Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/BIXjtzo48xBA6hXimhsDZgYbJs4.roa
File: BIXjtzo48xBA6hXimhsDZgYbJs4.roa (raw, json)
Hash identifier: yHCfKQ6Qgg4ez/n5s04nalymVdWvoim6HDyMjv5o1tI=
Subject key identifier: 04:85:E3:B7:3A:38:F3:10:40:EA:15:E2:9A:1B:03:66:06:1B:26:CE
Certificate issuer: /CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
Certificate serial: 01857127771543004371261FDF1D2B8F9EDD
Authority key identifier: E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/BIXjtzo48xBA6hXimhsDZgYbJs4.roa
Signing time: Mon 02 Jan 2023 06:24:49 +0000
ROA not before: Mon 02 Jan 2023 06:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 109.228.0.0/18 maxlen: 24
217.174.240.0/20 maxlen: 24
93.90.192.0/20 maxlen: 24
79.99.40.0/21 maxlen: 24
77.68.0.0/17 maxlen: 24
185.132.36.0/22 maxlen: 24
88.208.192.0/18 maxlen: 24
213.171.192.0/19 maxlen: 24
185.132.40.0/22 maxlen: 24
2a00:da00::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:77:15:43:00:43:71:26:1f:df:1d:2b:8f:9e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
Validity
Not Before: Jan 2 06:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0485e3b73a38f31040ea15e29a1b0366061b26ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c1:1a:f7:ab:19:f4:f6:d6:59:5b:79:df:d4:
42:e9:16:ee:60:00:bf:dd:8b:ff:3d:50:c6:f2:bd:
cf:83:67:7c:26:d7:d4:a0:53:ec:c6:46:21:3d:46:
c7:dd:b6:c6:0d:a9:bf:6f:96:1b:6d:a7:29:37:3d:
f1:5a:fe:a6:0a:d9:f7:f5:30:06:c6:59:1b:bb:ea:
4d:78:f8:fb:49:fa:be:a6:f4:f5:64:f7:19:db:5f:
d4:47:d7:d9:89:2b:70:97:70:62:bd:a5:41:e7:c9:
46:24:d0:b2:00:15:03:67:5a:27:71:ff:27:7c:09:
38:61:a8:a5:25:ed:92:56:33:1e:87:bb:4f:9d:9f:
54:c4:1b:8e:36:2e:1b:9c:43:88:88:ef:a9:bf:15:
d0:99:b0:82:88:23:2b:6c:23:2e:9c:c4:a8:57:c5:
f2:1e:8e:0c:d0:7f:14:e9:85:cb:09:68:8d:d1:ad:
fa:a3:6b:bd:f9:62:ce:94:cd:5e:2f:de:aa:de:35:
94:1b:8a:94:9d:03:8a:97:8f:f0:9d:3a:b8:f2:c9:
0e:66:5f:f8:72:d8:67:c7:59:92:43:f0:ce:fa:84:
fc:52:b8:66:02:df:50:34:5d:61:fc:97:a5:f7:e0:
ec:28:f6:1d:c0:51:42:21:ea:58:1e:3b:f8:bd:73:
3d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:85:E3:B7:3A:38:F3:10:40:EA:15:E2:9A:1B:03:66:06:1B:26:CE
X509v3 Authority Key Identifier:
keyid:E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/BIXjtzo48xBA6hXimhsDZgYbJs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/55b_u99E78Ho4QIA1J2o7tCjtx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.68.0.0/17
79.99.40.0/21
88.208.192.0/18
93.90.192.0/20
109.228.0.0/18
185.132.36.0-185.132.43.255
213.171.192.0/19
217.174.240.0/20
IPv6:
2a00:da00::/32
Signature Algorithm: sha256WithRSAEncryption
81:9d:2f:56:3e:c7:97:ac:a9:60:69:97:e2:98:ff:0c:e0:ad:
86:f5:06:51:ab:3a:6f:ff:8c:9a:1b:6e:8b:91:3a:f0:cd:10:
5a:a4:c5:7c:6e:08:ba:e1:b6:79:85:23:75:1c:16:df:8f:61:
47:d6:b4:ee:75:bc:7b:6f:48:e2:d2:55:92:68:98:e3:8e:ee:
d5:7c:0a:c8:5f:9a:f5:50:f0:a5:df:9a:fe:14:b0:81:5d:0c:
71:3c:38:6a:1a:35:99:68:7f:dd:56:47:71:6c:e8:0a:91:be:
22:ce:37:64:07:95:a0:1b:55:1b:06:dc:f4:15:0a:02:01:a3:
3c:4d:48:cb:c1:70:37:83:9d:3b:1c:c8:d5:ef:f5:32:58:b2:
01:45:9a:ff:77:b0:60:c3:5d:c1:3a:3f:21:75:46:c5:03:49:
a8:e0:dc:0d:ce:e2:75:83:fe:f5:ce:df:06:84:47:19:b5:0a:
b2:25:d3:6c:e9:97:76:2b:ad:c0:29:55:50:41:51:59:27:c8:
ea:46:5c:53:2f:63:4e:55:c7:9d:e8:86:df:39:f8:ab:29:41:
7d:2c:13:a8:8d:3b:02:18:06:06:0d:e2:f6:c0:3d:c4:e9:53:
0d:82:7c:08:de:0c:a6:89:8a:a7:a7:15:b6:01:b0:dc:72:d5:
dd:77:4e:f5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVxJ3cVQwBDcSYf3x0rj57dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTZmZmJiZGY0NGVmYzFlOGUxMDIwMGQ0OWRhOGVlZDBh
M2I3MWUwHhcNMjMwMTAyMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg1ZTNiNzNhMzhmMzEwNDBlYTE1ZTI5YTFiMDM2NjA2MWIyNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsEa96sZ9PbWWVt539RC6RbuYAC/
3Yv/PVDG8r3Pg2d8JtfUoFPsxkYhPUbH3bbGDam/b5YbbacpNz3xWv6mCtn39TAG
xlkbu+pNePj7Sfq+pvT1ZPcZ21/UR9fZiStwl3BivaVB58lGJNCyABUDZ1oncf8n
fAk4YailJe2SVjMeh7tPnZ9UxBuONi4bnEOIiO+pvxXQmbCCiCMrbCMunMSoV8Xy
Ho4M0H8U6YXLCWiN0a36o2u9+WLOlM1eL96q3jWUG4qUnQOKl4/wnTq48skOZl/4
cthnx1mSQ/DO+oT8UrhmAt9QNF1h/Jel9+DsKPYdwFFCIepYHjv4vXM9SwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFASF47c6OPMQQOoV4pobA2YGGybOMB8GA1UdIwQY
MBaAFOeW/7vfRO/B6OECANSdqO7Qo7ceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAt
ZTQzMjJjOWRkZTljLzEvQklYanR6bzQ4eEJBNmhYaW1oc0RaZ1liSnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAtZTQzMjJjOWRkZTlj
LzEvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQHTUQAAwQD
T2MoAwQGWNDAAwQEXVrAAwQGbeQAMAwDBAK5hCQDBAK5hCgDBAXVq8ADBATZrvAw
DQQCAAIwBwMFACoA2gAwDQYJKoZIhvcNAQELBQADggEBAIGdL1Y+x5esqWBpl+KY
/wzgrYb1BlGrOm//jJobbouROvDNEFqkxXxuCLrhtnmFI3UcFt+PYUfWtO51vHtv
SOLSVZJomOOO7tV8CshfmvVQ8KXfmv4UsIFdDHE8OGoaNZlof91WR3Fs6AqRviLO
N2QHlaAbVRsG3PQVCgIBozxNSMvBcDeDnTscyNXv9TJYsgFFmv93sGDDXcE6PyF1
RsUDSajg3A3O4nWD/vXO3waERxm1CrIl02zpl3YrrcApVVBBUVknyOpGXFMvY05V
x53oht85+KspQX0sE6iNOwIYBgYN4vbAPcTpUw2CfAjeDKaJiqenFbYBsNxy1d13
TvU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:31 2024 by rpki-client on console.sobornost.net