Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BmKJ8jAX40fY9yOyJjO7qoXFNfk.roa
File: BmKJ8jAX40fY9yOyJjO7qoXFNfk.roa (raw, json)
Hash identifier: tYiVlV+CHMjVQBePEPnkCBk4ldgcBCRCmeoqvfU8KLg=
Subject key identifier: 06:62:89:F2:30:17:E3:47:D8:F7:23:B2:26:33:BB:AA:85:C5:35:F9
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 01856EB8DB22EC00B653B050D1E4BE848C44
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BmKJ8jAX40fY9yOyJjO7qoXFNfk.roa
Signing time: Sun 01 Jan 2023 19:04:46 +0000
ROA not before: Sun 01 Jan 2023 19:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44795
IP address blocks: 62.128.160.0/19 maxlen: 19
82.214.240.0/21 maxlen: 21
82.214.244.0/22 maxlen: 22
195.238.32.0/19 maxlen: 19
62.128.168.0/21 maxlen: 21
62.128.168.0/22 maxlen: 22
62.128.172.0/22 maxlen: 22
128.65.64.0/19 maxlen: 24
82.214.192.0/18 maxlen: 18
82.214.210.0/24 maxlen: 24
185.117.52.0/22 maxlen: 22
82.214.240.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:db:22:ec:00:b6:53:b0:50:d1:e4:be:84:8c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jan 1 19:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=066289f23017e347d8f723b22633bbaa85c535f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a5:c1:12:98:2a:c8:44:0b:5c:3d:98:f5:47:
9f:14:55:e7:06:91:77:31:f0:c4:9a:1d:33:c5:5a:
60:28:05:84:b8:9e:4c:89:4d:1a:e3:eb:47:65:2f:
71:ff:34:50:3f:11:7d:b8:23:44:90:68:42:66:a8:
4b:ae:28:7f:b3:b0:b2:b5:0a:f5:e9:3e:d5:c1:74:
4c:08:55:9a:67:22:c0:6f:08:6d:f5:d6:f7:23:8d:
13:23:51:26:11:02:20:68:fd:95:f2:57:e3:cf:09:
5f:8d:c9:77:2a:29:77:41:58:dd:ed:92:68:20:2a:
20:5b:b8:36:0c:10:c9:a4:42:15:35:83:0c:a1:63:
57:ad:be:c7:61:9d:e1:6e:97:76:24:d9:20:a4:ed:
c5:df:26:f2:13:e7:88:8a:80:c5:c0:a1:c2:0c:da:
0f:02:ad:0e:4f:f2:f7:71:5c:37:f5:aa:24:8e:a3:
cb:76:e3:f4:5a:67:bb:3f:a5:26:d9:fe:de:ec:13:
b8:fc:d6:f3:8e:8d:46:b2:89:2a:ef:55:e7:f8:d4:
2f:0b:2c:11:17:43:45:5f:ba:17:c4:cc:53:e6:a2:
9a:5d:f6:da:45:98:c4:6e:84:35:c6:fa:99:6f:9b:
73:24:c2:15:28:1d:a6:77:bb:5c:18:78:1d:cb:a3:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:62:89:F2:30:17:E3:47:D8:F7:23:B2:26:33:BB:AA:85:C5:35:F9
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BmKJ8jAX40fY9yOyJjO7qoXFNfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
Signature Algorithm: sha256WithRSAEncryption
11:54:fd:6d:d8:52:75:f5:49:1f:3a:33:27:64:46:15:41:46:
37:5c:aa:55:5c:df:c9:44:03:ee:24:45:91:26:e9:72:73:06:
bd:a5:44:17:6d:b8:19:82:65:d1:b0:76:e7:3e:13:38:f5:4c:
27:5e:cd:79:37:4b:23:de:01:c7:9b:83:b0:16:15:be:bd:81:
ce:b4:94:a4:5a:d6:f3:d2:20:2a:67:82:2d:9a:fd:31:3a:ac:
15:53:e7:4e:6b:97:3d:8f:d8:3e:09:c6:7b:92:c3:cf:a0:b9:
b2:20:54:c8:67:8d:69:92:37:79:da:57:ab:22:a8:1c:3f:b5:
04:20:e8:72:ff:c0:16:bb:67:f7:7e:38:11:b6:f7:6a:c5:54:
9d:b3:12:97:3b:46:53:a6:09:22:3b:1e:f5:73:b0:b2:40:aa:
67:5d:fc:45:b9:cf:95:c1:38:ab:0e:b7:d8:bb:87:f9:cf:01:
32:c3:9d:c6:79:a3:d2:0c:1d:a6:5a:98:64:ec:48:38:ae:07:
fc:66:f3:0b:58:a5:26:61:6d:fa:a1:06:14:ff:41:88:2a:2c:
2d:5f:41:83:cf:22:1c:15:57:39:ce:e5:87:95:ff:6e:84:1a:
2a:b4:fa:f3:4f:30:18:33:da:ed:e8:f5:46:34:65:0b:2f:f4:
ea:b1:17:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuuNsi7AC2U7BQ0eS+hIxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZjRkZTZlNzNjOGUwNTNjYjY0MGI3NGQyYjkxMmFiZDkw
YjA1ODAwHhcNMjMwMTAxMTkwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjYyODlmMjMwMTdlMzQ3ZDhmNzIzYjIyNjMzYmJhYTg1YzUzNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqXBEpgqyEQLXD2Y9UefFFXnBpF3
MfDEmh0zxVpgKAWEuJ5MiU0a4+tHZS9x/zRQPxF9uCNEkGhCZqhLrih/s7CytQr1
6T7VwXRMCFWaZyLAbwht9db3I40TI1EmEQIgaP2V8lfjzwlfjcl3Kil3QVjd7ZJo
ICogW7g2DBDJpEIVNYMMoWNXrb7HYZ3hbpd2JNkgpO3F3ybyE+eIioDFwKHCDNoP
Aq0OT/L3cVw39aokjqPLduP0Wme7P6Um2f7e7BO4/Nbzjo1Gsokq71Xn+NQvCywR
F0NFX7oXxMxT5qKaXfbaRZjEboQ1xvqZb5tzJMIVKB2md7tcGHgdy6PKgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAZiifIwF+NH2PcjsiYzu6qFxTX5MB8GA1UdIwQY
MBaAFFr03m5zyOBTy2QLdNK5EqvZCwWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUt
YzFlOTM2MmIxYTUxLzEvQm1LSjhqQVg0MGZZOXlPeUpqTzdxb1hGTmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUtYzFlOTM2MmIxYTUx
LzEvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFPoCgAwQG
UtbAAwQFgEFAAwQCuXU0AwQFw+4gMA0GCSqGSIb3DQEBCwUAA4IBAQARVP1t2FJ1
9UkfOjMnZEYVQUY3XKpVXN/JRAPuJEWRJulycwa9pUQXbbgZgmXRsHbnPhM49Uwn
Xs15N0sj3gHHm4OwFhW+vYHOtJSkWtbz0iAqZ4Itmv0xOqwVU+dOa5c9j9g+CcZ7
ksPPoLmyIFTIZ41pkjd52lerIqgcP7UEIOhy/8AWu2f3fjgRtvdqxVSdsxKXO0ZT
pgkiOx71c7CyQKpnXfxFuc+VwTirDrfYu4f5zwEyw53GeaPSDB2mWphk7Eg4rgf8
ZvMLWKUmYW36oQYU/0GIKiwtX0GDzyIcFVc5zuWHlf9uhBoqtPrzTzAYM9rt6PVG
NGULL/TqsRcQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:05 2024 by rpki-client on console.sobornost.net