Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/yrQhfgdaDoKwXQgqHJK5slhy5mU.roa
File: yrQhfgdaDoKwXQgqHJK5slhy5mU.roa (raw, json)
Hash identifier: GIiXsx+DfrmJOt3KXRyJXkwotkufNiOiTXkT1Q8qAeU=
Subject key identifier: CA:B4:21:7E:07:5A:0E:82:B0:5D:08:2A:1C:92:B9:B2:58:72:E6:65
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 018B714DCC24727C2E2E0CB77F37D2675881
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/yrQhfgdaDoKwXQgqHJK5slhy5mU.roa
Signing time: Fri 27 Oct 2023 13:23:25 +0000
ROA not before: Fri 27 Oct 2023 13:23:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60456
IP address blocks: 185.231.168.0/22 maxlen: 22
45.81.204.0/22 maxlen: 22
2a0e:5f80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:4d:cc:24:72:7c:2e:2e:0c:b7:7f:37:d2:67:58:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Oct 27 13:23:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab4217e075a0e82b05d082a1c92b9b25872e665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:21:80:b4:0a:6e:20:8b:4f:2f:28:ff:4b:
36:28:d9:38:7b:9f:90:7b:03:3a:5d:14:63:b0:d3:
fc:60:1e:3f:5c:13:92:9a:ed:32:63:af:e9:bc:09:
c6:33:f5:bf:20:26:a2:71:f4:d3:75:21:b6:6e:24:
df:bc:60:e1:1c:fb:ca:bf:3a:1f:78:80:a3:85:77:
6d:4c:91:4c:e7:0b:d0:96:2d:31:84:11:b0:67:5c:
23:0b:a8:d1:4a:e0:ab:7e:91:92:da:72:3b:fd:0c:
f0:08:5b:20:4c:0a:c1:6e:a7:8f:b6:d3:c1:af:eb:
59:46:e3:a7:e0:b4:65:e2:a6:40:d2:96:2f:e2:85:
89:71:c3:24:89:f4:10:a1:02:91:30:0e:ef:c9:2a:
1f:dd:f9:17:8e:a3:78:28:76:92:4f:c3:95:bc:34:
d4:e0:05:70:f6:63:a0:6d:72:2e:2c:da:ae:12:8b:
3a:00:35:55:3f:d5:00:ac:76:2b:fb:37:48:e7:f0:
bf:67:0f:60:26:ba:b5:d2:a2:b3:06:90:87:8c:81:
fa:c6:d2:76:8a:48:c2:a9:56:97:ac:fa:2d:44:ea:
c1:e0:3a:57:9e:d8:fd:37:4c:a6:f5:5c:f7:cb:22:
c0:2b:f7:b4:2d:25:66:39:18:05:09:25:6b:55:d8:
95:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B4:21:7E:07:5A:0E:82:B0:5D:08:2A:1C:92:B9:B2:58:72:E6:65
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/yrQhfgdaDoKwXQgqHJK5slhy5mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.204.0/22
185.231.168.0/22
IPv6:
2a0e:5f80::/29
Signature Algorithm: sha256WithRSAEncryption
15:44:d8:7e:36:35:e2:55:a6:6d:17:3a:60:e0:56:99:30:00:
a6:91:c5:99:ba:28:dc:7c:73:69:3e:28:aa:68:01:26:70:c3:
9f:b2:74:00:3e:23:ea:69:de:19:39:a6:d5:40:6a:75:af:46:
03:75:85:7a:3b:fd:fa:89:52:77:6e:63:d1:61:f9:a2:c6:76:
fb:8e:27:81:dc:1b:8c:ed:5b:02:65:68:4a:a4:f0:aa:c7:ea:
8a:4e:e2:79:1d:bf:34:d5:8c:8a:45:f7:24:9e:2c:c3:15:c9:
7d:8f:19:ac:b4:f3:f3:44:e3:5a:01:1d:f8:23:21:f4:d4:c5:
6f:f5:51:d6:f8:eb:e4:e4:11:57:b5:b8:0e:92:4e:a7:62:ab:
1a:67:e1:6c:d9:bf:3b:67:ab:d6:3f:0f:2b:7b:c0:08:9c:ff:
fb:e2:7c:6b:27:a0:5a:64:90:38:3c:3c:51:40:77:9f:57:75:
5e:ca:a7:ed:43:a0:39:eb:c2:49:29:a0:40:76:5f:37:b5:2b:
45:59:12:3f:93:ce:c3:f9:a3:a2:9f:e7:fc:36:3a:5a:4c:72:
26:7d:55:f3:60:22:71:a1:5c:d8:b4:64:af:b8:c2:47:3c:42:
a7:37:fa:76:5a:42:c3:f3:8f:0b:0e:d8:88:3e:af:e8:de:d8:
14:0d:bc:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtxTcwkcnwuLgy3fzfSZ1iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjMxMDI3MTMyMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI0MjE3ZTA3NWEwZTgyYjA1ZDA4MmExYzkyYjliMjU4NzJlNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrohgLQKbiCLTy8o/0s2KNk4e5+Q
ewM6XRRjsNP8YB4/XBOSmu0yY6/pvAnGM/W/ICaicfTTdSG2biTfvGDhHPvKvzof
eICjhXdtTJFM5wvQli0xhBGwZ1wjC6jRSuCrfpGS2nI7/QzwCFsgTArBbqePttPB
r+tZRuOn4LRl4qZA0pYv4oWJccMkifQQoQKRMA7vySof3fkXjqN4KHaST8OVvDTU
4AVw9mOgbXIuLNquEos6ADVVP9UArHYr+zdI5/C/Zw9gJrq10qKzBpCHjIH6xtJ2
ikjCqVaXrPotROrB4DpXntj9N0ym9Vz3yyLAK/e0LSVmORgFCSVrVdiVOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMq0IX4HWg6CsF0IKhySubJYcuZlMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEveXJRaGZnZGFEb0t3WFFncUhKSzVzbGh5NW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVHMAwQC
ueeoMA0EAgACMAcDBQMqDl+AMA0GCSqGSIb3DQEBCwUAA4IBAQAVRNh+NjXiVaZt
Fzpg4FaZMACmkcWZuijcfHNpPiiqaAEmcMOfsnQAPiPqad4ZOabVQGp1r0YDdYV6
O/36iVJ3bmPRYfmixnb7jieB3BuM7VsCZWhKpPCqx+qKTuJ5Hb801YyKRfcknizD
Fcl9jxmstPPzRONaAR34IyH01MVv9VHW+Ovk5BFXtbgOkk6nYqsaZ+Fs2b87Z6vW
Pw8re8AInP/74nxrJ6BaZJA4PDxRQHefV3VeyqftQ6A568JJKaBAdl83tStFWRI/
k87D+aOin+f8NjpaTHImfVXzYCJxoVzYtGSvuMJHPEKnN/p2WkLD848LDtiIPq/o
3tgUDbxU
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:16 2024 by rpki-client on console.sobornost.net