Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/1YWCrTUCkKEjn5gwjYGZ5t1_3Oo.roa
File: 1YWCrTUCkKEjn5gwjYGZ5t1_3Oo.roa (raw, json)
Hash identifier: l5npngNv+2MRO/h6N4ZtMb/XbF+YsgZ+Ud/PNiTaYbM=
Subject key identifier: D5:85:82:AD:35:02:90:A1:23:9F:98:30:8D:81:99:E6:DD:7F:DC:EA
Certificate issuer: /CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Certificate serial: 01856BAEAD58C88DA2238A5D84425DE1C9A7
Authority key identifier: 15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/1YWCrTUCkKEjn5gwjYGZ5t1_3Oo.roa
Signing time: Sun 01 Jan 2023 04:54:47 +0000
ROA not before: Sun 01 Jan 2023 04:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34975
IP address blocks: 95.129.57.0/24 maxlen: 24
95.129.56.0/24 maxlen: 24
95.129.58.0/24 maxlen: 24
185.18.20.0/22 maxlen: 22
95.129.60.0/22 maxlen: 22
95.129.59.0/24 maxlen: 24
95.143.17.0/24 maxlen: 24
95.143.16.0/24 maxlen: 24
95.143.20.0/24 maxlen: 24
95.143.19.0/24 maxlen: 24
95.143.24.0/21 maxlen: 21
95.143.18.0/24 maxlen: 24
95.143.23.0/24 maxlen: 24
95.143.22.0/24 maxlen: 24
95.143.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:ad:58:c8:8d:a2:23:8a:5d:84:42:5d:e1:c9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Validity
Not Before: Jan 1 04:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d58582ad350290a1239f98308d8199e6dd7fdcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:51:17:c0:6d:ae:03:4e:67:31:00:4c:3b:
3a:79:c5:6a:05:73:b2:f1:ac:2b:ef:27:e0:80:5b:
d6:b8:ad:86:13:87:9a:f9:dd:ad:39:fe:c0:91:bc:
c7:13:cc:c2:84:a9:7c:83:90:c1:87:dd:a6:34:4a:
6c:32:a7:23:a8:95:bb:d4:bc:af:0c:15:8b:32:5f:
c9:03:4f:7f:17:ea:74:9a:11:2a:bf:dc:5e:65:a7:
bc:70:e9:88:91:de:f3:22:59:ae:d6:06:04:f8:1c:
44:d5:10:b3:64:0d:02:a6:82:e7:96:e3:6f:6d:82:
ba:02:dc:33:ad:de:33:ce:5a:bc:4b:9b:44:64:86:
58:20:4c:e8:07:dd:5e:c7:0a:11:74:0a:0f:7d:a8:
d6:ef:ce:32:7a:4b:02:39:8d:b0:58:b0:3e:59:02:
66:66:6b:26:7d:45:2a:41:e2:50:84:47:3a:8f:d5:
76:be:6c:97:c3:bd:95:cc:5a:f8:ab:76:b2:05:f1:
fc:0e:d1:49:5c:91:f5:10:40:f2:7f:6b:c9:1c:ff:
22:18:9b:aa:11:21:23:04:66:9c:32:68:39:f4:d4:
61:bc:c6:b2:02:fa:f5:3b:e6:3c:b4:7c:fe:fa:32:
5a:cc:18:93:d1:bd:16:2b:d6:c6:e4:7a:a7:d2:d5:
43:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:85:82:AD:35:02:90:A1:23:9F:98:30:8D:81:99:E6:DD:7F:DC:EA
X509v3 Authority Key Identifier:
keyid:15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/1YWCrTUCkKEjn5gwjYGZ5t1_3Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.56.0/21
95.143.16.0/20
185.18.20.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:f0:15:2f:17:37:9c:ba:9d:24:fc:08:26:2a:f0:5f:0a:d8:
0f:98:13:3f:23:4c:7d:06:9f:04:cf:22:36:46:67:22:29:3b:
68:1f:5e:f4:9c:6e:14:3d:ac:88:6d:a0:ac:88:eb:a8:cf:b3:
98:dc:a4:d9:7f:96:65:b5:bc:74:74:3e:7d:35:01:02:df:71:
01:4c:59:d2:71:9e:5d:67:25:53:56:2c:48:04:cf:78:e9:a9:
a0:32:35:8f:50:3b:5b:dc:af:7f:b9:54:d6:fc:50:4a:89:8f:
52:42:1a:fc:6f:36:bd:2b:57:5f:8b:36:fe:0c:9b:17:e4:7a:
ce:51:e4:9d:15:e3:7c:65:6a:e2:ef:47:d3:58:00:3b:85:7a:
05:4d:9a:4d:45:b1:f7:c8:f3:56:bb:a1:29:80:90:d3:15:ce:
7b:2a:6c:b6:63:91:0a:46:0c:e8:5c:d4:ca:aa:8a:06:53:39:
f3:fc:f0:22:28:c3:7d:f2:58:75:22:9c:b3:7b:03:4d:11:84:
b3:1f:af:06:85:e5:b3:cd:ee:d3:c3:f0:e8:fe:b1:4e:f8:1a:
b7:5c:8a:89:b3:71:b5:5d:f4:5a:22:ec:5f:d3:fe:8a:c2:71:
69:fe:b5:72:1b:b6:5b:b3:a6:b5:ad:82:61:71:e9:bb:ec:f4:
a5:1e:65:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrrq1YyI2iI4pdhEJd4cmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2NlMDYxZDI0MDhkOWE4ZjZiMmI5NDE2MmQxZjc0ZmFj
M2RjYWMwHhcNMjMwMTAxMDQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg1ODJhZDM1MDI5MGExMjM5Zjk4MzA4ZDgxOTllNmRkN2ZkY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBZRF8BtrgNOZzEATDs6ecVqBXOy
8awr7yfggFvWuK2GE4ea+d2tOf7AkbzHE8zChKl8g5DBh92mNEpsMqcjqJW71Lyv
DBWLMl/JA09/F+p0mhEqv9xeZae8cOmIkd7zIlmu1gYE+BxE1RCzZA0CpoLnluNv
bYK6Atwzrd4zzlq8S5tEZIZYIEzoB91exwoRdAoPfajW784yeksCOY2wWLA+WQJm
ZmsmfUUqQeJQhEc6j9V2vmyXw72VzFr4q3ayBfH8DtFJXJH1EEDyf2vJHP8iGJuq
ESEjBGacMmg59NRhvMayAvr1O+Y8tHz++jJazBiT0b0WK9bG5Hqn0tVDRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNWFgq01ApChI5+YMI2Bmebdf9zqMB8GA1UdIwQY
MBaAFBXM4GHSQI2aj2srlBYtH3T6w9ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMt
NjY4MmY3ODI3ZGYwLzEvMVlXQ3JUVUNrS0VqbjVnd2pZR1o1dDFfM09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMtNjY4MmY3ODI3ZGYw
LzEvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX4E4AwQE
X48QAwQCuRIUMA0GCSqGSIb3DQEBCwUAA4IBAQBv8BUvFzecup0k/AgmKvBfCtgP
mBM/I0x9Bp8EzyI2RmciKTtoH170nG4UPayIbaCsiOuoz7OY3KTZf5Zltbx0dD59
NQEC33EBTFnScZ5dZyVTVixIBM946amgMjWPUDtb3K9/uVTW/FBKiY9SQhr8bza9
K1dfizb+DJsX5HrOUeSdFeN8ZWri70fTWAA7hXoFTZpNRbH3yPNWu6EpgJDTFc57
Kmy2Y5EKRgzoXNTKqooGUznz/PAiKMN98lh1IpyzewNNEYSzH68GheWzze7Tw/Do
/rFO+Bq3XIqJs3G1XfRaIuxf0/6KwnFp/rVyG7Zbs6a1rYJhcem77PSlHmVp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:18 2023 by rpki-client on console.sobornost.net