Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/I-JkhZeU7W6JfUtTZDBu73nRiys.roa
File: I-JkhZeU7W6JfUtTZDBu73nRiys.roa (raw, json)
Hash identifier: +Py0xKGY12MBP+7F6Sg6fmkqsSbeQ13iUoif8OJkT+g=
Subject key identifier: 23:E2:64:85:97:94:ED:6E:89:7D:4B:53:64:30:6E:EF:79:D1:8B:2B
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 018573BA9C395A957661BA568F6190F2F082
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/I-JkhZeU7W6JfUtTZDBu73nRiys.roa
Signing time: Mon 02 Jan 2023 18:24:47 +0000
ROA not before: Mon 02 Jan 2023 18:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12555
IP address blocks: 45.135.92.0/22 maxlen: 22
81.29.128.0/20 maxlen: 20
93.189.144.0/21 maxlen: 21
185.37.63.0/24 maxlen: 24
2a0e:8f40::/29 maxlen: 29
2a00:f2a0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:9c:39:5a:95:76:61:ba:56:8f:61:90:f2:f0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 2 18:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23e264859794ed6e897d4b5364306eef79d18b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:f4:79:cd:56:ef:21:d3:d0:a9:52:16:6e:
89:57:f3:45:7c:ce:fd:c5:61:5a:c8:27:1a:54:fa:
75:35:c3:b8:20:76:a3:b7:c2:8d:f4:66:d2:00:86:
5a:cc:5e:bf:dd:fc:13:93:0e:e3:ae:3e:6d:e6:da:
02:d1:8c:9e:ca:91:4d:41:06:0f:ea:73:e8:d8:4e:
94:63:9f:da:33:64:f3:8d:db:71:82:52:59:86:9c:
98:40:b7:cf:1f:77:ec:5c:4f:c2:29:60:e3:c0:f0:
87:57:54:48:91:c7:cf:b9:fb:46:45:39:42:5e:da:
b2:d4:5a:c0:01:8a:03:bc:c7:69:93:e4:b3:4a:86:
b3:dd:7a:8b:5e:dd:4a:01:1e:08:8f:0a:63:06:9d:
cc:4d:93:8d:ae:e3:c8:39:58:28:12:a5:9f:63:64:
b6:23:17:09:d5:5a:58:e2:c5:fd:cc:94:7d:a0:81:
4c:e4:02:35:e4:1d:57:dc:87:6b:7d:45:a8:2f:a3:
27:7f:17:0d:ca:08:6a:2f:74:8b:05:e6:6d:f6:a6:
f6:92:b8:81:af:ce:fb:bc:ea:d2:f5:b5:5c:25:dc:
42:cc:6b:43:78:19:28:d5:ae:4c:ab:20:27:41:df:
8f:e2:2e:6d:2d:52:a0:b9:61:d9:1e:7c:1f:7d:df:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E2:64:85:97:94:ED:6E:89:7D:4B:53:64:30:6E:EF:79:D1:8B:2B
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/I-JkhZeU7W6JfUtTZDBu73nRiys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.92.0/22
81.29.128.0/20
93.189.144.0/21
185.37.63.0/24
IPv6:
2a00:f2a0::/32
2a0e:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
b7:39:35:8f:12:1a:3d:31:8e:cd:66:1a:e8:4a:68:3d:c9:eb:
71:b5:cd:6d:9e:e8:1c:78:2a:b2:95:36:3b:a6:db:d5:1f:6d:
95:7f:f4:b4:11:e9:8b:11:12:40:de:a8:cf:12:7c:e7:7f:72:
4f:89:29:d8:5d:6c:2f:bc:ca:73:1b:6b:b3:cc:af:0c:8a:97:
02:23:db:0a:2b:7e:aa:d8:8b:4a:4a:49:86:7b:c5:dd:6d:9a:
a3:e9:75:01:8d:ca:35:71:58:1a:a4:bb:c4:34:ec:02:b2:43:
57:5f:1a:1d:54:b4:dc:d9:ac:f5:73:64:e3:2a:b7:38:2c:4d:
9a:67:50:14:42:96:26:58:a1:bc:b7:91:df:a6:2f:ad:e8:c2:
b1:9e:21:13:b6:38:81:33:10:c2:49:0f:6f:52:b7:a7:e0:53:
58:7b:d7:8e:d1:03:51:86:7a:c2:11:12:fd:69:07:2c:d7:50:
f0:db:b8:31:67:c8:b6:73:97:14:fc:03:6b:ac:ae:52:41:a2:
92:4e:9e:b4:2f:d3:fb:bc:ab:05:16:48:02:b7:de:25:e6:b0:
88:03:ea:01:36:c9:21:fb:26:1c:43:59:9d:84:38:4a:95:0e:
61:6c:50:6e:5f:8f:f5:e6:ff:bc:46:20:63:e3:bf:4c:05:6f:
fd:69:bc:36
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVzupw5WpV2YbpWj2GQ8vCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjMwMTAyMTgyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UyNjQ4NTk3OTRlZDZlODk3ZDRiNTM2NDMwNmVlZjc5ZDE4YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+T0ec1W7yHT0KlSFm6JV/NFfM79
xWFayCcaVPp1NcO4IHajt8KN9GbSAIZazF6/3fwTkw7jrj5t5toC0YyeypFNQQYP
6nPo2E6UY5/aM2TzjdtxglJZhpyYQLfPH3fsXE/CKWDjwPCHV1RIkcfPuftGRTlC
Xtqy1FrAAYoDvMdpk+SzSoaz3XqLXt1KAR4IjwpjBp3MTZONruPIOVgoEqWfY2S2
IxcJ1VpY4sX9zJR9oIFM5AI15B1X3IdrfUWoL6MnfxcNyghqL3SLBeZt9qb2kriB
r877vOrS9bVcJdxCzGtDeBko1a5MqyAnQd+P4i5tLVKguWHZHnwffd9VjQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCPiZIWXlO1uiX1LU2Qwbu950YsrMB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvSS1Ka2haZVU3VzZKZlV0VFpEQnU3M25SaXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYdcAwQE
UR2AAwQDXb2QAwQAuSU/MBQEAgACMA4DBQAqAPKgAwUDKg6PQDANBgkqhkiG9w0B
AQsFAAOCAQEAtzk1jxIaPTGOzWYa6EpoPcnrcbXNbZ7oHHgqspU2O6bb1R9tlX/0
tBHpixESQN6ozxJ8539yT4kp2F1sL7zKcxtrs8yvDIqXAiPbCit+qtiLSkpJhnvF
3W2ao+l1AY3KNXFYGqS7xDTsArJDV18aHVS03Nms9XNk4yq3OCxNmmdQFEKWJlih
vLeR36YvrejCsZ4hE7Y4gTMQwkkPb1K3p+BTWHvXjtEDUYZ6whES/WkHLNdQ8Nu4
MWfItnOXFPwDa6yuUkGikk6etC/T+7yrBRZIArfeJeawiAPqATbJIfsmHENZnYQ4
SpUOYWxQbl+P9eb/vEYgY+O/TAVv/Wm8Ng==
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:07 2024 by rpki-client on console.sobornost.net