Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/vWAPFvNH2lct4mOgyvlEJMoags0.roa
File: vWAPFvNH2lct4mOgyvlEJMoags0.roa (raw, json)
Hash identifier: 9gbg9RbVyiXDx4e0nLdTIERp/8gWhXWXkHWppb7Waxk=
Subject key identifier: BD:60:0F:16:F3:47:DA:57:2D:E2:63:A0:CA:F9:44:24:CA:1A:82:CD
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 01856C53B3F149ACF47D5D386005EC16BCEE
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/vWAPFvNH2lct4mOgyvlEJMoags0.roa
Signing time: Sun 01 Jan 2023 07:55:02 +0000
ROA not before: Sun 01 Jan 2023 07:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209092
IP address blocks: 5.182.157.0/24 maxlen: 24
5.182.158.0/23 maxlen: 23
5.182.158.0/24 maxlen: 24
5.182.159.0/24 maxlen: 24
5.182.156.0/24 maxlen: 24
5.182.156.0/23 maxlen: 23
5.182.156.0/22 maxlen: 22
185.214.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:b3:f1:49:ac:f4:7d:5d:38:60:05:ec:16:bc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Jan 1 07:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd600f16f347da572de263a0caf94424ca1a82cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ce:bb:cc:29:30:75:e1:f8:60:fa:2d:7e:68:
d6:a5:53:f5:b8:31:83:5a:d0:43:26:d6:95:80:e6:
fc:91:cd:b7:23:c0:29:b6:0c:2e:dc:19:60:7d:9b:
6a:e2:46:e3:1a:fb:17:16:61:85:f9:d1:9f:98:7a:
2f:11:7d:6b:2d:f8:56:30:80:d9:23:e2:13:5b:c8:
3d:5a:86:30:1d:07:61:99:ec:6c:ca:c8:33:0e:7a:
d5:4c:0c:a3:26:cd:f9:6a:52:a8:51:8e:e7:42:ba:
e9:f7:96:78:9b:83:13:0c:c3:83:90:5b:ba:e9:75:
a5:b2:e5:ea:96:9a:9c:62:5e:a2:3a:12:45:d1:85:
79:8d:d2:83:96:c2:4b:f0:e1:f8:3f:6b:bb:36:5f:
cc:4a:83:24:e0:5d:89:6a:58:44:f7:94:ef:6a:21:
88:2d:3e:19:55:5d:48:b6:58:84:3b:f1:3a:87:ff:
4e:45:17:06:e4:92:ee:9b:3d:a1:46:46:5a:1f:1c:
aa:fc:ef:10:65:38:fc:bd:2b:69:2f:d3:bf:e3:fe:
ed:cc:9b:a7:00:f0:e6:0f:fc:bb:4d:ef:9c:8a:28:
95:36:d6:cd:35:56:7a:26:39:8b:f2:b4:b7:d5:5b:
ad:98:92:2e:60:5e:39:79:61:9e:a1:b9:b2:73:be:
ed:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:60:0F:16:F3:47:DA:57:2D:E2:63:A0:CA:F9:44:24:CA:1A:82:CD
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/vWAPFvNH2lct4mOgyvlEJMoags0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.156.0/22
185.214.55.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b0:bb:df:41:9c:fe:eb:b9:bb:cc:79:12:82:49:a8:0e:95:
ef:c7:b8:e4:b7:23:78:aa:ee:d1:c0:71:f6:90:b7:38:5f:32:
76:fb:7d:93:9c:44:5f:97:70:fe:2f:56:46:24:44:c3:e1:86:
2f:1c:71:1b:a1:df:3c:34:53:2a:ab:62:06:85:73:02:83:24:
58:1b:fc:da:76:2d:c7:3e:c8:85:56:43:fb:46:90:7a:b2:89:
56:d1:fa:03:04:f3:a0:20:7b:d0:cb:b4:51:3d:d5:a9:27:8b:
49:e2:c3:b2:af:1a:31:d7:e7:56:7f:70:34:16:2c:09:37:0b:
25:da:9c:bb:23:9a:64:3b:16:c3:b8:97:f9:bd:f3:5c:3e:6e:
9c:a2:02:c2:50:37:62:bf:05:af:0a:b8:98:f0:18:cd:e5:64:
13:b0:ce:23:85:04:2c:ec:c8:bf:47:9e:c3:8c:e5:f6:61:bf:
a1:76:d9:f7:3a:9a:25:06:df:43:61:5b:05:1f:ff:ed:16:5f:
4b:0b:75:be:d6:c1:ea:80:85:07:d6:b6:64:69:05:1a:84:ce:
67:f5:1d:32:7d:38:ad:c8:71:a3:d8:2b:16:65:99:6f:96:59:
82:3b:dc:64:2e:93:54:9e:a4:03:21:4e:e3:e7:35:fd:2c:2d:
da:86:9a:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU7PxSaz0fV04YAXsFrzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjMwMTAxMDc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDYwMGYxNmYzNDdkYTU3MmRlMjYzYTBjYWY5NDQyNGNhMWE4MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls67zCkwdeH4YPotfmjWpVP1uDGD
WtBDJtaVgOb8kc23I8Aptgwu3BlgfZtq4kbjGvsXFmGF+dGfmHovEX1rLfhWMIDZ
I+ITW8g9WoYwHQdhmexsysgzDnrVTAyjJs35alKoUY7nQrrp95Z4m4MTDMODkFu6
6XWlsuXqlpqcYl6iOhJF0YV5jdKDlsJL8OH4P2u7Nl/MSoMk4F2JalhE95TvaiGI
LT4ZVV1ItliEO/E6h/9ORRcG5JLumz2hRkZaHxyq/O8QZTj8vStpL9O/4/7tzJun
APDmD/y7Te+ciiiVNtbNNVZ6JjmL8rS31VutmJIuYF45eWGeobmyc77tmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL1gDxbzR9pXLeJjoMr5RCTKGoLNMB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvdldBUEZ2TkgybGN0NG1PZ3l2bEVKTW9hZ3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbacAwQA
udY3MA0GCSqGSIb3DQEBCwUAA4IBAQAisLvfQZz+67m7zHkSgkmoDpXvx7jktyN4
qu7RwHH2kLc4XzJ2+32TnERfl3D+L1ZGJETD4YYvHHEbod88NFMqq2IGhXMCgyRY
G/zadi3HPsiFVkP7RpB6solW0foDBPOgIHvQy7RRPdWpJ4tJ4sOyrxox1+dWf3A0
FiwJNwsl2py7I5pkOxbDuJf5vfNcPm6cogLCUDdivwWvCriY8BjN5WQTsM4jhQQs
7Mi/R57DjOX2Yb+hdtn3OpolBt9DYVsFH//tFl9LC3W+1sHqgIUH1rZkaQUahM5n
9R0yfTityHGj2CsWZZlvllmCO9xkLpNUnqQDIU7j5zX9LC3ahpqq
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net