oaVukH/P/L1eseF2W4nuuo
0sqr/SARQvQSWfiLl23hgCT89L22nrwYLQ+/K9bQKffG6Z3dW9BLolnASQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgnld+9H+7iI8yMV7TPBxA4UvSlMB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvMkNlVjM3MGY3dUlqekl4WHRNOEhFRGhTOUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0G
CSqGSIb3DQEBCwUAA4IBAQA36kfI+1jCrX/SrwZHPDL9R1psMYnAOiOet6nH9kXu
hDw9YgVlMRb5xX28OKiDLwRtapXOnkSj7OBPGRx2GlXc58qYJ9al3BZ99yGZLz5C
tc4/NALqS3fQ0s8ykHC8kXD+Mz9kn/urGWBxVh48uh3pS1rpmbBnnxyo1S8dwHVC
Dv6E6cXo4y2wJBrWTzxmKf+we2Ei1ceY1YrY3TaaObNqNqAynXWj3Ev1BlkKz4oE
0sHY06yY22DpKLslWTGRw4rxD4qXvbV9Uvdfn4hu6t7W6yLCXZ9VVOWN+PVzOGWD
zT9E7wgxJAD+ZnFyDV+v4HpVeRyObFzPfvPldB/gMC5g
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:06 2024 by rpki-client on console.sobornost.net