Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/o-AyN83GPYCV5ceQC7ZKMJAc4Mk.roa
File: o-AyN83GPYCV5ceQC7ZKMJAc4Mk.roa (raw, json)
Hash identifier: sTOWUhACga+E0aHEgvU3uZuZhzePE0MoMCtTKQdAd44=
Subject key identifier: A3:E0:32:37:CD:C6:3D:80:95:E5:C7:90:0B:B6:4A:30:90:1C:E0:C9
Certificate issuer: /CN=88a8d325f97b03713342682fc408d53368740e7d
Certificate serial: 018571DE8049548035F0B28743EB374403C7
Authority key identifier: 88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/o-AyN83GPYCV5ceQC7ZKMJAc4Mk.roa
Signing time: Mon 02 Jan 2023 09:44:45 +0000
ROA not before: Mon 02 Jan 2023 09:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60895
IP address blocks: 185.23.112.0/22 maxlen: 22
185.23.112.0/24 maxlen: 24
185.23.112.0/23 maxlen: 23
185.23.115.0/24 maxlen: 24
185.23.114.0/24 maxlen: 24
185.23.114.0/23 maxlen: 23
185.23.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:80:49:54:80:35:f0:b2:87:43:eb:37:44:03:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a8d325f97b03713342682fc408d53368740e7d
Validity
Not Before: Jan 2 09:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3e03237cdc63d8095e5c7900bb64a30901ce0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cd:71:dc:df:c9:c4:2f:5b:5a:fa:8a:b4:d9:
eb:3a:ee:1a:16:b8:80:1c:e0:a7:9d:60:f0:64:65:
16:5a:af:d1:fe:6e:7c:48:b3:ee:bb:b0:eb:26:06:
5a:df:a9:61:c9:4a:18:25:dd:24:10:b4:dc:dc:f9:
ef:4f:d2:b8:50:33:0a:5d:b8:e5:62:49:c6:08:be:
41:ec:d0:bc:0f:27:a7:26:9c:f7:dd:f3:a9:f1:f3:
e5:18:89:93:b1:e6:27:c0:ab:39:64:75:b3:f6:47:
14:b4:f4:9c:9e:bb:7c:9a:ba:6f:14:52:52:f2:46:
35:e4:f7:81:f3:23:bc:76:a8:6e:7c:54:a3:da:cd:
f0:79:67:8a:eb:b3:51:c4:aa:88:08:ce:55:c4:b2:
c9:20:cf:27:bd:ca:02:f7:07:63:9d:d4:b1:17:31:
94:db:42:71:3e:cf:3d:ab:b3:e0:dd:69:39:62:c8:
8e:d4:02:db:dc:bf:32:4f:02:8e:68:8d:2f:7c:9d:
16:c9:3f:6c:49:65:6a:bc:a4:0a:d6:6a:e8:39:49:
d4:f0:fe:4d:7c:ac:35:03:2b:72:87:86:e9:54:36:
b1:49:fe:4b:d3:fc:85:a5:34:6c:05:e0:6f:94:c8:
e1:b1:46:04:37:3c:c8:d2:19:50:04:46:9d:67:c6:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E0:32:37:CD:C6:3D:80:95:E5:C7:90:0B:B6:4A:30:90:1C:E0:C9
X509v3 Authority Key Identifier:
keyid:88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/o-AyN83GPYCV5ceQC7ZKMJAc4Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.112.0/22
Signature Algorithm: sha256WithRSAEncryption
70:f8:4f:21:0b:2a:66:25:5e:9d:03:64:f0:f3:b0:87:3f:2c:
8b:be:6a:ca:cd:cb:cf:95:fa:88:68:cb:8a:24:20:c8:ca:85:
c7:17:7c:3e:6f:e6:a0:04:3d:67:04:50:d0:f5:9e:02:eb:1f:
4d:64:92:4c:3b:6e:0e:2f:95:b9:bb:f2:d6:dd:d6:1f:32:47:
68:0e:3e:68:88:c2:c2:b6:0d:c9:31:c3:a5:9a:20:94:54:f7:
99:a8:d9:98:2b:58:66:87:d7:a2:cf:65:06:fa:4f:90:2c:22:
bc:be:4f:8a:e3:fc:ca:50:b4:f6:ee:b7:50:21:00:7f:66:1e:
27:20:7b:4e:50:79:8f:ea:ab:8e:78:8a:4c:00:da:68:e1:cd:
78:44:ef:5a:ad:a4:d6:03:0f:45:a6:c4:39:4a:52:cd:15:bf:
87:e0:d5:80:6d:d9:d7:65:f4:0c:c8:b6:70:d5:57:e2:03:b9:
ef:ff:d1:6a:f5:28:d2:84:bd:9a:1c:64:6c:ce:ae:eb:7f:26:
83:0a:2e:51:47:d4:2a:60:47:75:50:5c:51:d7:88:70:20:e5:
71:80:13:86:5a:08:89:df:a5:be:da:c4:83:fd:d9:b4:7c:bf:
0f:71:ed:4c:6e:15:d7:07:b5:9d:3c:41:3b:05:35:e5:0d:16:
78:f2:b9:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3oBJVIA18LKHQ+s3RAPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YThkMzI1Zjk3YjAzNzEzMzQyNjgyZmM0MDhkNTMzNjg3
NDBlN2QwHhcNMjMwMTAyMDk0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UwMzIzN2NkYzYzZDgwOTVlNWM3OTAwYmI2NGEzMDkwMWNlMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg81x3N/JxC9bWvqKtNnrOu4aFriA
HOCnnWDwZGUWWq/R/m58SLPuu7DrJgZa36lhyUoYJd0kELTc3PnvT9K4UDMKXbjl
YknGCL5B7NC8DyenJpz33fOp8fPlGImTseYnwKs5ZHWz9kcUtPScnrt8mrpvFFJS
8kY15PeB8yO8dqhufFSj2s3weWeK67NRxKqICM5VxLLJIM8nvcoC9wdjndSxFzGU
20JxPs89q7Pg3Wk5YsiO1ALb3L8yTwKOaI0vfJ0WyT9sSWVqvKQK1mroOUnU8P5N
fKw1Aytyh4bpVDaxSf5L0/yFpTRsBeBvlMjhsUYENzzI0hlQBEadZ8bS2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPgMjfNxj2AleXHkAu2SjCQHODJMB8GA1UdIwQY
MBaAFIio0yX5ewNxM0JoL8QI1TNodA59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAt
Y2YwM2ZhNGNhMDgzLzEvby1BeU44M0dQWUNWNWNlUUM3WktNSkFjNE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAtY2YwM2ZhNGNhMDgz
LzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRdwMA0G
CSqGSIb3DQEBCwUAA4IBAQBw+E8hCypmJV6dA2Tw87CHPyyLvmrKzcvPlfqIaMuK
JCDIyoXHF3w+b+agBD1nBFDQ9Z4C6x9NZJJMO24OL5W5u/LW3dYfMkdoDj5oiMLC
tg3JMcOlmiCUVPeZqNmYK1hmh9eiz2UG+k+QLCK8vk+K4/zKULT27rdQIQB/Zh4n
IHtOUHmP6quOeIpMANpo4c14RO9araTWAw9FpsQ5SlLNFb+H4NWAbdnXZfQMyLZw
1VfiA7nv/9Fq9SjShL2aHGRszq7rfyaDCi5RR9QqYEd1UFxR14hwIOVxgBOGWgiJ
36W+2sSD/dm0fL8Pce1MbhXXB7WdPEE7BTXlDRZ48rlX
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:11 2024 by rpki-client on console.sobornost.net