Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/b6lsLYvaGMYfe5O3IJfYhFZiznw.roa
File: b6lsLYvaGMYfe5O3IJfYhFZiznw.roa (raw, json)
Hash identifier: eSA8kUMjde8rMAb4JgtPmMSiV5ufAEuxPhecrc/GlFQ=
Subject key identifier: 6F:A9:6C:2D:8B:DA:18:C6:1F:7B:93:B7:20:97:D8:84:56:62:CE:7C
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA6CFB1FE1AD58544DAB426AE2183E79B
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/b6lsLYvaGMYfe5O3IJfYhFZiznw.roa
Signing time: Tue 26 Dec 2023 15:47:58 +0000
ROA not before: Tue 26 Dec 2023 15:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:cf:b1:fe:1a:d5:85:44:da:b4:26:ae:21:83:e7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 15:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fa96c2d8bda18c61f7b93b72097d8845662ce7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fa:f6:7f:dc:34:a5:fa:38:d5:19:95:3c:4d:
8a:24:4e:44:ea:68:c1:79:04:1c:73:66:fb:49:78:
4e:67:c9:d5:33:45:a7:44:0e:6b:2a:2d:a2:53:ae:
5f:32:47:88:24:8b:43:fb:f6:1f:17:76:84:7d:22:
07:73:a2:c5:1b:f2:70:92:ac:28:4b:d2:1a:b5:17:
c9:ea:77:70:d2:25:f7:08:c3:89:f6:54:89:b0:e1:
2f:b5:fc:c4:67:36:74:7a:54:b7:d6:06:22:97:ea:
2c:b5:83:64:7e:9b:81:9f:22:7c:44:e2:a0:79:f7:
a4:a4:10:e1:ab:8a:06:94:00:46:d1:36:7d:93:68:
1e:b6:fb:d5:8f:47:09:f1:be:93:db:a7:fd:f4:7e:
28:73:29:54:b9:d8:49:2d:03:7d:68:55:99:c2:91:
47:72:25:36:90:04:95:af:dc:f4:d5:80:bc:43:82:
e2:35:1d:2e:c1:41:71:b9:bf:a2:3f:b7:48:22:25:
49:75:be:05:ca:6d:de:3e:67:f6:60:f0:c4:b8:37:
e6:06:66:3d:17:0e:09:d7:b9:ab:47:28:82:95:b0:
e2:be:34:87:e0:e4:e1:d1:6f:c3:50:aa:61:c5:55:
78:7a:7a:2f:5f:6f:0c:b9:38:10:16:59:25:3a:74:
cf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A9:6C:2D:8B:DA:18:C6:1F:7B:93:B7:20:97:D8:84:56:62:CE:7C
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/b6lsLYvaGMYfe5O3IJfYhFZiznw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
03:38:14:56:ec:e6:44:02:bd:ec:13:17:f8:9d:79:64:92:88:
fd:3f:54:1d:2d:ba:0f:93:5e:44:26:6a:5f:3c:1a:bb:58:fc:
83:88:2b:e9:27:f3:2a:ba:de:76:64:1a:32:4a:bf:e6:9e:2b:
58:54:5f:25:73:10:bc:34:1d:ad:95:51:6a:29:b2:e1:be:75:
fc:a9:7f:b4:cf:2c:1a:2f:d7:3a:c9:b0:2d:6b:6f:1e:59:d7:
ad:24:37:6c:72:bc:c2:1d:ca:ec:2a:1d:62:74:d8:ca:0e:12:
54:fe:8d:7e:5c:95:4f:db:64:0e:52:e2:96:f1:fd:d4:0a:60:
f3:46:40:85:b7:c7:d4:44:28:db:67:31:e3:06:98:ae:89:95:
c6:75:08:c4:bc:7b:0f:e1:50:f7:7a:5f:3b:ad:8d:db:ac:a9:
fb:5c:42:d1:b0:a7:73:f2:6b:48:d9:fb:cd:bc:c1:af:2b:31:
28:f7:f8:c3:9b:8f:cf:66:2c:34:f3:83:fa:59:64:00:bc:03:
58:46:66:c0:a7:a4:73:18:43:e9:76:25:7f:9b:f7:25:56:8f:
b4:c8:85:93:11:18:c8:a3:58:09:19:99:0b:62:64:40:a3:d1:
f7:29:48:80:95:6a:e6:ff:e4:ff:a0:73:dc:3a:97:03:68:15:
2a:c1:9e:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYymz7H+GtWFRNq0Jq4hg+ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTU0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmE5NmMyZDhiZGExOGM2MWY3YjkzYjcyMDk3ZDg4NDU2NjJjZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPr2f9w0pfo41RmVPE2KJE5E6mjB
eQQcc2b7SXhOZ8nVM0WnRA5rKi2iU65fMkeIJItD+/YfF3aEfSIHc6LFG/Jwkqwo
S9IatRfJ6ndw0iX3CMOJ9lSJsOEvtfzEZzZ0elS31gYil+ostYNkfpuBnyJ8ROKg
efekpBDhq4oGlABG0TZ9k2getvvVj0cJ8b6T26f99H4ocylUudhJLQN9aFWZwpFH
ciU2kASVr9z01YC8Q4LiNR0uwUFxub+iP7dIIiVJdb4Fym3ePmf2YPDEuDfmBmY9
Fw4J17mrRyiClbDivjSH4OTh0W/DUKphxVV4enovX28MuTgQFlklOnTPWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG+pbC2L2hjGH3uTtyCX2IRWYs58MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvYjZsc0xZdmFHTVlmZTVPM0lKZlloRlppem53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQADOBRW7OZE
Ar3sExf4nXlkkoj9P1QdLboPk15EJmpfPBq7WPyDiCvpJ/Mqut52ZBoySr/mnitY
VF8lcxC8NB2tlVFqKbLhvnX8qX+0zywaL9c6ybAta28eWdetJDdscrzCHcrsKh1i
dNjKDhJU/o1+XJVP22QOUuKW8f3UCmDzRkCFt8fURCjbZzHjBpiuiZXGdQjEvHsP
4VD3el87rY3brKn7XELRsKdz8mtI2fvNvMGvKzEo9/jDm4/PZiw084P6WWQAvANY
RmbAp6RzGEPpdiV/m/clVo+0yIWTERjIo1gJGZkLYmRAo9H3KUiAlWrm/+T/oHPc
OpcDaBUqwZ5K
Generated at Tue Dec 26 19:24:27 2023 by rpki-client on console.sobornost.net