Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/xaCAWq-XtlIOZy8O1CmQkGTMx0Y.roa
File: xaCAWq-XtlIOZy8O1CmQkGTMx0Y.roa (raw, json)
Hash identifier: k3LP1rQ4EzC5Pg7sPAfdaJJCsWuRWJRdrnlNeqltPOA=
Subject key identifier: C5:A0:80:5A:AF:97:B6:52:0E:67:2F:0E:D4:29:90:90:64:CC:C7:46
Certificate issuer: /CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Certificate serial: 018571308EB198023D4D8770BD78422FD7BA
Authority key identifier: 42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/xaCAWq-XtlIOZy8O1CmQkGTMx0Y.roa
Signing time: Mon 02 Jan 2023 06:34:45 +0000
ROA not before: Mon 02 Jan 2023 06:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49129
IP address blocks: 185.110.164.0/22 maxlen: 22
178.236.48.0/20 maxlen: 20
31.192.0.0/20 maxlen: 20
31.192.16.0/20 maxlen: 20
77.242.48.0/20 maxlen: 20
31.192.32.0/20 maxlen: 20
80.77.48.0/20 maxlen: 20
31.192.48.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:8e:b1:98:02:3d:4d:87:70:bd:78:42:2f:d7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Validity
Not Before: Jan 2 06:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a0805aaf97b6520e672f0ed429909064ccc746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:31:8c:26:69:24:a5:20:ef:ed:2f:fc:76:0f:
3a:bd:2a:63:98:28:17:1e:bc:40:92:eb:ac:a8:5c:
bb:a1:e8:06:89:bd:ba:d5:fe:de:bc:2f:87:3c:5f:
21:3e:2a:a8:81:bb:cd:b3:50:60:a5:d1:07:d6:15:
7a:3a:d6:75:0a:a5:a8:fb:88:8a:5b:a1:21:9d:98:
83:4e:2f:98:bf:04:8b:a5:39:6a:96:3b:ec:38:8f:
e0:c8:84:d7:cd:da:96:35:c6:8e:5b:62:01:86:8e:
24:c7:c3:ac:b7:fc:07:0d:3d:bc:d6:00:af:dc:58:
8b:dc:fa:f3:67:fe:e5:ed:81:09:7a:2c:0f:f3:47:
e6:6e:bb:91:31:fa:a2:83:58:56:54:e3:83:94:5c:
4f:a1:7e:7f:63:30:9a:ee:58:1e:66:42:36:61:17:
2b:34:31:9c:65:9f:d1:45:57:05:5a:42:a1:e4:0d:
44:39:4f:5c:04:26:35:e0:cd:3c:02:6a:b3:46:f6:
82:8b:2d:91:5b:6e:54:70:0e:79:e2:2c:31:b2:59:
a0:fb:66:e8:35:4c:dc:d6:27:7f:87:04:cf:50:97:
b1:0c:ba:63:82:ab:c8:a8:db:6e:ff:45:be:91:18:
57:f6:29:7e:84:12:e0:68:9a:0d:79:50:92:1b:7d:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A0:80:5A:AF:97:B6:52:0E:67:2F:0E:D4:29:90:90:64:CC:C7:46
X509v3 Authority Key Identifier:
keyid:42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/xaCAWq-XtlIOZy8O1CmQkGTMx0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.0.0/18
77.242.48.0/20
80.77.48.0/20
178.236.48.0/20
185.110.164.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:13:e3:a3:08:51:47:9d:63:38:3a:5f:5c:6c:a5:56:10:9e:
73:f7:9e:3e:66:26:88:b0:cf:99:57:0f:a2:77:c9:15:5e:8d:
ef:9f:88:77:d4:59:db:78:c6:a9:8b:4f:c5:e7:92:2c:9f:f1:
bf:03:0e:8f:a6:9a:2c:79:d5:ed:fb:16:36:f3:73:7d:89:a7:
a8:05:3b:28:2a:1a:9e:7c:92:9a:9a:9a:6b:a7:d5:ca:5d:ab:
61:d4:9b:09:01:c9:e6:c4:3e:1b:99:87:15:eb:4a:0e:b0:6e:
d5:8c:59:0b:be:d4:6c:e0:11:18:d9:ca:c4:a3:92:be:b3:aa:
18:9d:0a:73:68:6d:a2:44:34:2f:2d:2f:ce:c6:24:90:0c:e5:
36:39:ab:e0:d9:22:c2:6b:98:76:c2:85:4d:82:53:c9:9e:f4:
c8:48:7b:5e:1d:9c:4e:16:5a:a8:78:ed:d3:e7:3c:fc:79:29:
fd:6f:62:b3:4b:7d:12:dc:bd:c7:3e:69:50:e4:91:72:44:25:
b3:1e:fe:ac:77:ea:bb:fa:13:e8:d9:02:f5:3e:91:c4:57:a3:
5f:8a:f2:ae:84:79:d4:c5:7c:17:8f:26:28:05:28:81:64:e4:
f8:0e:72:e2:f5:25:00:35:78:d5:63:71:76:87:83:38:94:3f:
f6:91:41:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxMI6xmAI9TYdwvXhCL9e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGUyN2ZhODg3OTA1ZTBjOWMxZjUzZjY3ZjIzZjI5NmQw
NDVmMGUwHhcNMjMwMTAyMDYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWEwODA1YWFmOTdiNjUyMGU2NzJmMGVkNDI5OTA5MDY0Y2NjNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTGMJmkkpSDv7S/8dg86vSpjmCgX
HrxAkuusqFy7oegGib261f7evC+HPF8hPiqogbvNs1BgpdEH1hV6OtZ1CqWo+4iK
W6EhnZiDTi+YvwSLpTlqljvsOI/gyITXzdqWNcaOW2IBho4kx8Ost/wHDT281gCv
3FiL3PrzZ/7l7YEJeiwP80fmbruRMfqig1hWVOODlFxPoX5/YzCa7lgeZkI2YRcr
NDGcZZ/RRVcFWkKh5A1EOU9cBCY14M08AmqzRvaCiy2RW25UcA554iwxslmg+2bo
NUzc1id/hwTPUJexDLpjgqvIqNtu/0W+kRhX9il+hBLgaJoNeVCSG30XVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMWggFqvl7ZSDmcvDtQpkJBkzMdGMB8GA1UdIwQY
MBaAFELeJ/qIeQXgycH1P2fyPyltBF8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQt
ZDI5YjdkNDc4NjMxLzEveGFDQVdxLVh0bElPWnk4TzFDbVFrR1RNeDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQtZDI5YjdkNDc4NjMx
LzEvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGH8AAAwQE
TfIwAwQEUE0wAwQEsuwwAwQCuW6kMA0GCSqGSIb3DQEBCwUAA4IBAQAaE+OjCFFH
nWM4Ol9cbKVWEJ5z954+ZiaIsM+ZVw+id8kVXo3vn4h31FnbeMapi0/F55Isn/G/
Aw6PpposedXt+xY283N9iaeoBTsoKhqefJKampprp9XKXath1JsJAcnmxD4bmYcV
60oOsG7VjFkLvtRs4BEY2crEo5K+s6oYnQpzaG2iRDQvLS/OxiSQDOU2Oavg2SLC
a5h2woVNglPJnvTISHteHZxOFlqoeO3T5zz8eSn9b2KzS30S3L3HPmlQ5JFyRCWz
Hv6sd+q7+hPo2QL1PpHEV6NfivKuhHnUxXwXjyYoBSiBZOT4DnLi9SUANXjVY3F2
h4M4lD/2kUGL
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:08 2024 by rpki-client on console.sobornost.net