Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/1EDnqyK-Jez5MVlb-0lCakpe3CQ.roa
File: 1EDnqyK-Jez5MVlb-0lCakpe3CQ.roa (raw, json)
Hash identifier: TZQ9OM14HjtZK8RQ4c9fqO6PYN+v5iBdnD+jfQR6qnk=
Subject key identifier: D4:40:E7:AB:22:BE:25:EC:F9:31:59:5B:FB:49:42:6A:4A:5E:DC:24
Certificate issuer: /CN=1da97cae7de6b29e56f0259af53c95926034a502
Certificate serial: 01856FC294DE1348DAE583879C3F5670F35C
Authority key identifier: 1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/1EDnqyK-Jez5MVlb-0lCakpe3CQ.roa
Signing time: Sun 01 Jan 2023 23:55:01 +0000
ROA not before: Sun 01 Jan 2023 23:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3399
IP address blocks: 45.141.108.0/22 maxlen: 22
185.242.228.0/22 maxlen: 22
178.132.72.0/21 maxlen: 21
195.128.240.0/23 maxlen: 23
185.86.104.0/22 maxlen: 22
185.147.236.0/22 maxlen: 22
195.128.254.0/23 maxlen: 23
2a03:8600::/32 maxlen: 32
2a07:5cc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:94:de:13:48:da:e5:83:87:9c:3f:56:70:f3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da97cae7de6b29e56f0259af53c95926034a502
Validity
Not Before: Jan 1 23:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d440e7ab22be25ecf931595bfb49426a4a5edc24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:02:cf:9f:b6:41:d2:b6:3a:6d:76:c8:97:
20:4d:4c:ea:52:68:f5:b0:26:48:32:95:4b:f8:b7:
61:b3:48:2f:e0:80:89:19:d8:bd:9d:c5:06:6b:67:
24:66:91:a8:23:1b:1e:9d:b7:c8:df:fc:32:3d:7f:
cd:c0:3b:62:91:c5:68:56:87:a0:f6:40:7d:66:d3:
e6:53:05:4b:55:74:26:04:3e:87:a4:cc:cd:52:27:
a1:58:09:07:5f:2f:44:64:91:4c:28:4c:41:6e:ba:
9f:4f:c3:e3:70:7a:de:9b:98:28:78:c1:33:45:eb:
e4:2c:f0:04:02:b3:0c:9a:03:51:b6:b4:80:92:42:
99:b2:8d:45:c3:58:12:06:cf:f2:11:d4:29:ad:07:
83:42:28:96:dd:6d:be:ef:1a:ac:de:93:4f:14:d5:
03:ee:3a:64:d5:3b:44:81:23:d7:0c:ef:a5:04:15:
aa:06:39:b2:b3:50:56:d1:93:d0:a8:90:06:61:6d:
72:dc:7c:4b:7b:4f:be:73:40:b0:ed:93:48:06:3e:
74:10:ad:2c:b1:88:d9:33:29:eb:65:c3:bc:56:35:
0f:8c:37:07:0c:63:aa:6b:b1:e8:26:b3:97:76:d7:
78:be:cb:0c:51:09:59:7c:eb:54:4d:e3:7e:99:80:
ce:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:40:E7:AB:22:BE:25:EC:F9:31:59:5B:FB:49:42:6A:4A:5E:DC:24
X509v3 Authority Key Identifier:
keyid:1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/1EDnqyK-Jez5MVlb-0lCakpe3CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.108.0/22
178.132.72.0/21
185.86.104.0/22
185.147.236.0/22
185.242.228.0/22
195.128.240.0/23
195.128.254.0/23
IPv6:
2a03:8600::/32
2a07:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
18:36:61:ec:a9:57:67:5a:00:bc:3a:a7:db:18:3f:e5:54:56:
8d:ad:8f:35:69:e5:a9:42:83:86:68:0e:3c:51:e9:5c:07:7d:
d5:74:a1:93:7b:72:74:e4:56:e2:88:6f:f0:7b:b3:9a:70:70:
69:b2:fa:07:f4:35:a2:3a:cf:6b:fc:33:c4:58:3f:81:4d:28:
07:87:02:d8:e8:6c:13:73:a3:bf:98:50:a4:1d:6e:98:1a:aa:
28:7a:a1:86:1b:b8:48:fd:94:5c:8c:a0:27:56:bc:b4:8e:3f:
d6:4e:6f:d0:da:be:dd:16:75:75:4e:f2:3c:5b:1d:6a:f4:21:
e3:73:6a:85:3a:70:fb:15:5d:3d:4d:f6:02:e4:8b:f0:1b:c6:
66:67:e4:14:4f:91:4a:f2:a9:85:45:cc:36:18:6e:cc:ba:d2:
12:2e:c7:ec:df:d1:8b:23:91:71:cf:68:77:fe:99:8c:4c:16:
8d:c6:eb:e0:87:76:24:03:90:ca:d8:65:fb:89:84:19:94:f0:
a7:57:88:89:4b:de:5a:19:fc:25:6a:10:3c:08:ac:24:2c:8a:
bf:73:fa:9a:5f:7d:93:f7:0d:cf:67:b5:be:44:f0:64:51:04:
d5:8c:ef:ba:0b:a8:20:3e:18:c6:5b:06:e6:89:3d:03:66:4d:
89:dd:8f:b2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVvwpTeE0ja5YOHnD9WcPNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYTk3Y2FlN2RlNmIyOWU1NmYwMjU5YWY1M2M5NTkyNjAz
NGE1MDIwHhcNMjMwMTAxMjM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQwZTdhYjIyYmUyNWVjZjkzMTU5NWJmYjQ5NDI2YTRhNWVkYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEQCz5+2QdK2Om12yJcgTUzqUmj1
sCZIMpVL+Ldhs0gv4ICJGdi9ncUGa2ckZpGoIxsenbfI3/wyPX/NwDtikcVoVoeg
9kB9ZtPmUwVLVXQmBD6HpMzNUiehWAkHXy9EZJFMKExBbrqfT8PjcHrem5goeMEz
RevkLPAEArMMmgNRtrSAkkKZso1Fw1gSBs/yEdQprQeDQiiW3W2+7xqs3pNPFNUD
7jpk1TtEgSPXDO+lBBWqBjmys1BW0ZPQqJAGYW1y3HxLe0++c0Cw7ZNIBj50EK0s
sYjZMynrZcO8VjUPjDcHDGOqa7HoJrOXdtd4vssMUQlZfOtUTeN+mYDOrQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNRA56siviXs+TFZW/tJQmpKXtwkMB8GA1UdIwQY
MBaAFB2pfK595rKeVvAlmvU8lZJgNKUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGFsOHJuM21zcDVXOENXYTlUeVZrbUEwcFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84NWI2NzMtZjFhZC00M2UyLWJmZTct
MGNkNzIzNmIyOWI2LzEvMUVEbnF5Sy1KZXo1TVZsYi0wbENha3BlM0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC84NWI2NzMtZjFhZC00M2UyLWJmZTctMGNkNzIzNmIyOWI2
LzEvSGFsOHJuM21zcDVXOENXYTlUeVZrbUEwcFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLY1sAwQD
soRIAwQCuVZoAwQCuZPsAwQCufLkAwQBw4DwAwQBw4D+MBQEAgACMA4DBQAqA4YA
AwUDKgdcwDANBgkqhkiG9w0BAQsFAAOCAQEAGDZh7KlXZ1oAvDqn2xg/5VRWja2P
NWnlqUKDhmgOPFHpXAd91XShk3tydORW4ohv8HuzmnBwabL6B/Q1ojrPa/wzxFg/
gU0oB4cC2OhsE3Ojv5hQpB1umBqqKHqhhhu4SP2UXIygJ1a8tI4/1k5v0Nq+3RZ1
dU7yPFsdavQh43NqhTpw+xVdPU32AuSL8BvGZmfkFE+RSvKphUXMNhhuzLrSEi7H
7N/RiyORcc9od/6ZjEwWjcbr4Id2JAOQythl+4mEGZTwp1eIiUveWhn8JWoQPAis
JCyKv3P6ml99k/cNz2e1vkTwZFEE1YzvuguoID4YxlsG5ok9A2ZNid2Psg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:35 2024 by rpki-client on console.sobornost.net