Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/gaSAQkPQ0x1jc583WSXDana-mig.roa
File: gaSAQkPQ0x1jc583WSXDana-mig.roa (raw, json)
Hash identifier: Rn/fsXCtFjxhpiR3EENVLpxoHY0A2tsey3S460QBvHc=
Subject key identifier: 81:A4:80:42:43:D0:D3:1D:63:73:9F:37:59:25:C3:6A:76:BE:9A:28
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 01856E2FB0018535B6342E7E426282A3F982
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/gaSAQkPQ0x1jc583WSXDana-mig.roa
Signing time: Sun 01 Jan 2023 16:34:57 +0000
ROA not before: Sun 01 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35592
IP address blocks: 46.29.184.0/21 maxlen: 24
91.245.16.0/21 maxlen: 24
87.236.192.0/21 maxlen: 24
89.187.128.0/19 maxlen: 24
2a01:5f0::/32 maxlen: 64
2a01:5f0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b0:01:85:35:b6:34:2e:7e:42:62:82:a3:f9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81a4804243d0d31d63739f375925c36a76be9a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:2a:d1:01:6f:ee:d4:d0:e1:72:ff:cb:84:
ed:db:c6:2d:5f:d9:e4:ca:90:e9:e9:f6:f8:66:e4:
8e:3f:01:5d:a4:60:f8:e5:63:1c:20:31:1d:1e:96:
5e:b0:00:d8:2a:9f:e1:06:6d:7a:82:90:24:b5:b3:
d7:a8:14:59:dd:79:44:71:5f:a7:75:c9:12:b2:4d:
7e:8f:1c:89:45:9a:20:91:6b:bb:28:8c:97:b7:24:
d0:74:3e:f4:71:3f:76:5d:64:91:e3:41:18:f0:89:
b0:57:81:e0:ff:a2:44:92:a7:65:96:30:de:da:86:
4d:bb:61:89:64:c7:72:55:d0:3d:65:7d:18:a1:3d:
0e:3b:b7:f3:57:54:cf:8e:a3:6f:9d:36:98:da:fd:
91:83:24:d3:fc:85:60:06:b5:fc:fd:e8:cf:c7:7e:
2e:66:fe:6c:0e:bc:59:be:a5:1d:dd:56:27:40:c2:
a7:5e:2d:97:18:d9:8a:b1:37:af:85:a0:9a:71:53:
c5:5c:05:09:80:8a:cf:17:b9:47:94:84:9c:33:82:
ee:4b:de:22:ea:50:c0:e6:f7:1a:3d:48:6d:2b:74:
e0:fd:a7:d4:79:48:b2:37:ad:a5:97:b0:40:85:38:
35:13:c0:57:c0:a3:7c:38:23:45:45:cd:3d:38:ec:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:80:42:43:D0:D3:1D:63:73:9F:37:59:25:C3:6A:76:BE:9A:28
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/gaSAQkPQ0x1jc583WSXDana-mig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.184.0/21
87.236.192.0/21
89.187.128.0/19
91.245.16.0/21
IPv6:
2a01:5f0::/29
Signature Algorithm: sha256WithRSAEncryption
95:53:99:03:a7:88:46:91:e6:e1:ba:88:a3:5b:92:45:8f:48:
53:ac:9e:66:7c:60:c8:57:32:ab:4b:a7:98:1d:a6:90:ee:21:
3d:be:52:88:a7:8a:5b:9d:91:76:59:fb:90:e4:68:8d:08:ea:
ba:47:40:ab:29:63:5e:8c:45:e4:1e:51:5f:a7:06:eb:6e:89:
fa:a1:3e:e7:bf:8e:8a:44:3c:53:82:bd:a3:32:ea:d6:c4:3a:
cc:86:a7:84:5e:2b:e4:dd:94:8f:a0:5d:99:ff:06:c5:0a:8b:
22:a6:e7:d1:ba:f1:77:63:24:63:55:bd:42:30:e4:16:03:e3:
b1:8e:3d:02:3d:17:01:f3:8b:7b:48:a1:f2:26:93:f4:19:31:
4b:a9:c6:ff:5e:bd:bc:4d:ea:52:a9:09:a8:5e:0f:99:ea:c6:
66:85:ff:62:0a:38:c1:b3:8b:63:96:aa:11:f7:2b:de:92:b1:
56:c9:0d:44:d5:b7:04:3e:06:bf:dc:53:1a:05:2d:36:14:76:
76:90:73:a9:b7:b5:ee:9c:31:c2:21:46:1f:43:98:2f:9a:67:
ff:f0:81:8c:f9:74:b6:a8:66:0f:61:42:6c:9e:b2:f3:b8:f3:
c3:75:c4:98:13:67:49:a4:db:19:7e:bd:9a:be:21:c5:2c:76:
8a:4e:75:5c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuL7ABhTW2NC5+QmKCo/mCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjMwMTAxMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE0ODA0MjQzZDBkMzFkNjM3MzlmMzc1OTI1YzM2YTc2YmU5YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr38q0QFv7tTQ4XL/y4Tt28YtX9nk
ypDp6fb4ZuSOPwFdpGD45WMcIDEdHpZesADYKp/hBm16gpAktbPXqBRZ3XlEcV+n
dckSsk1+jxyJRZogkWu7KIyXtyTQdD70cT92XWSR40EY8ImwV4Hg/6JEkqdlljDe
2oZNu2GJZMdyVdA9ZX0YoT0OO7fzV1TPjqNvnTaY2v2RgyTT/IVgBrX8/ejPx34u
Zv5sDrxZvqUd3VYnQMKnXi2XGNmKsTevhaCacVPFXAUJgIrPF7lHlIScM4LuS94i
6lDA5vcaPUhtK3Tg/afUeUiyN62ll7BAhTg1E8BXwKN8OCNFRc09OOwSEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIGkgEJD0NMdY3OfN1klw2p2vpooMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvZ2FTQVFrUFEweDFqYzU4M1dTWERhbmEtbWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLh24AwQD
V+zAAwQFWbuAAwQDW/UQMA0EAgACMAcDBQMqAQXwMA0GCSqGSIb3DQEBCwUAA4IB
AQCVU5kDp4hGkebhuoijW5JFj0hTrJ5mfGDIVzKrS6eYHaaQ7iE9vlKIp4pbnZF2
WfuQ5GiNCOq6R0CrKWNejEXkHlFfpwbrbon6oT7nv46KRDxTgr2jMurWxDrMhqeE
Xivk3ZSPoF2Z/wbFCosipufRuvF3YyRjVb1CMOQWA+Oxjj0CPRcB84t7SKHyJpP0
GTFLqcb/Xr28TepSqQmoXg+Z6sZmhf9iCjjBs4tjlqoR9yvekrFWyQ1E1bcEPga/
3FMaBS02FHZ2kHOpt7XunDHCIUYfQ5gvmmf/8IGM+XS2qGYPYUJsnrLzuPPDdcSY
E2dJpNsZfr2aviHFLHaKTnVc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:36 2023 by rpki-client on console.sobornost.net