Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/t3UA8QsLvMS2K9Pj9K6ZPnNGghk.roa
File: t3UA8QsLvMS2K9Pj9K6ZPnNGghk.roa (raw, json)
Hash identifier: /onl8JWBY57mTEeqCLnF9o1Nas1q+Odpw8NxbO9MJM4=
Subject key identifier: B7:75:00:F1:0B:0B:BC:C4:B6:2B:D3:E3:F4:AE:99:3E:73:46:82:19
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C390E1AAA3FF5245A2FA2263C1B73E499
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/t3UA8QsLvMS2K9Pj9K6ZPnNGghk.roa
Signing time: Tue 05 Dec 2023 08:17:54 +0000
ROA not before: Tue 05 Dec 2023 08:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:0e:1a:aa:3f:f5:24:5a:2f:a2:26:3c:1b:73:e4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 5 08:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b77500f10b0bbcc4b62bd3e3f4ae993e73468219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:88:93:fa:01:70:ad:26:c6:93:b8:ea:53:
23:05:95:37:d9:e9:f6:1b:3e:a3:12:87:f4:cd:42:
c6:1c:88:b4:17:18:94:84:1a:a4:51:eb:81:1c:ee:
12:35:8c:d0:9c:c6:53:5a:20:ef:6d:58:21:9e:9f:
27:ef:82:14:af:77:99:47:93:40:4a:17:be:01:d6:
fc:c8:1a:08:8f:9c:19:e5:59:fc:e7:bf:35:d0:78:
96:65:66:75:d5:e0:e7:62:33:87:cd:1e:5d:2a:02:
3d:db:80:9d:3c:24:30:e3:e3:4e:6a:c9:4c:90:7c:
08:26:7e:22:ce:31:32:4b:a3:65:53:48:8d:10:59:
22:59:8f:de:f7:3c:0e:50:40:4a:d2:03:2f:0b:06:
c5:10:2f:8e:79:1d:b1:5e:a9:61:06:18:19:80:03:
08:e9:d3:b5:3d:2e:ab:29:3a:53:30:c4:a6:e2:9f:
ca:1e:0b:02:16:c5:0e:52:71:41:54:5e:81:34:f8:
a5:9f:2c:f9:d2:08:e5:1b:38:18:7d:d7:23:ff:c0:
02:02:ac:e3:ec:63:47:ce:8b:e3:a6:ee:37:ff:a6:
ee:e2:de:8b:13:27:88:c7:52:bb:24:1c:9b:ba:d0:
fe:55:c8:8d:9f:b4:c5:69:64:61:31:9d:54:fe:2f:
fa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:75:00:F1:0B:0B:BC:C4:B6:2B:D3:E3:F4:AE:99:3E:73:46:82:19
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/t3UA8QsLvMS2K9Pj9K6ZPnNGghk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:2b:68:e4:4a:9d:92:1a:2b:fe:97:30:60:0f:d9:7b:01:dc:
d5:cc:45:8c:5e:b3:6e:d2:b6:ab:63:e9:e7:c3:af:61:9b:5e:
55:7f:55:9e:d8:2c:88:13:9e:1b:dc:24:18:ca:07:35:73:09:
b0:f4:dc:dc:46:36:0a:35:c4:46:38:ce:a7:f2:84:1e:45:9f:
71:e2:dd:06:8b:24:ae:05:7f:c0:d3:dd:df:09:de:7a:7a:0d:
b5:bf:8f:50:59:84:cf:be:26:b9:77:8d:db:81:84:ac:22:32:
8c:9a:27:b8:72:e6:19:a6:4a:31:6d:59:fd:6f:a5:f0:b1:94:
67:49:cf:49:14:fb:33:6c:42:68:a0:31:a1:22:b5:38:00:1c:
bd:c5:2e:1b:25:cd:59:3a:40:7e:c8:cd:65:da:76:0a:4d:90:
4f:70:e6:1f:4f:82:79:e9:dc:bf:5f:ea:61:57:9f:4f:32:57:
db:9c:dd:b6:79:4b:22:de:7b:3a:c7:12:5a:8d:fc:eb:56:03:
c8:d2:ed:45:5e:df:45:df:7c:25:be:61:db:92:02:db:6b:84:
1f:a4:26:88:e0:dc:e5:1b:e2:52:f4:37:c0:3e:79:27:76:78:
88:62:1c:67:76:61:d6:07:9f:e4:4a:8d:58:42:35:9c:ef:d1:
3e:26:0d:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw5DhqqP/UkWi+iJjwbc+SZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjA1MDgxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzc1MDBmMTBiMGJiY2M0YjYyYmQzZTNmNGFlOTkzZTczNDY4MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLOIk/oBcK0mxpO46lMjBZU32en2
Gz6jEof0zULGHIi0FxiUhBqkUeuBHO4SNYzQnMZTWiDvbVghnp8n74IUr3eZR5NA
She+Adb8yBoIj5wZ5Vn857810HiWZWZ11eDnYjOHzR5dKgI924CdPCQw4+NOaslM
kHwIJn4izjEyS6NlU0iNEFkiWY/e9zwOUEBK0gMvCwbFEC+OeR2xXqlhBhgZgAMI
6dO1PS6rKTpTMMSm4p/KHgsCFsUOUnFBVF6BNPilnyz50gjlGzgYfdcj/8ACAqzj
7GNHzovjpu43/6bu4t6LEyeIx1K7JBybutD+VciNn7TFaWRhMZ1U/i/6PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLd1APELC7zEtivT4/SumT5zRoIZMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdDNVQThRc0x2TVMySzlQajlLNlpQbk5HZ2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQAfK2jkSp2SGiv+lzBgD9l7AdzVzEWMXrNu
0rarY+nnw69hm15Vf1We2CyIE54b3CQYygc1cwmw9NzcRjYKNcRGOM6n8oQeRZ9x
4t0GiySuBX/A093fCd56eg21v49QWYTPvia5d43bgYSsIjKMmie4cuYZpkoxbVn9
b6XwsZRnSc9JFPszbEJooDGhIrU4ABy9xS4bJc1ZOkB+yM1l2nYKTZBPcOYfT4J5
6dy/X+phV59PMlfbnN22eUsi3ns6xxJajfzrVgPI0u1FXt9F33wlvmHbkgLba4Qf
pCaI4NzlG+JS9DfAPnkndniIYhxndmHWB5/kSo1YQjWc79E+Jg26
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net