Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/8i3cMsiNH02ww-dNxrvPyAmEgzU.roa
File: 8i3cMsiNH02ww-dNxrvPyAmEgzU.roa (raw, json)
Hash identifier: Rh9Lst95wsf+KLclUG3y2KXYjaIY3w4RMlOG4NN5TXY=
Subject key identifier: F2:2D:DC:32:C8:8D:1F:4D:B0:C3:E7:4D:C6:BB:CF:C8:09:84:83:35
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 01856E01D3870887DD60DCB6B9DE74DC0966
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/8i3cMsiNH02ww-dNxrvPyAmEgzU.roa
Signing time: Sun 01 Jan 2023 15:44:51 +0000
ROA not before: Sun 01 Jan 2023 15:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.46.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.24.0/24 maxlen: 24
195.66.27.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
195.66.29.0/24 maxlen: 24
195.66.28.0/24 maxlen: 24
195.66.31.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:d3:87:08:87:dd:60:dc:b6:b9:de:74:dc:09:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Jan 1 15:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f22ddc32c88d1f4db0c3e74dc6bbcfc809848335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:aa:49:9b:61:14:a9:ac:e9:b7:e9:0a:88:
e3:32:45:7b:cb:c3:db:08:a7:e6:8c:e1:80:df:db:
77:84:3d:e0:b3:f8:38:89:74:25:07:0d:2f:64:7e:
2c:8b:cc:1b:eb:f5:82:fe:96:cd:4d:d7:cb:55:fd:
59:71:6c:1f:aa:3e:b3:b8:6b:55:e9:37:a9:d2:d2:
e9:6a:94:a8:b8:90:8e:f0:01:01:92:1b:de:05:2c:
07:b0:48:2f:03:3f:a9:5b:3a:3b:b1:55:a4:d7:3c:
dd:76:6b:67:fe:49:dd:3f:ff:6f:92:f7:fe:be:a4:
45:b1:d7:93:30:6e:d5:ea:17:11:fd:fd:ed:58:46:
30:4f:f0:78:ad:ef:8c:ee:f5:0f:ce:12:b0:d6:2a:
fc:2a:f5:f1:6f:d2:c5:70:f7:b6:9b:1a:a9:3a:47:
f9:bb:c4:a1:09:c1:fe:99:c4:a0:77:95:9d:d2:1f:
90:c4:14:25:cf:3a:02:7d:2d:f6:cc:19:95:b2:3e:
fa:f6:3a:f3:9a:c5:db:f8:79:e6:96:22:97:3b:1f:
ea:67:50:4a:9d:b0:d6:66:2f:e2:39:b9:ac:a5:58:
f7:08:01:58:1c:c1:7c:2c:83:c2:9a:94:a6:bc:ef:
7a:95:34:b9:9c:e4:56:40:e2:8f:9e:22:a5:7a:19:
cb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2D:DC:32:C8:8D:1F:4D:B0:C3:E7:4D:C6:BB:CF:C8:09:84:83:35
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/8i3cMsiNH02ww-dNxrvPyAmEgzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.46.0/23
193.238.68.0/22
195.66.24.0-195.66.29.255
195.66.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:5a:23:a2:45:91:ea:c1:08:41:09:e8:3e:91:65:74:b2:d1:
a2:3d:2a:c7:a6:06:f6:e2:d1:8b:f4:98:0e:7e:28:b6:6c:8e:
07:86:33:e3:ac:62:f5:7c:6e:1d:67:df:ba:ed:c8:f5:e9:2a:
0f:6e:0f:51:bd:d9:a8:d3:5a:eb:c1:a5:75:5c:a2:42:8a:10:
79:0d:21:50:b2:aa:65:ad:fc:f0:a8:0d:67:51:25:74:8c:67:
d6:32:2b:89:de:d3:44:a8:72:a6:b8:3e:6c:af:c2:ae:cf:62:
e0:d9:0b:13:c5:5d:81:fa:e6:c8:e9:ea:92:a4:e5:f8:53:30:
55:e7:6f:78:37:b9:e2:ce:47:07:31:83:5e:78:f6:3d:ea:c0:
11:30:06:13:e7:df:ff:8e:cd:46:b9:2c:53:9d:56:89:ed:08:
5f:3b:02:6f:11:2f:90:b8:95:28:09:88:2d:78:b3:f9:b0:fb:
82:73:79:d9:22:5c:f0:4c:f5:cc:8e:ab:1b:b9:fb:69:2c:23:
33:64:ed:f9:cc:9f:87:ef:95:66:fd:ae:78:dc:fc:9f:a1:67:
a3:68:f4:a0:bb:7a:39:2b:25:6b:ca:f7:3f:bd:40:b7:7a:88:
13:03:50:24:36:9b:4f:eb:ae:f5:91:2e:70:ed:a9:33:fb:0a:
05:38:cf:2b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVuAdOHCIfdYNy2ud503AlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjMwMTAxMTU0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJkZGMzMmM4OGQxZjRkYjBjM2U3NGRjNmJiY2ZjODA5ODQ4MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1KqSZthFKms6bfpCojjMkV7y8Pb
CKfmjOGA39t3hD3gs/g4iXQlBw0vZH4si8wb6/WC/pbNTdfLVf1ZcWwfqj6zuGtV
6Tep0tLpapSouJCO8AEBkhveBSwHsEgvAz+pWzo7sVWk1zzddmtn/kndP/9vkvf+
vqRFsdeTMG7V6hcR/f3tWEYwT/B4re+M7vUPzhKw1ir8KvXxb9LFcPe2mxqpOkf5
u8ShCcH+mcSgd5Wd0h+QxBQlzzoCfS32zBmVsj769jrzmsXb+HnmliKXOx/qZ1BK
nbDWZi/iObmspVj3CAFYHMF8LIPCmpSmvO96lTS5nORWQOKPniKlehnLGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPIt3DLIjR9NsMPnTca7z8gJhIM1MB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvOGkzY01zaU5IMDJ3dy1kTnhydlB5QW1FZ3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBub4uAwQC
we5EMAwDBAPDQhgDBAHDQhwDBADDQh8wDQYJKoZIhvcNAQELBQADggEBAAxaI6JF
kerBCEEJ6D6RZXSy0aI9KsemBvbi0Yv0mA5+KLZsjgeGM+OsYvV8bh1n37rtyPXp
Kg9uD1G92ajTWuvBpXVcokKKEHkNIVCyqmWt/PCoDWdRJXSMZ9YyK4ne00Socqa4
Pmyvwq7PYuDZCxPFXYH65sjp6pKk5fhTMFXnb3g3ueLORwcxg1549j3qwBEwBhPn
3/+OzUa5LFOdVontCF87Am8RL5C4lSgJiC14s/mw+4JzedkiXPBM9cyOqxu5+2ks
IzNk7fnMn4fvlWb9rnjc/J+hZ6No9KC7ejkrJWvK9z+9QLd6iBMDUCQ2m0/rrvWR
LnDtqTP7CgU4zys=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net