Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/z_gbYmv8X3bX8NyzFO0r1NV-i2U.roa
File: z_gbYmv8X3bX8NyzFO0r1NV-i2U.roa (raw, json)
Hash identifier: O7PI66PutGt7G3qhe9Jzw87Ir/eGEzeaBXAfNmjBxFY=
Subject key identifier: CF:F8:1B:62:6B:FC:5F:76:D7:F0:DC:B3:14:ED:2B:D4:D5:7E:8B:65
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 0185A9230CE566F6F4CED2221449725579D0
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/z_gbYmv8X3bX8NyzFO0r1NV-i2U.roa
Signing time: Fri 13 Jan 2023 03:18:44 +0000
ROA not before: Fri 13 Jan 2023 03:18:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 185.126.34.0/24 maxlen: 24
185.28.37.0/24 maxlen: 24
185.28.39.0/24 maxlen: 24
2a10:1440:1::/48 maxlen: 48
2a10:1440::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a9:23:0c:e5:66:f6:f4:ce:d2:22:14:49:72:55:79:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Jan 13 03:18:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cff81b626bfc5f76d7f0dcb314ed2bd4d57e8b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:c3:e4:c2:0d:91:67:60:3a:f6:08:ac:ba:
dc:a2:e0:c3:b6:c8:b2:1c:48:c8:15:64:ae:e4:83:
b2:8e:fe:bf:f1:56:67:d3:ac:89:20:53:34:40:97:
93:93:b4:03:44:e9:71:5c:8c:23:3d:a1:bd:fc:8b:
9d:86:19:90:65:71:e1:2e:1f:07:dd:a9:3a:7c:be:
51:b6:d6:f4:39:1a:f7:f4:6b:a6:9e:72:2f:12:16:
e5:05:89:d7:38:26:01:51:8b:37:b8:dd:de:2a:94:
6c:51:2e:40:88:5c:1d:06:29:2b:e7:46:62:19:fe:
22:78:cb:f2:e5:01:9c:40:64:d0:b3:99:64:54:0e:
f4:84:3e:f9:15:18:a8:d4:e4:5a:d6:d7:20:b6:ba:
72:59:c1:eb:f0:1e:12:17:b1:a8:44:01:40:c4:94:
b0:be:d0:95:50:af:53:16:91:73:22:8c:a9:08:1b:
04:83:49:12:38:c4:8c:bb:83:0a:6f:0d:98:db:d1:
d1:5f:16:00:0b:4e:36:84:9d:47:ef:92:aa:7f:b7:
29:68:b3:13:e5:a7:8b:79:dc:56:32:ad:27:1a:68:
46:4b:ae:8f:96:61:0c:5a:fe:05:18:e8:b2:0f:b7:
c2:e3:bb:e1:9f:d7:2c:25:22:8a:79:6c:4d:e0:df:
af:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F8:1B:62:6B:FC:5F:76:D7:F0:DC:B3:14:ED:2B:D4:D5:7E:8B:65
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/z_gbYmv8X3bX8NyzFO0r1NV-i2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.37.0/24
185.28.39.0/24
185.126.34.0/24
IPv6:
2a10:1440::/29
Signature Algorithm: sha256WithRSAEncryption
22:93:76:1f:67:a4:ce:52:4e:a1:3e:6c:fa:73:db:3a:6d:21:
d8:b5:c1:72:3f:49:71:7b:d7:4b:09:a9:52:cc:03:59:b8:e3:
09:10:84:ac:cc:cb:14:cc:92:6c:2b:20:f5:40:b1:7f:cc:05:
bb:4c:4f:82:1e:3d:3b:30:10:12:67:bb:d7:61:cf:fa:3c:24:
c0:49:66:9d:64:50:72:33:37:b8:33:9c:23:30:ab:91:e2:89:
29:1f:49:7b:f5:cb:70:93:5e:d6:98:88:af:e7:cf:4d:6b:8a:
b9:5e:d6:5f:66:30:e0:46:c7:a9:33:59:50:e2:e0:b8:20:27:
df:dc:0e:43:96:f2:0e:86:71:00:e3:9c:b0:c9:7c:ab:4e:79:
2e:ad:d9:11:cb:3e:5e:bd:ef:11:5c:58:3b:da:bc:4a:af:94:
06:de:3b:79:04:99:ce:75:27:03:0d:c1:03:fa:f8:2b:28:96:
81:81:8a:a6:5d:ff:92:44:d4:c8:af:88:2f:1d:20:49:90:18:
35:53:36:ff:bf:47:c6:44:32:6c:f3:d8:40:59:97:56:c7:76:
05:a5:38:70:81:35:9f:35:0b:b0:0c:10:c9:50:9e:b1:2c:51:
9f:38:2a:81:20:dd:ec:13:9f:ae:97:d1:bd:b4:2c:dd:02:a7:
6c:d4:fc:03
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYWpIwzlZvb0ztIiFElyVXnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjMwMTEzMDMxODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmY4MWI2MjZiZmM1Zjc2ZDdmMGRjYjMxNGVkMmJkNGQ1N2U4YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX3D5MINkWdgOvYIrLrcouDDtsiy
HEjIFWSu5IOyjv6/8VZn06yJIFM0QJeTk7QDROlxXIwjPaG9/IudhhmQZXHhLh8H
3ak6fL5Rttb0ORr39GumnnIvEhblBYnXOCYBUYs3uN3eKpRsUS5AiFwdBikr50Zi
Gf4ieMvy5QGcQGTQs5lkVA70hD75FRio1ORa1tcgtrpyWcHr8B4SF7GoRAFAxJSw
vtCVUK9TFpFzIoypCBsEg0kSOMSMu4MKbw2Y29HRXxYAC042hJ1H75Kqf7cpaLMT
5aeLedxWMq0nGmhGS66PlmEMWv4FGOiyD7fC47vhn9csJSKKeWxN4N+vpwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM/4G2Jr/F921/DcsxTtK9TVfotlMB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvel9nYlltdjhYM2JYOE55ekZPMHIxTlYtaTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMtYWU5OTllZDdjNWQ0
LzEvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuRwlAwQA
uRwnAwQAuX4iMA0EAgACMAcDBQMqEBRAMA0GCSqGSIb3DQEBCwUAA4IBAQAik3Yf
Z6TOUk6hPmz6c9s6bSHYtcFyP0lxe9dLCalSzANZuOMJEISszMsUzJJsKyD1QLF/
zAW7TE+CHj07MBASZ7vXYc/6PCTASWadZFByMze4M5wjMKuR4okpH0l79ctwk17W
mIiv589Na4q5XtZfZjDgRsepM1lQ4uC4ICff3A5DlvIOhnEA45ywyXyrTnkurdkR
yz5eve8RXFg72rxKr5QG3jt5BJnOdScDDcED+vgrKJaBgYqmXf+SRNTIr4gvHSBJ
kBg1Uzb/v0fGRDJs89hAWZdWx3YFpThwgTWfNQuwDBDJUJ6xLFGfOCqBIN3sE5+u
l9G9tCzdAqds1PwD
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:20 2024 by rpki-client on console.sobornost.net