Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8vzqy-KLYOMnAXir_MVzDLpRdn0.roa
File: 8vzqy-KLYOMnAXir_MVzDLpRdn0.roa (raw, json)
Hash identifier: Ew4rC9xmTPqhUzq9rurBwg2mCXabijslinwREOFG7dk=
Subject key identifier: F2:FC:EA:CB:E2:8B:60:E3:27:01:78:AB:FC:C5:73:0C:BA:51:76:7D
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F532E2B47C68700F49EE2D67917E
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8vzqy-KLYOMnAXir_MVzDLpRdn0.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205552
IP address blocks: 185.224.218.0/24 maxlen: 24
194.40.240.0/24 maxlen: 24
194.40.242.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f5:32:e2:b4:7c:68:70:0f:49:ee:2d:67:91:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2fceacbe28b60e3270178abfcc5730cba51767d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:18:dc:fd:3c:57:b1:98:79:66:31:87:e2:c6:
64:24:94:44:fa:d1:df:b4:24:98:b4:1f:a0:52:96:
c8:59:87:71:e9:4f:77:e5:be:b8:8a:fe:12:0f:5b:
e0:bc:91:dc:de:29:5a:8b:5c:ea:c7:66:c6:9d:6e:
01:67:72:54:52:17:ab:a0:0a:0a:ff:a1:f0:af:db:
4e:37:73:39:a8:88:4d:23:bc:83:42:2d:48:88:ab:
76:15:1c:48:d6:58:06:b3:72:f8:da:01:b7:a8:5c:
5a:fa:bb:0f:8f:4b:b3:18:ad:88:29:1a:a0:20:f6:
c9:84:57:d4:fd:12:02:35:81:2e:78:c7:06:3f:38:
53:00:8e:74:c1:ab:b3:32:bf:b2:98:80:79:1b:92:
ce:a6:41:9e:3d:9a:d4:cd:4c:d8:18:52:af:3f:6e:
5b:f0:1a:e3:84:bb:40:38:a9:fe:4c:db:30:2a:37:
8b:47:f3:2f:eb:be:09:12:bf:87:1b:e2:e5:1a:1e:
f4:10:90:ab:22:bf:35:59:86:8c:0d:a6:91:48:9d:
73:e6:8f:3e:25:0e:21:72:5c:74:59:b7:80:a7:6c:
8f:57:97:f8:83:22:2d:13:43:74:b1:a2:bd:15:ed:
85:38:08:fd:d0:10:ea:60:15:b4:35:46:c2:81:b7:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:FC:EA:CB:E2:8B:60:E3:27:01:78:AB:FC:C5:73:0C:BA:51:76:7D
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8vzqy-KLYOMnAXir_MVzDLpRdn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.218.0/24
194.40.240.0-194.40.242.255
Signature Algorithm: sha256WithRSAEncryption
2e:96:e0:0b:f7:99:4e:dd:9a:f4:e6:c3:43:3a:11:ee:7f:01:
8d:56:d6:06:e5:35:8b:b7:07:d8:9f:c9:5b:48:24:4e:be:52:
e5:c5:7c:49:d4:39:e7:36:1d:81:cf:36:4c:a9:ae:3a:b8:e6:
e8:c7:5f:c4:37:d1:18:87:50:8b:8e:46:ce:3e:48:cc:e9:a8:
8b:77:6f:ba:87:41:06:41:a0:05:d4:0f:e9:9e:aa:88:f0:81:
67:2a:f1:04:a4:d1:13:30:5e:85:56:36:6e:71:8f:b2:3e:16:
3c:b8:c7:6e:a0:fc:7c:42:0e:08:ea:e2:a2:66:f9:92:72:c0:
ad:d2:6f:eb:86:80:7b:4a:ce:21:4b:4c:71:a1:24:5a:f7:16:
20:a2:4c:9e:65:ed:83:5e:a9:9a:f9:0c:b8:33:b3:da:84:2e:
d8:8b:2b:7c:4b:43:e2:be:b8:fd:4c:0e:b8:61:9d:c5:7f:fc:
e9:03:0a:13:bf:7d:27:b2:78:f7:94:40:27:c1:64:62:a0:b9:
08:4b:ec:b2:31:36:30:e4:6a:3e:7f:df:e8:5e:4c:34:d8:b1:
d0:fe:92:ae:4a:9f:12:e0:bc:f3:76:fb:8e:45:f1:a9:22:09:
03:53:ef:53:63:13:2c:34:ce:f2:3b:7d:53:af:cf:a0:1f:3a:
59:66:bd:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDtvUy4rR8aHAPSe4tZ5F+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmZjZWFjYmUyOGI2MGUzMjcwMTc4YWJmY2M1NzMwY2JhNTE3NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxjc/TxXsZh5ZjGH4sZkJJRE+tHf
tCSYtB+gUpbIWYdx6U935b64iv4SD1vgvJHc3ilai1zqx2bGnW4BZ3JUUheroAoK
/6Hwr9tON3M5qIhNI7yDQi1IiKt2FRxI1lgGs3L42gG3qFxa+rsPj0uzGK2IKRqg
IPbJhFfU/RICNYEueMcGPzhTAI50wauzMr+ymIB5G5LOpkGePZrUzUzYGFKvP25b
8BrjhLtAOKn+TNswKjeLR/Mv674JEr+HG+LlGh70EJCrIr81WYaMDaaRSJ1z5o8+
JQ4hclx0WbeAp2yPV5f4gyItE0N0saK9Fe2FOAj90BDqYBW0NUbCgbfIuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPL86svii2DjJwF4q/zFcwy6UXZ9MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvOHZ6cXktS0xZT01uQVhpcl9NVnpETHBSZG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAueDaMAwD
BATCKPADBADCKPIwDQYJKoZIhvcNAQELBQADggEBAC6W4Av3mU7dmvTmw0M6Ee5/
AY1W1gblNYu3B9ifyVtIJE6+UuXFfEnUOec2HYHPNkyprjq45ujHX8Q30RiHUIuO
Rs4+SMzpqIt3b7qHQQZBoAXUD+meqojwgWcq8QSk0RMwXoVWNm5xj7I+Fjy4x26g
/HxCDgjq4qJm+ZJywK3Sb+uGgHtKziFLTHGhJFr3FiCiTJ5l7YNeqZr5DLgzs9qE
LtiLK3xLQ+K+uP1MDrhhncV//OkDChO/fSeyePeUQCfBZGKguQhL7LIxNjDkaj5/
3+heTDTYsdD+kq5KnxLgvPN2+45F8akiCQNT71NjEyw0zvI7fVOvz6AfOllmvYg=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:21 2024 by rpki-client on console.sobornost.net