Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/850134-bb21-4bad-9eea-dfd51b06dd99/1/9qOeM-CvLj78-Y56kUeKjlb9qQo.roa
File: 9qOeM-CvLj78-Y56kUeKjlb9qQo.roa (raw, json)
Hash identifier: marELsJgsW2Xu2JkzVQkcpzT0LInnf8+tag/BUjSTi8=
Subject key identifier: F6:A3:9E:33:E0:AF:2E:3E:FC:F9:8E:7A:91:47:8A:8E:56:FD:A9:0A
Certificate issuer: /CN=7b3175988373e56b6ffe0b15a1fc75d4693ae2c0
Certificate serial: 01856D418F2B97AD44FA7AB0C22B4BA81599
Authority key identifier: 7B:31:75:98:83:73:E5:6B:6F:FE:0B:15:A1:FC:75:D4:69:3A:E2:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ezF1mINz5Wtv_gsVofx11Gk64sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/850134-bb21-4bad-9eea-dfd51b06dd99/1/9qOeM-CvLj78-Y56kUeKjlb9qQo.roa
Signing time: Sun 01 Jan 2023 12:14:50 +0000
ROA not before: Sun 01 Jan 2023 12:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47544
IP address blocks: 46.248.160.0/19 maxlen: 19
185.110.50.0/24 maxlen: 24
193.106.104.0/22 maxlen: 22
185.110.49.0/24 maxlen: 24
185.110.51.0/24 maxlen: 24
86.111.240.0/21 maxlen: 21
2a01:7400::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:8f:2b:97:ad:44:fa:7a:b0:c2:2b:4b:a8:15:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b3175988373e56b6ffe0b15a1fc75d4693ae2c0
Validity
Not Before: Jan 1 12:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6a39e33e0af2e3efcf98e7a91478a8e56fda90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7b:90:01:2c:fe:48:b1:d0:4e:ff:4a:5b:21:
c6:68:5d:11:a7:c0:2b:99:38:8a:dd:50:77:00:bc:
bb:21:48:f0:9d:53:b5:86:72:4a:14:5a:f6:a8:9a:
e4:9e:b3:87:f4:f7:3e:f1:84:ce:c4:d3:c3:3c:9e:
c9:6c:6f:5d:4c:99:45:7a:3f:64:53:01:1c:ab:90:
82:89:68:c9:dd:c2:4c:d3:f5:2d:da:97:3d:d1:17:
e7:1d:0d:15:d4:18:b3:b6:53:6a:10:b5:71:8a:fb:
30:50:98:27:dc:ff:d7:fe:d9:0c:cf:93:13:72:49:
72:50:e4:6a:aa:2f:68:6f:99:4f:49:b2:8f:00:11:
5a:83:fc:57:e8:22:58:df:3e:35:70:e2:e3:b7:8c:
8e:20:2a:f3:22:b9:3e:42:ca:ca:9c:cd:43:6b:3c:
3f:5b:4d:32:c8:09:bf:ee:bf:77:bc:12:30:4d:6d:
c4:e9:a4:c1:ec:b0:11:92:4a:b2:e1:63:9f:21:f6:
65:fc:33:e8:ab:9f:ff:b2:94:b1:cb:d7:53:02:dd:
00:48:ea:fb:bf:8e:f5:0b:15:0f:e3:72:80:cf:db:
91:d2:2d:8c:7b:1d:c1:9d:a9:77:8f:a4:f0:09:25:
83:17:1e:d3:a8:8d:36:07:16:85:34:13:3b:63:75:
32:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A3:9E:33:E0:AF:2E:3E:FC:F9:8E:7A:91:47:8A:8E:56:FD:A9:0A
X509v3 Authority Key Identifier:
keyid:7B:31:75:98:83:73:E5:6B:6F:FE:0B:15:A1:FC:75:D4:69:3A:E2:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ezF1mINz5Wtv_gsVofx11Gk64sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/850134-bb21-4bad-9eea-dfd51b06dd99/1/9qOeM-CvLj78-Y56kUeKjlb9qQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/850134-bb21-4bad-9eea-dfd51b06dd99/1/ezF1mINz5Wtv_gsVofx11Gk64sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.160.0/19
86.111.240.0/21
185.110.49.0-185.110.51.255
193.106.104.0/22
IPv6:
2a01:7400::/32
Signature Algorithm: sha256WithRSAEncryption
44:4b:ce:15:1e:6d:99:98:42:8f:33:2c:60:29:d0:73:0b:bf:
d4:c3:20:dc:62:9d:8a:c9:2a:19:4e:e0:f0:0a:8a:ca:69:16:
a4:39:8e:7c:21:67:2f:a9:4b:5b:b1:46:0e:2f:63:08:a8:ec:
53:2b:12:da:4e:fc:e6:3b:bc:59:cf:ba:e8:ce:cd:22:db:0f:
fc:85:ed:58:26:d6:e1:aa:fa:2a:41:72:a2:e4:c8:03:c6:b3:
6a:db:cb:16:f0:bc:5b:fa:f9:f8:49:7f:21:00:e2:7e:3f:ba:
c1:77:0a:85:9c:46:65:f9:e1:19:36:09:b8:9e:8f:63:f2:f6:
eb:c3:9f:36:d4:68:ca:5b:64:3b:f5:20:2b:d5:1f:14:c3:cb:
0e:d3:c1:a9:b9:58:0c:5e:df:2b:ee:c7:f4:57:42:7d:3b:68:
50:bd:3e:67:0e:15:f7:65:e3:2d:d5:de:6c:3c:5c:00:35:c6:
06:9f:49:6f:f2:56:80:5a:70:e6:3b:ec:4a:33:38:a8:9a:e3:
dd:15:c4:db:29:dc:2e:84:d7:bb:d3:aa:56:5d:84:6a:86:a4:
d8:71:ca:73:df:76:4a:96:36:81:35:f7:f6:f9:36:4a:8d:ab:
df:73:1a:0f:b9:16:46:01:37:9a:71:0d:0d:99:e6:a6:b8:b6:
d7:04:3f:b7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVtQY8rl61E+nqwwitLqBWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMzE3NTk4ODM3M2U1NmI2ZmZlMGIxNWExZmM3NWQ0Njkz
YWUyYzAwHhcNMjMwMTAxMTIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmEzOWUzM2UwYWYyZTNlZmNmOThlN2E5MTQ3OGE4ZTU2ZmRhOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnuQASz+SLHQTv9KWyHGaF0Rp8Ar
mTiK3VB3ALy7IUjwnVO1hnJKFFr2qJrknrOH9Pc+8YTOxNPDPJ7JbG9dTJlFej9k
UwEcq5CCiWjJ3cJM0/Ut2pc90RfnHQ0V1BiztlNqELVxivswUJgn3P/X/tkMz5MT
cklyUORqqi9ob5lPSbKPABFag/xX6CJY3z41cOLjt4yOICrzIrk+QsrKnM1Dazw/
W00yyAm/7r93vBIwTW3E6aTB7LARkkqy4WOfIfZl/DPoq5//spSxy9dTAt0ASOr7
v471CxUP43KAz9uR0i2Mex3Bnal3j6TwCSWDFx7TqI02BxaFNBM7Y3UyWQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPajnjPgry4+/PmOepFHio5W/akKMB8GA1UdIwQY
MBaAFHsxdZiDc+Vrb/4LFaH8ddRpOuLAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXpGMW1JTno1V3R2X2dzVm9meDExR2s2NHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84NTAxMzQtYmIyMS00YmFkLTllZWEt
ZGZkNTFiMDZkZDk5LzEvOXFPZU0tQ3ZMajc4LVk1NmtVZUtqbGI5cVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84NTAxMzQtYmIyMS00YmFkLTllZWEtZGZkNTFiMDZkZDk5
LzEvZXpGMW1JTno1V3R2X2dzVm9meDExR2s2NHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQFLvigAwQD
Vm/wMAwDBAC5bjEDBAK5bjADBALBamgwDQQCAAIwBwMFACoBdAAwDQYJKoZIhvcN
AQELBQADggEBAERLzhUebZmYQo8zLGAp0HMLv9TDINxinYrJKhlO4PAKisppFqQ5
jnwhZy+pS1uxRg4vYwio7FMrEtpO/OY7vFnPuujOzSLbD/yF7Vgm1uGq+ipBcqLk
yAPGs2rbyxbwvFv6+fhJfyEA4n4/usF3CoWcRmX54Rk2Cbiej2Py9uvDnzbUaMpb
ZDv1ICvVHxTDyw7Twam5WAxe3yvux/RXQn07aFC9PmcOFfdl4y3V3mw8XAA1xgaf
SW/yVoBacOY77EozOKia490VxNsp3C6E17vTqlZdhGqGpNhxynPfdkqWNoE19/b5
NkqNq99zGg+5FkYBN5pxDQ2Z5qa4ttcEP7c=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:41 2024 by rpki-client on console.sobornost.net