Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/gkBLm0zEuq17Q7iSTY0xAq3wICQ.roa
File: gkBLm0zEuq17Q7iSTY0xAq3wICQ.roa (raw, json)
Hash identifier: HPDB+swN+wRrntU+Sk5nRJPyI/QLScVEX04xjU8E3xk=
Subject key identifier: 82:40:4B:9B:4C:C4:BA:AD:7B:43:B8:92:4D:8D:31:02:AD:F0:20:24
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AFED8D66DD609C5EADA1CC26F62FF9897
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/gkBLm0zEuq17Q7iSTY0xAq3wICQ.roa
Signing time: Thu 05 Oct 2023 07:58:58 +0000
ROA not before: Thu 05 Oct 2023 07:58:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139853
IP address blocks: 91.222.135.0/24 maxlen: 24
91.222.134.0/24 maxlen: 24
91.222.133.0/24 maxlen: 24
149.20.127.0/24 maxlen: 24
149.20.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:d8:d6:6d:d6:09:c5:ea:da:1c:c2:6f:62:ff:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Oct 5 07:58:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82404b9b4cc4baad7b43b8924d8d3102adf02024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:fa:46:76:fc:85:a7:ba:db:d8:61:f2:88:
4a:fa:75:40:53:56:7e:46:f2:af:7f:b6:3e:4e:48:
36:e2:ae:0f:b0:d1:4d:1d:8e:8f:c3:42:de:31:e2:
21:2e:af:50:f6:1a:e2:2e:35:4a:a0:04:ad:a7:20:
af:02:40:3d:9a:76:b2:f9:aa:81:71:1d:89:0e:33:
21:71:16:b7:01:73:81:42:76:64:83:65:a3:f8:88:
18:cb:28:44:9b:78:d0:59:08:e4:d8:6c:69:72:bd:
2a:2c:eb:81:bc:5c:7c:fc:eb:4c:7d:dd:95:3e:16:
7a:98:4d:cc:72:cd:af:92:c9:c4:4a:e8:00:45:72:
57:46:05:fd:f2:d4:b7:04:4f:dd:4f:ee:72:eb:3e:
47:bd:66:e3:e5:85:da:be:87:fb:94:ab:54:14:d9:
3c:92:ca:3e:e7:c2:d2:9f:67:19:f4:54:ce:9d:9b:
bb:4b:f2:2c:f3:09:01:c3:72:50:7f:35:3d:73:89:
8c:ee:bc:13:75:ba:10:7c:38:90:d3:c2:d9:b5:b3:
d5:8f:ef:39:57:cc:0f:29:1f:7f:d9:88:22:5d:d4:
63:d3:ae:bb:c1:02:95:36:66:98:39:02:a4:32:90:
81:e0:34:74:67:59:03:88:78:ab:89:f0:2c:e2:03:
51:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:40:4B:9B:4C:C4:BA:AD:7B:43:B8:92:4D:8D:31:02:AD:F0:20:24
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/gkBLm0zEuq17Q7iSTY0xAq3wICQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.133.0-91.222.135.255
149.20.126.0/23
Signature Algorithm: sha256WithRSAEncryption
33:07:ec:92:4e:5c:2e:0e:e2:9e:8b:ef:10:40:de:c6:77:fe:
9d:e5:bd:6a:d2:c6:cb:22:06:16:f9:3b:21:87:ad:73:28:36:
62:f4:77:16:22:90:29:19:19:e0:4a:ee:27:cd:81:e6:2c:c8:
79:18:85:af:c7:0e:3a:cb:53:de:49:c4:c9:4a:7c:9c:df:fc:
d7:5a:f5:84:e7:ba:30:2d:5b:e6:f5:6f:1d:aa:07:e0:e5:cf:
fa:09:e3:dd:ac:c9:39:8f:e7:5a:ee:72:9e:9d:84:9d:ce:5c:
c2:30:f9:55:b7:8b:90:63:ca:ad:10:a4:e9:c3:76:75:79:fb:
25:88:d6:f7:2f:48:05:82:f8:b9:b3:8c:a8:6a:f0:f7:a9:44:
84:ee:4e:34:ab:bd:5c:a4:d4:bb:0b:a2:32:9b:88:3f:86:ed:
fb:eb:ba:57:a0:e9:3c:6f:77:50:a5:91:ad:aa:b5:b0:c8:a5:
46:ec:f4:e4:87:05:0d:22:48:5f:02:53:15:7e:44:f1:d4:7b:
e7:3d:b0:36:5c:2e:77:91:7f:6f:a7:df:e0:a8:ec:dd:47:e5:
32:98:bb:4b:66:f9:25:e7:78:56:5b:11:47:88:92:2d:dd:02:
00:d4:2a:02:30:9b:4c:56:be:ee:c6:ed:d1:c5:e0:b0:7f:f8:
35:49:21:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYr+2NZt1gnF6tocwm9i/5iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMxMDA1MDc1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQwNGI5YjRjYzRiYWFkN2I0M2I4OTI0ZDhkMzEwMmFkZjAyMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLn6Rnb8hae629hh8ohK+nVAU1Z+
RvKvf7Y+Tkg24q4PsNFNHY6Pw0LeMeIhLq9Q9hriLjVKoAStpyCvAkA9mnay+aqB
cR2JDjMhcRa3AXOBQnZkg2Wj+IgYyyhEm3jQWQjk2Gxpcr0qLOuBvFx8/OtMfd2V
PhZ6mE3Mcs2vksnESugARXJXRgX98tS3BE/dT+5y6z5HvWbj5YXavof7lKtUFNk8
kso+58LSn2cZ9FTOnZu7S/Is8wkBw3JQfzU9c4mM7rwTdboQfDiQ08LZtbPVj+85
V8wPKR9/2YgiXdRj0667wQKVNmaYOQKkMpCB4DR0Z1kDiHirifAs4gNRkwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIJAS5tMxLqte0O4kk2NMQKt8CAkMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvZ2tCTG0wekV1cTE3UTdpU1RZMHhBcTN3SUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABb3oUD
BANb3oADBAGVFH4wDQYJKoZIhvcNAQELBQADggEBADMH7JJOXC4O4p6L7xBA3sZ3
/p3lvWrSxssiBhb5OyGHrXMoNmL0dxYikCkZGeBK7ifNgeYsyHkYha/HDjrLU95J
xMlKfJzf/Nda9YTnujAtW+b1bx2qB+Dlz/oJ492syTmP51rucp6dhJ3OXMIw+VW3
i5Bjyq0QpOnDdnV5+yWI1vcvSAWC+LmzjKhq8PepRITuTjSrvVyk1LsLojKbiD+G
7fvruleg6Txvd1Clka2qtbDIpUbs9OSHBQ0iSF8CUxV+RPHUe+c9sDZcLneRf2+n
3+Co7N1H5TKYu0tm+SXneFZbEUeIki3dAgDUKgIwm0xWvu7G7dHF4LB/+DVJIeA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:34 2023 by rpki-client on console.sobornost.net