Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/pAeun6Ob3nGMXkD8o-iRyFV39bo.roa
File: pAeun6Ob3nGMXkD8o-iRyFV39bo.roa (raw, json)
Hash identifier: 2249EjZPJB/cWApRfeHfkY4CTxWEzFzDPZjTTwTNp0M=
Subject key identifier: A4:07:AE:9F:A3:9B:DE:71:8C:5E:40:FC:A3:E8:91:C8:55:77:F5:BA
Certificate issuer: /CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Certificate serial: 018572E8077D0EE187ABEFE2D0EBF0EC86B4
Authority key identifier: EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/pAeun6Ob3nGMXkD8o-iRyFV39bo.roa
Signing time: Mon 02 Jan 2023 14:34:46 +0000
ROA not before: Mon 02 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58262
IP address blocks: 185.73.112.0/24 maxlen: 24
185.73.114.0/24 maxlen: 24
5.61.24.0/24 maxlen: 24
5.61.25.0/24 maxlen: 24
92.119.58.0/24 maxlen: 24
5.61.31.0/24 maxlen: 24
5.61.26.0/24 maxlen: 24
5.61.28.0/24 maxlen: 24
5.61.30.0/24 maxlen: 24
92.119.57.0/24 maxlen: 24
92.119.56.0/24 maxlen: 24
5.61.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:07:7d:0e:e1:87:ab:ef:e2:d0:eb:f0:ec:86:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Validity
Not Before: Jan 2 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a407ae9fa39bde718c5e40fca3e891c85577f5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6e:83:59:39:a7:c7:c7:58:db:97:6e:79:fd:
0d:0d:d3:fa:4f:ba:88:24:87:65:33:d0:8a:1d:4e:
35:52:b5:76:a5:3c:cb:f5:f2:16:4f:8e:5e:ba:80:
22:87:3f:18:97:c3:e9:1a:f3:35:d9:02:21:8d:98:
7e:63:ce:1e:41:43:7a:68:d0:79:c6:11:0b:0f:0b:
d6:a4:0e:fd:e2:e8:02:48:d0:3e:fd:80:8a:71:b9:
d8:eb:ab:97:ca:a0:98:e3:99:71:e3:fc:c8:e2:8c:
63:1d:0b:af:39:3c:8b:ec:ff:c3:33:2a:11:86:fc:
f5:21:af:fc:46:71:7d:7e:d7:89:2d:95:d8:0a:47:
1f:83:20:19:0f:25:82:f9:0b:dc:84:2a:91:57:84:
22:22:56:3d:4e:4e:04:01:65:78:33:8d:b4:60:b8:
b0:70:6c:c1:44:d2:52:08:bc:9a:02:8a:22:38:20:
d8:7e:d4:32:c3:73:04:3e:4d:59:58:93:4f:d9:11:
23:84:c3:7c:f4:dd:85:7a:bd:cf:c2:f1:f7:46:4f:
5d:7d:12:26:38:64:a6:0b:5a:ae:7d:77:6b:dc:10:
fd:c0:db:6e:64:71:61:74:a4:c3:16:43:a4:3a:f9:
c0:1e:af:3f:3a:b4:2d:18:97:eb:06:db:42:f7:1f:
5b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:07:AE:9F:A3:9B:DE:71:8C:5E:40:FC:A3:E8:91:C8:55:77:F5:BA
X509v3 Authority Key Identifier:
keyid:EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/pAeun6Ob3nGMXkD8o-iRyFV39bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/7Er2_cFtaK4mqg6rViPmviFwNsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.24.0-5.61.26.255
5.61.28.0/22
92.119.56.0-92.119.58.255
185.73.112.0/24
185.73.114.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c2:50:5c:39:13:3c:96:cf:88:0d:52:97:ed:0c:e5:22:ca:
09:6f:c2:2f:f1:ac:e6:16:4e:80:e4:b6:69:66:22:64:1f:24:
47:8d:50:b7:59:26:5d:e4:f3:e1:24:a7:a2:db:74:96:b7:b2:
5c:cd:9d:9f:24:e1:7e:7c:47:e7:29:65:ad:81:55:0a:87:ac:
cc:be:7b:09:e9:85:91:c7:41:ef:e3:17:0f:1b:99:ba:22:aa:
5e:94:8e:48:80:6f:54:53:82:22:6b:65:5a:a7:68:d2:ed:df:
ac:0f:c1:fc:5c:0d:e7:b4:03:0d:6c:80:46:52:58:cd:ec:68:
ee:32:d3:8e:e7:71:02:71:3a:a2:93:5f:04:3f:38:5f:8f:47:
f3:b6:7f:e2:7e:92:75:8e:fd:22:84:55:ac:f3:f3:b7:09:2d:
0c:88:50:cb:96:f1:16:71:74:1e:ff:2c:7c:19:81:83:7b:26:
b2:77:7a:5c:77:16:f4:03:55:07:e6:2e:c1:e0:d0:1c:1c:69:
99:90:2a:15:39:57:8e:b5:80:6e:6a:20:3a:d6:9f:50:80:78:
a2:f1:cd:c8:88:f7:2f:4b:56:b7:59:3b:5d:46:ce:b9:0e:fa:
4b:46:87:dd:27:d0:ee:21:51:86:d8:82:98:cf:2a:09:62:21:
31:ac:95:e8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVy6Ad9DuGHq+/i0Ovw7Ia0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGFmNmZkYzE2ZDY4YWUyNmFhMGVhYjU2MjNlNmJlMjE3
MDM2YzEwHhcNMjMwMTAyMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA3YWU5ZmEzOWJkZTcxOGM1ZTQwZmNhM2U4OTFjODU1NzdmNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm6DWTmnx8dY25duef0NDdP6T7qI
JIdlM9CKHU41UrV2pTzL9fIWT45euoAihz8Yl8PpGvM12QIhjZh+Y84eQUN6aNB5
xhELDwvWpA794ugCSNA+/YCKcbnY66uXyqCY45lx4/zI4oxjHQuvOTyL7P/DMyoR
hvz1Ia/8RnF9fteJLZXYCkcfgyAZDyWC+QvchCqRV4QiIlY9Tk4EAWV4M420YLiw
cGzBRNJSCLyaAooiOCDYftQyw3MEPk1ZWJNP2REjhMN89N2Fer3PwvH3Rk9dfRIm
OGSmC1qufXdr3BD9wNtuZHFhdKTDFkOkOvnAHq8/OrQtGJfrBttC9x9bfQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKQHrp+jm95xjF5A/KPokchVd/W6MB8GA1UdIwQY
MBaAFOxK9v3BbWiuJqoOq1Yj5r4hcDbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAt
MzgyNWJmMzNlNGVjLzEvcEFldW42T2IzbkdNWGtEOG8taVJ5RlYzOWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAtMzgyNWJmMzNlNGVj
LzEvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAMFPRgD
BAAFPRoDBAIFPRwwDAMEA1x3OAMEAFx3OgMEALlJcAMEALlJcjANBgkqhkiG9w0B
AQsFAAOCAQEAlMJQXDkTPJbPiA1Sl+0M5SLKCW/CL/Gs5hZOgOS2aWYiZB8kR41Q
t1kmXeTz4SSnott0lreyXM2dnyThfnxH5yllrYFVCoeszL57CemFkcdB7+MXDxuZ
uiKqXpSOSIBvVFOCImtlWqdo0u3frA/B/FwN57QDDWyARlJYzexo7jLTjudxAnE6
opNfBD84X49H87Z/4n6SdY79IoRVrPPztwktDIhQy5bxFnF0Hv8sfBmBg3smsnd6
XHcW9ANVB+YuweDQHBxpmZAqFTlXjrWAbmogOtafUIB4ovHNyIj3L0tWt1k7XUbO
uQ76S0aH3SfQ7iFRhtiCmM8qCWIhMayV6A==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:05 2024 by rpki-client on console.sobornost.net