Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iRhGPXYXn8symRNOXhFzLzrk_Us.roa
File: iRhGPXYXn8symRNOXhFzLzrk_Us.roa (raw, json)
Hash identifier: aVsHPWLBoMt1ZpR3qKYv3pScql1mqbxavjshtibtE1s=
Subject key identifier: 89:18:46:3D:76:17:9F:CB:32:99:13:4E:5E:11:73:2F:3A:E4:FD:4B
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA6CEC75CF4C536325153C6A8EAFAF501
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iRhGPXYXn8symRNOXhFzLzrk_Us.roa
Signing time: Tue 26 Dec 2023 15:46:58 +0000
ROA not before: Tue 26 Dec 2023 15:46:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205960
IP address blocks: 91.204.224.0/24 maxlen: 24
2.59.153.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:ce:c7:5c:f4:c5:36:32:51:53:c6:a8:ea:fa:f5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 15:46:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8918463d76179fcb3299134e5e11732f3ae4fd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b2:f5:29:83:a3:d6:3d:61:23:ea:82:1e:61:
9e:c2:85:79:27:ce:cb:35:f0:89:b2:81:47:e1:15:
01:83:20:e6:56:bb:95:a5:34:db:9c:ae:6a:84:40:
83:30:36:b5:8c:18:b7:72:04:42:f0:b6:72:08:7c:
30:36:48:f5:aa:c2:c8:16:c5:f3:ed:f3:38:61:85:
f3:6d:d0:d8:71:14:de:8c:61:c2:ae:d3:3b:18:fd:
41:16:51:54:56:ee:75:66:51:73:e8:81:a8:56:5c:
02:a4:81:74:44:e6:2b:03:3c:79:e5:6b:27:cd:3c:
7c:bd:99:fe:23:d0:65:fc:65:24:e5:2d:94:a7:6c:
ee:41:3f:93:50:eb:02:04:89:fe:34:65:e7:b2:bf:
54:47:f7:40:76:c7:59:ce:4a:25:0f:38:a3:ba:9e:
ae:98:6c:5d:57:7f:08:d2:34:f9:d0:7c:80:37:ef:
65:ab:8f:d7:12:e9:26:d1:79:37:5f:c3:d4:c4:04:
fb:77:7f:97:76:27:00:f3:d7:d6:ab:cb:f1:90:ad:
ce:85:bf:ef:47:fc:fe:2c:16:5f:56:bd:02:34:eb:
6c:cd:8b:a1:bf:99:fa:80:0b:f0:4d:ce:54:6a:58:
97:ec:e2:4f:97:a1:c2:7f:75:15:d3:4c:e9:b9:d9:
11:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:18:46:3D:76:17:9F:CB:32:99:13:4E:5E:11:73:2F:3A:E4:FD:4B
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iRhGPXYXn8symRNOXhFzLzrk_Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:4d:22:bf:e5:6d:35:08:5b:3a:69:9d:85:d9:3f:f0:3b:2d:
f5:e8:d9:6b:8d:7c:74:ef:1c:71:8c:22:14:c6:51:8c:91:06:
14:5c:1f:55:e5:a3:1c:98:e1:86:90:5d:e8:c4:a4:e0:dc:b6:
cd:09:05:39:37:67:01:04:24:0a:35:c1:8b:7c:a0:0b:f3:1d:
a3:eb:c8:55:eb:49:4d:c2:39:13:ae:82:96:05:8e:37:7e:30:
9f:87:d3:a0:95:75:a9:e1:11:5f:7a:67:9b:08:1e:c9:93:96:
15:86:b2:01:ed:fe:22:ef:99:d8:0e:6a:eb:26:ac:4b:b4:db:
00:15:25:8a:30:3e:38:0f:f8:2f:79:65:4f:ff:e3:93:c6:38:
61:31:60:cc:29:02:c0:33:7e:e1:eb:70:72:7f:ee:af:8f:f4:
d8:ae:dc:80:a4:b6:03:46:10:0e:59:e7:a2:17:07:8c:8b:cc:
fe:94:10:00:db:52:f3:63:df:dc:93:75:7a:39:c4:84:e3:5f:
dd:d9:3c:47:1f:6a:8e:6e:5a:77:8c:4a:38:1d:21:2e:53:78:
43:66:10:ba:74:6f:ea:6b:5e:80:fe:fd:36:fe:02:79:81:c4:
ce:63:d7:34:44:86:1c:02:08:ae:e8:53:8b:1b:f8:54:bb:76:
c6:c5:5c:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYymzsdc9MU2MlFTxqjq+vUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTU0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE4NDYzZDc2MTc5ZmNiMzI5OTEzNGU1ZTExNzMyZjNhZTRmZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybL1KYOj1j1hI+qCHmGewoV5J87L
NfCJsoFH4RUBgyDmVruVpTTbnK5qhECDMDa1jBi3cgRC8LZyCHwwNkj1qsLIFsXz
7fM4YYXzbdDYcRTejGHCrtM7GP1BFlFUVu51ZlFz6IGoVlwCpIF0ROYrAzx55Wsn
zTx8vZn+I9Bl/GUk5S2Up2zuQT+TUOsCBIn+NGXnsr9UR/dAdsdZzkolDzijup6u
mGxdV38I0jT50HyAN+9lq4/XEukm0Xk3X8PUxAT7d3+XdicA89fWq8vxkK3Ohb/v
R/z+LBZfVr0CNOtszYuhv5n6gAvwTc5UaliX7OJPl6HCf3UV00zpudkRNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIkYRj12F5/LMpkTTl4Rcy865P1LMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvaVJoR1BYWVhuOHN5bVJOT1hoRnpMenJrX1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQB/TSK/5W01
CFs6aZ2F2T/wOy316NlrjXx07xxxjCIUxlGMkQYUXB9V5aMcmOGGkF3oxKTg3LbN
CQU5N2cBBCQKNcGLfKAL8x2j68hV60lNwjkTroKWBY43fjCfh9OglXWp4RFfemeb
CB7Jk5YVhrIB7f4i75nYDmrrJqxLtNsAFSWKMD44D/gveWVP/+OTxjhhMWDMKQLA
M37h63Byf+6vj/TYrtyApLYDRhAOWeeiFweMi8z+lBAA21LzY9/ck3V6OcSE41/d
2TxHH2qOblp3jEo4HSEuU3hDZhC6dG/qa16A/v02/gJ5gcTOY9c0RIYcAgiu6FOL
G/hUu3bGxVzP
-----END CERTIFICATE-----
Generated at Tue Dec 26 19:24:26 2023 by rpki-client on console.sobornost.net