Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/2-Tqiu2W7IR7fQXy__Q7JiWIKNg.roa
File: 2-Tqiu2W7IR7fQXy__Q7JiWIKNg.roa (raw, json)
Hash identifier: 7HqcxxONkxRIIPqW6qNfvyLj+tGdmZoWutMvMPgNDtY=
Subject key identifier: DB:E4:EA:8A:ED:96:EC:84:7B:7D:05:F2:FF:F4:3B:26:25:88:28:D8
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018571309BDF83B6AE2EB81B51864B898B99
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/2-Tqiu2W7IR7fQXy__Q7JiWIKNg.roa
Signing time: Mon 02 Jan 2023 06:34:49 +0000
ROA not before: Mon 02 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42065
IP address blocks: 91.108.0.0/22 maxlen: 24
185.51.60.0/22 maxlen: 24
91.108.24.0/21 maxlen: 24
91.108.32.0/23 maxlen: 24
91.108.52.0/24 maxlen: 24
94.124.178.0/23 maxlen: 24
95.161.88.0/22 maxlen: 24
95.161.96.0/23 maxlen: 24
95.161.102.0/23 maxlen: 24
95.161.104.0/23 maxlen: 24
95.140.92.0/24 maxlen: 24
95.140.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9b:df:83:b6:ae:2e:b8:1b:51:86:4b:89:8b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 2 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe4ea8aed96ec847b7d05f2fff43b26258828d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:85:4f:cf:de:e5:09:f5:87:70:94:5e:f2:44:
b4:e4:75:0b:a7:59:8f:9f:e8:ff:a0:c3:a4:d0:9b:
c6:a4:26:f3:36:f9:43:fa:76:14:2d:34:49:1b:38:
2f:0d:05:bf:80:58:00:ef:8b:2e:4b:6e:3a:96:b0:
20:72:f5:98:34:48:f0:89:c0:1b:c3:84:96:51:2c:
f8:e1:7e:e4:fa:73:6f:a3:b5:97:a7:5a:d4:6c:ce:
49:32:bf:17:ce:2d:00:92:ed:ee:4d:01:30:a5:54:
a9:b0:f7:07:15:ce:1b:b8:d4:09:a6:7d:4e:51:00:
eb:07:38:60:63:14:a2:cf:8b:27:ca:41:af:30:be:
ec:4e:f8:90:5f:92:40:d0:4f:5c:9e:f8:0e:09:26:
3f:00:de:4c:f1:21:0c:d6:63:e8:f4:db:11:d7:53:
a4:06:a0:99:11:8f:94:da:21:5c:eb:bc:a0:d6:b3:
9d:dd:af:23:8e:b7:9b:46:e3:09:3f:bd:d9:f1:0a:
b4:fe:83:5a:1e:82:a7:75:16:64:c7:cd:7b:24:5e:
74:f7:63:37:f9:b4:94:ec:cb:56:00:d1:a0:1d:f3:
20:d2:53:f5:11:61:35:37:db:28:ba:80:72:7d:51:
e8:9c:bc:1a:be:65:75:7f:d4:e0:6f:fe:d8:1e:fa:
c7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E4:EA:8A:ED:96:EC:84:7B:7D:05:F2:FF:F4:3B:26:25:88:28:D8
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/2-Tqiu2W7IR7fQXy__Q7JiWIKNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.0.0/22
91.108.24.0-91.108.33.255
91.108.52.0/24
94.124.178.0/23
95.140.92.0/24
95.140.94.0/24
95.161.88.0/22
95.161.96.0/23
95.161.102.0-95.161.105.255
185.51.60.0/22
Signature Algorithm: sha256WithRSAEncryption
86:a3:23:ef:50:fd:dd:55:92:c2:00:39:a7:0d:e7:09:20:52:
4e:dd:4b:62:dd:50:28:42:f9:7b:52:dc:0b:d0:22:8e:c4:b5:
69:ee:8a:ed:eb:5f:87:36:71:8f:e2:24:e4:da:9a:7c:97:fd:
de:0c:19:a2:c2:85:a7:28:ed:21:1f:3b:06:bc:76:25:25:32:
f5:dc:ff:e8:8e:96:a6:f6:07:d5:3d:4c:c3:f0:2f:9f:ea:29:
c0:f9:23:c0:14:85:4b:a7:0a:f4:91:b7:30:df:30:2c:59:71:
63:ea:b1:ae:10:52:65:89:44:71:86:2c:e6:b4:a8:ad:23:ff:
ae:91:d8:3b:e5:51:8b:a0:42:ec:6d:df:fb:80:7a:15:90:c8:
9b:a3:61:a4:b9:14:fb:66:10:19:bb:25:8b:70:bb:d0:69:57:
f3:aa:21:88:db:0d:0c:f8:1f:eb:1f:53:0c:bb:eb:98:85:ed:
5a:90:61:de:a1:ce:9d:02:b0:e6:86:f8:b1:e2:5f:c1:6c:d0:
91:3b:4a:d4:5b:84:02:d2:89:21:7c:a2:a3:3c:f1:32:cd:82:
a4:e2:99:4d:ae:ca:5c:4c:e1:58:8b:72:1e:85:7b:e4:24:5b:
23:ef:5d:cf:d8:38:50:92:f8:d7:f6:3b:5c:52:2c:18:37:71:
78:47:77:6d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVxMJvfg7auLrgbUYZLiYuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU0ZWE4YWVkOTZlYzg0N2I3ZDA1ZjJmZmY0M2IyNjI1ODgyOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIVPz97lCfWHcJRe8kS05HULp1mP
n+j/oMOk0JvGpCbzNvlD+nYULTRJGzgvDQW/gFgA74suS246lrAgcvWYNEjwicAb
w4SWUSz44X7k+nNvo7WXp1rUbM5JMr8Xzi0Aku3uTQEwpVSpsPcHFc4buNQJpn1O
UQDrBzhgYxSiz4snykGvML7sTviQX5JA0E9cnvgOCSY/AN5M8SEM1mPo9NsR11Ok
BqCZEY+U2iFc67yg1rOd3a8jjrebRuMJP73Z8Qq0/oNaHoKndRZkx817JF5092M3
+bSU7MtWANGgHfMg0lP1EWE1N9souoByfVHonLwavmV1f9Tgb/7YHvrH+wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFNvk6ortluyEe30F8v/0OyYliCjYMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvMi1UcWl1Mlc3SVI3ZlFYeV9fUTdKaVdJS05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCW2wAMAwD
BANbbBgDBAFbbCADBABbbDQDBAFefLIDBABfjFwDBABfjF4DBAJfoVgDBAFfoWAw
DAMEAV+hZgMEAV+haAMEArkzPDANBgkqhkiG9w0BAQsFAAOCAQEAhqMj71D93VWS
wgA5pw3nCSBSTt1LYt1QKEL5e1LcC9AijsS1ae6K7etfhzZxj+Ik5NqafJf93gwZ
osKFpyjtIR87Brx2JSUy9dz/6I6WpvYH1T1Mw/Avn+opwPkjwBSFS6cK9JG3MN8w
LFlxY+qxrhBSZYlEcYYs5rSorSP/rpHYO+VRi6BC7G3f+4B6FZDIm6NhpLkU+2YQ
Gbsli3C70GlX86ohiNsNDPgf6x9TDLvrmIXtWpBh3qHOnQKw5ob4seJfwWzQkTtK
1FuEAtKJIXyiozzxMs2CpOKZTa7KXEzhWItyHoV75CRbI+9dz9g4UJL41/Y7XFIs
GDdxeEd3bQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:41 2023 by rpki-client on console.sobornost.net