Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/_vqSSTBptKaBnruLCFkUWzg0-JI.roa
File: _vqSSTBptKaBnruLCFkUWzg0-JI.roa (raw, json)
Hash identifier: 3dy1Ko8DgZ0sXuYycydv1PDyGPCDECEm+WyI3bI1N/4=
Subject key identifier: FE:FA:92:49:30:69:B4:A6:81:9E:BB:8B:08:59:14:5B:38:34:F8:92
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018BEC51208102F468CFDE450B9F8F97169E
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/_vqSSTBptKaBnruLCFkUWzg0-JI.roa
Signing time: Mon 20 Nov 2023 10:40:21 +0000
ROA not before: Mon 20 Nov 2023 10:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34342
IP address blocks: 128.204.220.0/23 maxlen: 23
77.79.225.0/25 maxlen: 25
185.2.112.0/22 maxlen: 22
77.79.244.0/22 maxlen: 22
195.167.156.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
85.232.248.0/24 maxlen: 24
2001:1a68:19:400::/54 maxlen: 54
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:51:20:81:02:f4:68:cf:de:45:0b:9f:8f:97:16:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Nov 20 10:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fefa92493069b4a6819ebb8b0859145b3834f892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3b:d1:5b:5a:da:eb:17:13:3f:64:a4:f9:02:
b5:0b:36:63:46:4a:86:b8:72:21:b8:ad:77:65:4f:
f0:45:4e:1a:9a:61:3e:23:64:c4:c8:72:7c:39:56:
17:3e:d5:3d:7c:c2:20:52:60:5b:b6:1b:1f:43:07:
88:06:a8:ad:e3:fc:0b:3d:49:02:34:cc:40:dc:66:
b3:1b:50:14:39:b8:2f:e2:b9:a6:02:b0:7e:f6:11:
20:c8:c6:6d:1e:93:b9:ae:07:e3:34:6b:de:3c:98:
8f:30:78:1b:2e:e7:ba:97:8a:93:50:1d:78:c3:72:
92:d0:5d:84:9e:56:14:46:cc:11:e4:df:52:8b:1d:
8f:91:13:d5:ec:1a:11:52:37:dc:c5:64:51:93:d5:
c1:e0:b6:1f:6f:8b:a6:9c:d3:19:7f:3e:6b:6b:94:
23:85:db:a8:de:38:72:b7:64:24:28:e0:cb:6a:c4:
84:ca:65:cd:44:c6:92:6f:55:82:b1:2c:dc:e9:14:
89:35:39:49:01:d2:87:4b:c6:cc:ce:18:8a:60:16:
7c:88:e4:84:06:0b:13:fd:53:92:4d:4b:47:a5:a2:
2e:14:72:19:44:18:19:bf:a7:06:30:6a:5b:cf:f0:
47:df:37:a2:e8:f4:04:3f:e2:3a:6a:3c:a3:23:15:
18:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FA:92:49:30:69:B4:A6:81:9E:BB:8B:08:59:14:5B:38:34:F8:92
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/_vqSSTBptKaBnruLCFkUWzg0-JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.225.0/25
77.79.244.0/22
85.232.248.0/24
128.204.220.0/23
185.2.112.0/22
195.167.156.0/23
IPv6:
2001:1a68:19:400::/54
Signature Algorithm: sha256WithRSAEncryption
39:c8:cc:32:15:83:e2:8b:0c:bf:97:a5:2f:73:a9:7d:1a:b4:
c1:f6:74:26:4c:6f:79:7f:da:03:40:21:e5:34:2c:a6:3b:81:
f4:be:0b:8a:41:a7:a1:50:63:c0:97:b6:34:f8:e9:18:15:7d:
3d:99:22:7b:f9:b9:92:44:78:db:a8:e3:20:9e:cb:88:29:a3:
e8:80:f9:c1:db:40:3f:4d:2a:68:3f:cf:21:4e:30:e2:a9:82:
2b:2d:f3:2a:83:00:d1:2f:b2:7c:dd:28:d2:e8:6b:4f:e7:50:
b7:05:c1:f1:40:fc:91:d9:76:10:d7:9a:88:65:b5:58:df:64:
33:f6:08:0d:af:02:e2:a0:45:b7:f9:15:e2:8d:b9:36:9f:ea:
9b:42:35:13:3a:38:d4:91:e0:56:fc:65:bf:bb:d3:9e:da:4a:
eb:59:46:b3:97:45:7d:0a:9e:80:53:de:80:83:b7:4a:2c:21:
47:33:84:a1:70:b3:0c:80:5f:e6:d1:57:7d:82:20:b0:ff:eb:
7e:94:a3:5d:00:e1:8c:7e:c1:ea:e3:bd:57:61:a7:54:b2:7f:
ed:a2:8d:ca:2d:88:12:25:dd:40:26:1e:2e:17:4e:34:72:2f:
45:4c:29:bc:8b:2d:ae:89:de:ee:32:5f:b7:02:bd:93:53:1f:
4e:9f:e2:98
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYvsUSCBAvRoz95FC5+PlxaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMxMTIwMTA0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWZhOTI0OTMwNjliNGE2ODE5ZWJiOGIwODU5MTQ1YjM4MzRmODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzvRW1ra6xcTP2Sk+QK1CzZjRkqG
uHIhuK13ZU/wRU4ammE+I2TEyHJ8OVYXPtU9fMIgUmBbthsfQweIBqit4/wLPUkC
NMxA3GazG1AUObgv4rmmArB+9hEgyMZtHpO5rgfjNGvePJiPMHgbLue6l4qTUB14
w3KS0F2EnlYURswR5N9Six2PkRPV7BoRUjfcxWRRk9XB4LYfb4umnNMZfz5ra5Qj
hduo3jhyt2QkKODLasSEymXNRMaSb1WCsSzc6RSJNTlJAdKHS8bMzhiKYBZ8iOSE
BgsT/VOSTUtHpaIuFHIZRBgZv6cGMGpbz/BH3zei6PQEP+I6ajyjIxUYpQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFP76kkkwabSmgZ67iwhZFFs4NPiSMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvX3ZxU1NUQnB0S2FCbnJ1TENGa1VXemcwLUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzArBAIAATAlAwUHTU/hAAME
Ak1P9AMEAFXo+AMEAYDM3AMEArkCcAMEAcOnnDAQBAIAAjAKAwgCIAEaaAAZBDAN
BgkqhkiG9w0BAQsFAAOCAQEAOcjMMhWD4osMv5elL3OpfRq0wfZ0JkxveX/aA0Ah
5TQspjuB9L4LikGnoVBjwJe2NPjpGBV9PZkie/m5kkR426jjIJ7LiCmj6ID5wdtA
P00qaD/PIU4w4qmCKy3zKoMA0S+yfN0o0uhrT+dQtwXB8UD8kdl2ENeaiGW1WN9k
M/YIDa8C4qBFt/kV4o25Np/qm0I1Ezo41JHgVvxlv7vTntpK61lGs5dFfQqegFPe
gIO3SiwhRzOEoXCzDIBf5tFXfYIgsP/rfpSjXQDhjH7B6uO9V2GnVLJ/7aKNyi2I
EiXdQCYeLhdONHIvRUwpvIstrone7jJftwK9k1MfTp/imA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:15 2024 by rpki-client on console.sobornost.net