Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/aaD6FVsKKi4awRvqC-sMDpEHH3k.roa
File: aaD6FVsKKi4awRvqC-sMDpEHH3k.roa (raw, json)
Hash identifier: XFxqYGBy2qZ/Qtp89S+Jo9MhWPq92PERFu9J3I25k44=
Subject key identifier: 69:A0:FA:15:5B:0A:2A:2E:1A:C1:1B:EA:0B:EB:0C:0E:91:07:1F:79
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 018C7C285103774A3C238CE5FE5048A2EB13
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/aaD6FVsKKi4awRvqC-sMDpEHH3k.roa
Signing time: Mon 18 Dec 2023 09:01:06 +0000
ROA not before: Mon 18 Dec 2023 09:01:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.173.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
104.247.189.0/24 maxlen: 24
104.247.188.0/24 maxlen: 24
104.247.190.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:28:51:03:77:4a:3c:23:8c:e5:fe:50:48:a2:eb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Dec 18 09:01:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a0fa155b0a2a2e1ac11bea0beb0c0e91071f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:c9:19:86:51:0b:90:da:6a:92:11:7f:1d:
b1:24:c8:af:55:91:a5:d4:5c:ca:5e:ef:a2:53:5d:
54:4c:55:ff:13:2d:71:0a:5c:7c:12:31:1c:ae:49:
4a:14:8a:02:29:e2:06:5e:b7:a4:ce:9e:18:f8:ce:
79:9e:ee:30:17:db:dd:c1:47:2a:d5:fb:e7:cf:07:
08:f4:21:d0:5c:c6:b2:3b:2e:e2:f5:b9:b9:ec:d7:
eb:a6:ee:eb:f1:1c:0c:1c:9d:24:ad:6b:48:c5:a4:
95:9d:87:f3:6f:bc:76:c6:40:dd:0c:00:2a:d1:91:
5e:5a:9d:20:db:31:5c:93:9a:5b:c7:23:7e:43:27:
14:ba:a3:c4:ff:41:ce:95:dd:bb:69:9a:e6:e9:5a:
a6:a5:04:f9:0c:c2:9b:44:43:1c:67:fa:30:9f:af:
b2:ef:fe:81:9c:32:b0:5e:91:cd:90:76:96:4c:7f:
e5:02:44:38:be:6e:2e:33:07:05:f4:2c:49:f0:54:
00:b0:fd:ca:fd:df:14:97:cd:87:b9:f9:28:4e:da:
c0:d8:94:74:1f:60:01:6d:45:f8:ae:3a:45:f7:cf:
58:6b:db:1e:2f:97:30:3b:97:41:a6:76:15:8e:65:
39:5d:0c:80:76:c8:83:0a:07:6c:46:bf:bc:07:fc:
3c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A0:FA:15:5B:0A:2A:2E:1A:C1:1B:EA:0B:EB:0C:0E:91:07:1F:79
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/aaD6FVsKKi4awRvqC-sMDpEHH3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.180.255
104.247.182.0/24
104.247.184.0-104.247.186.255
104.247.188.0-104.247.190.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
33:db:13:0a:4e:ee:f4:a5:10:c4:03:ef:b7:91:a1:d0:6b:00:
35:29:df:cc:ce:5e:27:41:18:85:47:3a:10:7e:ef:8b:e4:52:
eb:0a:2f:65:ff:a2:f7:25:a1:b1:ef:e2:78:6e:03:17:1c:17:
95:d8:94:cc:aa:c6:f6:66:08:20:bf:64:01:8d:cb:39:2d:38:
41:92:68:80:98:2c:c2:5b:12:9f:07:68:41:ce:34:22:ea:3f:
b1:90:43:99:e5:c3:04:44:ca:04:77:d5:f3:ae:b4:71:5c:a6:
1e:64:52:a9:4d:7c:47:a0:17:86:98:6b:1d:d5:4b:3a:bc:ee:
bb:3f:a3:dc:4d:92:63:2b:5f:f7:3c:01:88:40:1b:54:b6:44:
5e:39:ea:05:07:5d:7a:39:c6:51:bf:9c:c2:94:f1:79:74:5b:
68:96:5a:93:b8:71:e2:21:c9:ca:58:30:2b:62:71:f4:fa:ca:
03:e9:a0:95:1f:3f:bc:11:68:54:f9:5a:fb:9d:1b:9d:bf:89:
6c:1e:60:96:c4:1b:4f:32:41:0d:de:e4:09:96:d3:88:3b:c1:
e0:4d:83:82:c8:4e:c1:21:9c:b4:04:09:29:fe:40:60:fa:10:
3f:9e:21:9b:af:43:21:a0:7d:38:a6:65:49:27:4a:1c:59:4a:
27:f8:21:dc
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYx8KFEDd0o8I4zl/lBIousTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjMxMjE4MDkwMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWEwZmExNTViMGEyYTJlMWFjMTFiZWEwYmViMGMwZTkxMDcxZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfbJGYZRC5DaapIRfx2xJMivVZGl
1FzKXu+iU11UTFX/Ey1xClx8EjEcrklKFIoCKeIGXrekzp4Y+M55nu4wF9vdwUcq
1fvnzwcI9CHQXMayOy7i9bm57Nfrpu7r8RwMHJ0krWtIxaSVnYfzb7x2xkDdDAAq
0ZFeWp0g2zFck5pbxyN+QycUuqPE/0HOld27aZrm6VqmpQT5DMKbREMcZ/own6+y
7/6BnDKwXpHNkHaWTH/lAkQ4vm4uMwcF9CxJ8FQAsP3K/d8Ul82HufkoTtrA2JR0
H2ABbUX4rjpF989Ya9seL5cwO5dBpnYVjmU5XQyAdsiDCgdsRr+8B/w8uQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGmg+hVbCiouGsEb6gvrDA6RBx95MB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvYWFENkZWc0tLaTRhd1J2cUMtc01EcEVISDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8MAwDBAFo96oD
BABo97QDBABo97YwDAMEA2j3uAMEAGj3ujAMAwQCaPe8AwQAaPe+AwQCuUmAAwQA
uYnXMA0EAgACMAcDBQAqA6WgMA0GCSqGSIb3DQEBCwUAA4IBAQAz2xMKTu70pRDE
A++3kaHQawA1Kd/Mzl4nQRiFRzoQfu+L5FLrCi9l/6L3JaGx7+J4bgMXHBeV2JTM
qsb2Zgggv2QBjcs5LThBkmiAmCzCWxKfB2hBzjQi6j+xkEOZ5cMERMoEd9XzrrRx
XKYeZFKpTXxHoBeGmGsd1Us6vO67P6PcTZJjK1/3PAGIQBtUtkReOeoFB116OcZR
v5zClPF5dFtollqTuHHiIcnKWDArYnH0+soD6aCVHz+8EWhU+Vr7nRudv4lsHmCW
xBtPMkEN3uQJltOIO8HgTYOCyE7BIZy0BAkp/kBg+hA/niGbr0MhoH04pmVJJ0oc
WUon+CHc
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:41 2024 by rpki-client on console.sobornost.net