Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/XIqh0StXBdo0T0t21lMyp3FdIIQ.roa
File: XIqh0StXBdo0T0t21lMyp3FdIIQ.roa (raw, json)
Hash identifier: nZRQG5Q6rk1Vd8OZPIIVZr0SCj+DfCatFOFboI+Rzq0=
Subject key identifier: 5C:8A:A1:D1:2B:57:05:DA:34:4F:4B:76:D6:53:32:A7:71:5D:20:84
Certificate issuer: /CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Certificate serial: 018C1586BF730D8E6A29397874533758B5A0
Authority key identifier: 82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/XIqh0StXBdo0T0t21lMyp3FdIIQ.roa
Signing time: Tue 28 Nov 2023 10:43:21 +0000
ROA not before: Tue 28 Nov 2023 10:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12565
IP address blocks: 91.211.164.0/24 maxlen: 24
91.211.164.0/22 maxlen: 22
91.211.166.0/24 maxlen: 24
91.211.165.0/24 maxlen: 24
91.211.167.0/24 maxlen: 24
185.76.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:86:bf:73:0d:8e:6a:29:39:78:74:53:37:58:b5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Validity
Not Before: Nov 28 10:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c8aa1d12b5705da344f4b76d65332a7715d2084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:27:8c:3d:02:42:df:54:0c:3a:b4:c7:ba:
da:a0:79:45:24:b3:55:0c:81:78:6b:5a:50:26:24:
76:83:00:e1:66:67:5b:b6:07:3b:a7:2b:b9:98:17:
b7:fe:bf:b4:3e:81:21:b5:15:e0:e7:cd:13:d6:c1:
89:c6:9e:ca:5c:0e:c3:34:4d:3f:d5:da:0d:bd:db:
d8:7c:42:98:9a:06:d6:5f:e3:1f:d4:c7:20:7f:6f:
dd:ba:69:86:5d:6c:c9:39:48:f2:d1:3e:89:e2:71:
d4:89:61:05:d1:d9:f1:7f:62:b2:bf:f3:c4:44:03:
f4:4c:59:6b:2c:71:ed:01:d0:38:6a:5f:97:d5:97:
25:8d:79:32:bf:f4:b2:36:25:b4:61:25:5b:b7:da:
8a:49:b2:47:8c:f3:8b:82:3c:5e:98:ec:e3:1a:b3:
68:48:9d:a7:d8:9d:f8:59:24:20:53:07:d9:ff:bc:
aa:09:1c:f1:ad:87:ff:55:ea:20:aa:7a:7c:cf:b7:
73:2f:4d:a6:e4:da:f2:9b:e2:91:ab:d9:cb:9a:95:
b8:80:bc:26:3e:9a:54:1f:65:b2:c6:91:f1:61:49:
90:2d:13:82:06:78:35:9d:05:41:33:45:d9:5d:95:
b1:f2:71:d4:64:c6:e9:82:0a:4f:93:44:fc:bc:21:
ad:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8A:A1:D1:2B:57:05:DA:34:4F:4B:76:D6:53:32:A7:71:5D:20:84
X509v3 Authority Key Identifier:
keyid:82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/XIqh0StXBdo0T0t21lMyp3FdIIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/guX7w-pSWnjGMMTahkuppg4Zm_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.164.0/22
185.76.24.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:50:30:f0:39:a1:f7:a0:f2:a0:9c:6f:2e:31:37:6c:8f:25:
9f:dc:82:c0:80:8b:bf:e3:e0:24:85:8d:3f:af:dc:48:aa:20:
e1:8d:b0:f4:4f:73:18:f3:2e:a9:e0:94:97:83:93:d5:a0:58:
56:31:d0:76:f2:11:0a:1a:dd:01:9b:73:55:fc:ed:5e:24:e2:
23:19:b2:9b:0b:57:d4:17:6f:31:84:6c:02:b5:c0:ee:bb:34:
62:bf:bc:79:48:c7:02:cc:ba:a1:db:46:e0:1d:47:19:45:88:
0f:48:10:40:65:6d:1f:88:a9:ee:1c:19:06:6d:cf:47:54:0f:
1d:7d:0d:8e:c2:01:24:ee:e4:24:64:de:40:d2:51:a6:41:b0:
1b:29:95:e5:95:8a:49:9e:46:87:3b:ea:b9:42:80:cf:23:3c:
11:6e:6f:f4:01:51:cb:10:bc:9a:7c:84:61:22:f6:10:e9:12:
77:0a:78:12:91:1f:a9:46:f2:a9:5e:cb:64:a4:4d:71:27:78:
5c:14:c4:2a:6b:d0:e1:c3:e7:c0:79:08:c6:b4:e1:c4:7c:2d:
73:8e:09:0b:ab:e9:b2:4b:87:1d:65:62:9d:0b:b7:48:40:1f:
fd:72:bd:a3:7f:9a:e2:52:6b:a9:c5:8d:48:49:48:ce:27:00:
c7:1e:2a:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwVhr9zDY5qKTl4dFM3WLWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTVmYmMzZWE1MjVhNzhjNjMwYzRkYTg2NGJhOWE2MGUx
OTliZmYwHhcNMjMxMTI4MTA0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhhYTFkMTJiNTcwNWRhMzQ0ZjRiNzZkNjUzMzJhNzcxNWQyMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGwnjD0CQt9UDDq0x7raoHlFJLNV
DIF4a1pQJiR2gwDhZmdbtgc7pyu5mBe3/r+0PoEhtRXg580T1sGJxp7KXA7DNE0/
1doNvdvYfEKYmgbWX+Mf1Mcgf2/dummGXWzJOUjy0T6J4nHUiWEF0dnxf2Kyv/PE
RAP0TFlrLHHtAdA4al+X1ZcljXkyv/SyNiW0YSVbt9qKSbJHjPOLgjxemOzjGrNo
SJ2n2J34WSQgUwfZ/7yqCRzxrYf/Veogqnp8z7dzL02m5Nrym+KRq9nLmpW4gLwm
PppUH2WyxpHxYUmQLROCBng1nQVBM0XZXZWx8nHUZMbpggpPk0T8vCGtQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFyKodErVwXaNE9LdtZTMqdxXSCEMB8GA1UdIwQY
MBaAFILl+8PqUlp4xjDE2oZLqaYOGZv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMt
OTNkZDY1MDc0ODhlLzEvWElxaDBTdFhCZG8wVDB0MjFsTXlwM0ZkSUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMtOTNkZDY1MDc0ODhl
LzEvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9OkAwQA
uUwYMA0GCSqGSIb3DQEBCwUAA4IBAQBcUDDwOaH3oPKgnG8uMTdsjyWf3ILAgIu/
4+AkhY0/r9xIqiDhjbD0T3MY8y6p4JSXg5PVoFhWMdB28hEKGt0Bm3NV/O1eJOIj
GbKbC1fUF28xhGwCtcDuuzRiv7x5SMcCzLqh20bgHUcZRYgPSBBAZW0fiKnuHBkG
bc9HVA8dfQ2OwgEk7uQkZN5A0lGmQbAbKZXllYpJnkaHO+q5QoDPIzwRbm/0AVHL
ELyafIRhIvYQ6RJ3CngSkR+pRvKpXstkpE1xJ3hcFMQqa9Dhw+fAeQjGtOHEfC1z
jgkLq+myS4cdZWKdC7dIQB/9cr2jf5riUmupxY1ISUjOJwDHHioo
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:57 2024 by rpki-client on console.sobornost.net