Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/3owgS9mVGAzUSao1reqlYM6yINE.roa
File: 3owgS9mVGAzUSao1reqlYM6yINE.roa (raw, json)
Hash identifier: XL2L7Yn3H3V4mfXtFc88eIPsifUJG3HLA+6hYLqfgYI=
Subject key identifier: DE:8C:20:4B:D9:95:18:0C:D4:49:AA:35:AD:EA:A5:60:CE:B2:20:D1
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018570DE55D5A25565EA41B9C12BEE07461B
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/3owgS9mVGAzUSao1reqlYM6yINE.roa
Signing time: Mon 02 Jan 2023 05:04:57 +0000
ROA not before: Mon 02 Jan 2023 05:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34187
IP address blocks: 195.245.118.0/23 maxlen: 23
195.245.118.0/24 maxlen: 24
78.26.128.0/19 maxlen: 19
78.26.128.0/24 maxlen: 24
78.26.128.0/18 maxlen: 18
78.26.192.0/19 maxlen: 19
78.26.192.0/18 maxlen: 18
78.26.224.0/19 maxlen: 19
195.245.119.0/24 maxlen: 24
185.70.110.0/23 maxlen: 23
185.70.108.0/23 maxlen: 23
185.70.108.0/22 maxlen: 22
78.26.160.0/19 maxlen: 19
2a03:1240::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:55:d5:a2:55:65:ea:41:b9:c1:2b:ee:07:46:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 2 05:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de8c204bd995180cd449aa35adeaa560ceb220d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:22:9c:02:05:23:e9:37:ca:9e:58:00:cd:05:
65:0c:68:9d:da:00:88:da:b7:ff:d5:e2:2f:17:09:
d5:06:80:e3:be:bb:a7:11:7c:e1:37:5b:e2:a2:d0:
82:86:dd:b5:0a:97:05:d8:f9:e5:02:2b:5e:80:96:
1a:3b:2f:d1:e9:5b:88:18:18:ae:7b:e4:65:af:74:
c7:14:e8:0f:0f:96:cc:b3:4a:d1:38:ab:79:e1:27:
f4:1c:35:63:ce:e2:32:50:90:95:9a:2d:f5:1c:c2:
af:d2:2c:ab:f8:cf:a0:6f:88:63:69:1c:f6:9b:84:
3d:f0:b5:34:0f:7a:4c:ae:c9:be:ce:2c:50:61:55:
4a:b6:1b:c6:a0:22:fe:8d:9d:0b:b5:a6:b5:2a:ec:
f3:12:b1:25:44:cc:ef:26:5e:29:18:3a:96:4e:d9:
7d:e5:e5:7b:f2:2d:6b:6a:71:ed:17:aa:dc:27:c4:
1e:5f:1f:1f:b9:f6:48:90:bd:b2:11:9a:c3:b4:d5:
77:67:17:aa:a3:76:3a:91:13:5f:4e:d1:97:db:3d:
87:8f:ff:1f:a0:a2:c4:19:b9:da:7a:c2:82:6a:8c:
df:5e:52:24:e6:01:10:79:3a:59:b8:80:f8:66:b8:
e3:64:c0:88:9e:61:ce:8d:4e:97:5d:98:66:c9:79:
1b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8C:20:4B:D9:95:18:0C:D4:49:AA:35:AD:EA:A5:60:CE:B2:20:D1
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/3owgS9mVGAzUSao1reqlYM6yINE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.26.128.0/17
185.70.108.0/22
195.245.118.0/23
IPv6:
2a03:1240::/48
Signature Algorithm: sha256WithRSAEncryption
0f:9a:2f:c8:94:84:b9:f4:ff:57:88:2e:27:77:d6:cc:5f:f7:
85:23:32:a6:22:a2:0c:64:30:f1:28:46:2b:06:d9:03:11:cc:
32:fb:f8:ec:c2:f2:04:12:96:0d:a7:c7:d4:31:e6:0e:7a:cf:
89:0c:e8:47:fa:46:9b:53:f3:e0:d7:ed:bc:65:c7:03:1a:85:
b2:58:32:f0:21:7d:be:39:ca:a2:a8:15:99:0e:60:cc:30:3a:
81:c6:37:74:de:2f:10:2e:2f:81:76:2c:5b:c4:ec:52:05:e4:
3b:67:d2:5e:19:a3:77:ae:8b:e4:9a:da:de:06:b8:40:3a:19:
10:c7:20:8b:de:be:35:2f:2c:74:1d:90:1d:0f:a6:dd:31:4b:
59:22:5f:94:3a:bc:0a:36:69:7d:7d:d1:f3:f7:44:b0:eb:2e:
4d:fb:12:ba:1c:93:41:d5:d6:a0:9d:63:df:09:fa:88:56:90:
bf:b0:08:30:45:5e:ec:9e:5b:86:69:a4:8d:a5:40:3b:64:9e:
9a:51:b3:b3:ef:fe:2c:3e:d1:a1:7b:fc:34:42:c7:16:aa:0a:
99:24:ca:87:91:f8:5c:57:91:f0:8a:7d:99:c0:11:1c:cc:24:
6d:97:39:dd:a9:ba:fb:f7:a9:cc:4e:e1:d2:3c:bd:1b:42:07:
eb:83:97:4f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVw3lXVolVl6kG5wSvuB0YbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjMwMTAyMDUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThjMjA0YmQ5OTUxODBjZDQ0OWFhMzVhZGVhYTU2MGNlYjIyMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSKcAgUj6TfKnlgAzQVlDGid2gCI
2rf/1eIvFwnVBoDjvrunEXzhN1viotCCht21CpcF2PnlAitegJYaOy/R6VuIGBiu
e+Rlr3THFOgPD5bMs0rROKt54Sf0HDVjzuIyUJCVmi31HMKv0iyr+M+gb4hjaRz2
m4Q98LU0D3pMrsm+zixQYVVKthvGoCL+jZ0Ltaa1KuzzErElRMzvJl4pGDqWTtl9
5eV78i1ranHtF6rcJ8QeXx8fufZIkL2yEZrDtNV3Zxeqo3Y6kRNfTtGX2z2Hj/8f
oKLEGbnaesKCaozfXlIk5gEQeTpZuID4ZrjjZMCInmHOjU6XXZhmyXkbwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN6MIEvZlRgM1EmqNa3qpWDOsiDRMB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvM293Z1M5bVZHQXpVU2FvMXJlcWxZTTZ5SU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBAA+a
L8iUhLn0/1eILid31sxf94UjMqYiogxkMPEoRisG2QMRzDL7+OzC8gQSlg2nx9Qx
5g56z4kM6Ef6RptT8+DX7bxlxwMahbJYMvAhfb45yqKoFZkOYMwwOoHGN3TeLxAu
L4F2LFvE7FIF5Dtn0l4Zo3eui+Sa2t4GuEA6GRDHIIvevjUvLHQdkB0Ppt0xS1ki
X5Q6vAo2aX190fP3RLDrLk37Erock0HV1qCdY98J+ohWkL+wCDBFXuyeW4ZppI2l
QDtknppRs7Pv/iw+0aF7/DRCxxaqCpkkyoeR+FxXkfCKfZnAERzMJG2XOd2puvv3
qcxO4dI8vRtCB+uDl08=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:52 2024 by rpki-client on console.sobornost.net