Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/SeymoKaKdBY_iGz-qbq05mXl0zk.roa
File: SeymoKaKdBY_iGz-qbq05mXl0zk.roa (raw, json)
Hash identifier: THlDeJ13yYvMxaEiQX0VWWmv0MxvLbScou6qttm0g3k=
Subject key identifier: 49:EC:A6:A0:A6:8A:74:16:3F:88:6C:FE:A9:BA:B4:E6:65:E5:D3:39
Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Certificate serial: 01856B00A4B85F5F3C9650952FCAA20CB05F
Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/SeymoKaKdBY_iGz-qbq05mXl0zk.roa
Signing time: Sun 01 Jan 2023 01:44:42 +0000
ROA not before: Sun 01 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59882
IP address blocks: 185.153.210.0/24 maxlen: 24
185.153.208.0/22 maxlen: 22
185.153.211.0/24 maxlen: 24
185.153.208.0/24 maxlen: 24
185.153.209.0/24 maxlen: 24
2a07:88c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:a4:b8:5f:5f:3c:96:50:95:2f:ca:a2:0c:b0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Validity
Not Before: Jan 1 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49eca6a0a68a74163f886cfea9bab4e665e5d339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:df:37:57:56:90:91:ea:05:4d:10:9f:da:be:
c4:55:00:f2:7c:22:b6:f8:b4:de:ed:06:92:e0:d3:
5d:dc:20:9e:53:24:db:eb:6d:44:f2:b2:25:f7:13:
eb:6e:58:48:ee:92:ec:4f:40:09:78:70:51:3c:ee:
38:80:ef:28:b3:d6:32:3c:98:4e:9c:fb:02:ca:3f:
e2:3c:7b:ae:9b:93:c0:b6:3d:2d:44:86:61:93:da:
ee:35:f5:fa:88:e9:1a:c1:42:75:1a:da:bf:43:3c:
85:d6:dd:e3:a9:52:8d:5c:50:12:db:46:7e:f6:7c:
c3:53:c4:56:ea:fe:53:af:6f:6c:e7:a1:1d:e3:d1:
71:7f:4a:4c:64:37:0c:2d:d2:c8:f0:8b:96:0f:f6:
c6:a7:5b:b0:91:b6:06:c5:cb:92:a0:85:0f:84:60:
ed:18:3e:46:f0:d7:32:d5:e8:e0:21:05:96:6d:7e:
1d:d8:e3:e2:44:47:82:d3:ae:ac:e6:39:ea:ba:07:
85:4b:38:a2:24:43:cf:3a:99:52:a5:c4:3b:6d:c7:
e8:3a:c6:42:4e:2d:dd:be:25:54:71:64:8f:1a:98:
ea:22:cb:85:73:24:73:fc:c8:fa:01:cc:b9:47:b4:
6d:8a:9a:33:23:77:5c:69:2e:32:97:d9:0e:22:f9:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EC:A6:A0:A6:8A:74:16:3F:88:6C:FE:A9:BA:B4:E6:65:E5:D3:39
X509v3 Authority Key Identifier:
keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/SeymoKaKdBY_iGz-qbq05mXl0zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.208.0/22
IPv6:
2a07:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:c9:05:87:b3:9f:9d:51:5c:5d:5b:71:7d:87:d3:44:6b:e1:
3e:73:79:47:42:56:e3:62:f2:0c:55:ec:0d:62:d3:7b:07:90:
6b:58:38:d2:a4:5f:4a:c4:65:68:0c:ea:2d:2e:ce:49:b3:77:
12:cd:c5:29:8b:5b:be:4e:52:aa:f8:e0:f7:a4:9c:4b:d0:39:
a1:d3:7b:d2:76:a9:e5:88:d4:de:36:ae:27:09:d5:de:48:cc:
21:fe:02:44:94:08:f6:39:ae:41:b8:9b:2b:d7:04:0a:37:f1:
6b:8a:92:92:ca:5f:fb:f0:5f:a4:7d:5c:a3:13:71:e3:64:e6:
24:66:84:18:ce:ff:98:d9:4a:dc:58:3d:b5:5e:36:21:6e:b7:
5f:69:c5:01:7a:27:6d:fe:a2:95:d6:02:f9:66:be:1c:ed:c4:
15:6a:01:91:5f:63:6a:16:c4:4c:96:21:47:c2:42:28:63:19:
2d:44:7f:5f:33:b3:05:f5:63:3f:33:5f:3c:98:a5:c5:68:c2:
dc:b7:f3:b1:57:0e:e9:9c:ec:9f:e9:a8:97:d4:01:98:90:c5:
d0:59:42:49:31:28:83:99:dc:61:71:05:6b:fb:47:20:b5:39:
3f:78:ff:20:df:69:30:d0:b3:be:d0:8e:ce:1e:df:8a:1d:74:
d6:5a:bf:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrAKS4X188llCVL8qiDLBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODk2Y2QzZDhkMWEwNjk5ZGE1MjEwNTVkZmI1OGRjMDZk
ZGRmMzUwHhcNMjMwMTAxMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWVjYTZhMGE2OGE3NDE2M2Y4ODZjZmVhOWJhYjRlNjY1ZTVkMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t83V1aQkeoFTRCf2r7EVQDyfCK2
+LTe7QaS4NNd3CCeUyTb621E8rIl9xPrblhI7pLsT0AJeHBRPO44gO8os9YyPJhO
nPsCyj/iPHuum5PAtj0tRIZhk9ruNfX6iOkawUJ1Gtq/QzyF1t3jqVKNXFAS20Z+
9nzDU8RW6v5Tr29s56Ed49Fxf0pMZDcMLdLI8IuWD/bGp1uwkbYGxcuSoIUPhGDt
GD5G8Ncy1ejgIQWWbX4d2OPiREeC066s5jnqugeFSziiJEPPOplSpcQ7bcfoOsZC
Ti3dviVUcWSPGpjqIsuFcyRz/Mj6Acy5R7RtipozI3dcaS4yl9kOIvnmMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEnspqCminQWP4hs/qm6tOZl5dM5MB8GA1UdIwQY
MBaAFB+JbNPY0aBpnaUhBV37WNwG3d81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2It
YzMzMjc4MjJhMTM4LzEvU2V5bW9LYUtkQllfaUd6LXFicTA1bVhsMHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2ItYzMzMjc4MjJhMTM4
LzEvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZnQMA0E
AgACMAcDBQMqB4jAMA0GCSqGSIb3DQEBCwUAA4IBAQAVyQWHs5+dUVxdW3F9h9NE
a+E+c3lHQlbjYvIMVewNYtN7B5BrWDjSpF9KxGVoDOotLs5Js3cSzcUpi1u+TlKq
+OD3pJxL0Dmh03vSdqnliNTeNq4nCdXeSMwh/gJElAj2Oa5BuJsr1wQKN/FripKS
yl/78F+kfVyjE3HjZOYkZoQYzv+Y2UrcWD21XjYhbrdfacUBeidt/qKV1gL5Zr4c
7cQVagGRX2NqFsRMliFHwkIoYxktRH9fM7MF9WM/M188mKXFaMLct/OxVw7pnOyf
6aiX1AGYkMXQWUJJMSiDmdxhcQVr+0cgtTk/eP8g32kw0LO+0I7OHt+KHXTWWr9d
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:06 2024 by rpki-client on console.sobornost.net