Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/bEBrjIkdc2B5qnBO2qQ9OHbC0JE.roa
File: bEBrjIkdc2B5qnBO2qQ9OHbC0JE.roa (raw, json)
Hash identifier: +SKY/16CuseCjJnPqm98FsGGbQgLcA1FthFvIry+lXw=
Subject key identifier: 6C:40:6B:8C:89:1D:73:60:79:AA:70:4E:DA:A4:3D:38:76:C2:D0:91
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 018570306458C39CBDA9E051284F920F8D82
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/bEBrjIkdc2B5qnBO2qQ9OHbC0JE.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35019
IP address blocks: 85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.133.0/24 maxlen: 24
185.156.239.0/24 maxlen: 24
185.156.238.0/24 maxlen: 24
185.156.236.0/24 maxlen: 24
185.156.237.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
85.158.130.0/24 maxlen: 24
85.158.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:64:58:c3:9c:bd:a9:e0:51:28:4f:92:0f:8d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c406b8c891d736079aa704edaa43d3876c2d091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:14:5d:1e:e3:c8:68:29:7e:59:2e:1c:f1:b3:
9c:62:af:98:70:7b:01:18:13:ab:79:6d:eb:de:70:
a6:02:67:2b:f6:70:8f:48:23:22:94:e7:07:8f:14:
b6:9d:f3:fe:b9:bd:a3:50:9d:8a:18:65:3c:c0:52:
c9:63:12:2a:6f:27:5b:96:fc:d0:33:0e:ff:0c:4d:
c1:07:45:3b:8e:78:80:e6:2f:4e:d3:fa:22:f6:42:
27:0a:ef:70:eb:ab:47:fc:dc:b0:64:22:e3:7e:98:
c8:10:bf:33:90:1d:1d:74:5f:fe:75:5a:8c:fd:50:
81:f8:01:f5:e1:d8:61:e8:ef:ec:b6:50:c4:6f:e4:
b7:4d:dc:c3:6e:0e:85:1e:18:85:a7:7e:9f:42:f5:
98:92:82:2d:8a:6a:e1:10:60:dc:09:87:4f:e2:b3:
65:ab:bc:72:03:ac:a4:49:05:14:e4:80:1d:1f:7d:
e4:bb:51:50:24:c8:6b:3a:eb:1e:8d:1d:fc:15:5a:
0d:cd:88:1b:49:3c:ee:40:a4:31:dc:40:f9:87:7a:
c9:ec:22:2b:2a:35:3f:21:9e:e7:23:af:e7:36:bd:
09:4a:f0:3e:9a:6d:69:05:7b:56:34:37:3e:85:fd:
06:71:cd:73:98:93:9e:9e:90:61:72:64:55:e2:8e:
c4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:40:6B:8C:89:1D:73:60:79:AA:70:4E:DA:A4:3D:38:76:C2:D0:91
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/bEBrjIkdc2B5qnBO2qQ9OHbC0JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
185.156.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:1a:6f:f8:5c:10:4a:15:a9:16:93:8e:d7:7e:f1:5b:4e:55:
07:5c:85:b6:12:65:30:32:6d:4d:25:74:f8:d7:94:4b:4d:28:
01:fc:d1:a3:c6:80:ee:9a:78:4c:4b:b6:ac:18:04:28:1b:33:
0f:a0:0f:9d:08:2e:21:55:6a:b7:92:38:f8:8f:0b:fb:a3:f7:
57:14:0f:a1:95:fe:fe:41:4b:65:20:b0:ba:08:d9:3d:91:dc:
1a:69:36:94:94:5f:c9:ce:ad:b1:8b:d0:09:69:9e:90:47:04:
c8:57:88:4b:8f:d4:b7:fd:7b:fc:ad:58:d0:e5:62:1f:a7:20:
6c:52:97:d3:e6:6c:fe:ea:16:09:56:9b:0b:43:86:0d:a0:7d:
ba:a1:2e:18:c9:23:3a:e3:aa:29:d3:d7:35:88:00:99:d5:39:
4d:6f:3a:30:57:ed:6c:a6:2b:f5:96:67:8f:dc:1e:db:fb:25:
45:c0:99:42:46:e3:8d:9d:d3:fe:f8:2f:a6:4e:40:9a:d2:5b:
27:84:6c:7e:6e:2c:c8:55:a1:26:36:1b:8d:cf:da:91:99:f4:
0b:d2:12:35:cb:e3:08:f5:a1:04:9b:76:b1:af:07:50:26:f7:
72:fa:bc:b1:ed:94:14:3e:ab:8a:ff:44:51:b6:5f:f0:6a:39:
ae:50:e7:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwMGRYw5y9qeBRKE+SD42CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQwNmI4Yzg5MWQ3MzYwNzlhYTcwNGVkYWE0M2QzODc2YzJkMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRRdHuPIaCl+WS4c8bOcYq+YcHsB
GBOreW3r3nCmAmcr9nCPSCMilOcHjxS2nfP+ub2jUJ2KGGU8wFLJYxIqbydblvzQ
Mw7/DE3BB0U7jniA5i9O0/oi9kInCu9w66tH/NywZCLjfpjIEL8zkB0ddF/+dVqM
/VCB+AH14dhh6O/stlDEb+S3TdzDbg6FHhiFp36fQvWYkoItimrhEGDcCYdP4rNl
q7xyA6ykSQUU5IAdH33ku1FQJMhrOusejR38FVoNzYgbSTzuQKQx3ED5h3rJ7CIr
KjU/IZ7nI6/nNr0JSvA+mm1pBXtWNDc+hf0Gcc1zmJOenpBhcmRV4o7EKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGxAa4yJHXNgeapwTtqkPTh2wtCRMB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvYkVCcmpJa2RjMkI1cW5CTzJxUTlPSGJDMEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ6AAwQC
uZzsMA0GCSqGSIb3DQEBCwUAA4IBAQB+Gm/4XBBKFakWk47XfvFbTlUHXIW2EmUw
Mm1NJXT415RLTSgB/NGjxoDumnhMS7asGAQoGzMPoA+dCC4hVWq3kjj4jwv7o/dX
FA+hlf7+QUtlILC6CNk9kdwaaTaUlF/Jzq2xi9AJaZ6QRwTIV4hLj9S3/Xv8rVjQ
5WIfpyBsUpfT5mz+6hYJVpsLQ4YNoH26oS4YySM646op09c1iACZ1TlNbzowV+1s
piv1lmeP3B7b+yVFwJlCRuONndP++C+mTkCa0lsnhGx+bizIVaEmNhuNz9qRmfQL
0hI1y+MI9aEEm3axrwdQJvdy+ryx7ZQUPquK/0RRtl/wajmuUOdX
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:06 2024 by rpki-client on console.sobornost.net