Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/xA7WmtzwwHeoe0K7tGE2BaEfUEk.roa
File: xA7WmtzwwHeoe0K7tGE2BaEfUEk.roa (raw, json)
Hash identifier: vHkPKWIAtnmyr9j2qaMaocwhOY7hP7rn65FDd5TyyBM=
Subject key identifier: C4:0E:D6:9A:DC:F0:C0:77:A8:7B:42:BB:B4:61:36:05:A1:1F:50:49
Certificate issuer: /CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Certificate serial: 0189214CD5BF877ACFC921CF399CCA8CB2D2
Authority key identifier: CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/xA7WmtzwwHeoe0K7tGE2BaEfUEk.roa
Signing time: Tue 04 Jul 2023 14:27:10 +0000
ROA not before: Tue 04 Jul 2023 14:27:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51553
IP address blocks: 85.91.50.0/24 maxlen: 24
85.91.51.0/24 maxlen: 24
91.217.237.0/24 maxlen: 24
85.91.49.0/24 maxlen: 24
85.91.53.0/24 maxlen: 24
85.91.54.0/24 maxlen: 24
85.91.55.0/24 maxlen: 24
85.91.52.0/24 maxlen: 24
85.91.56.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:4c:d5:bf:87:7a:cf:c9:21:cf:39:9c:ca:8c:b2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Validity
Not Before: Jul 4 14:27:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c40ed69adcf0c077a87b42bbb4613605a11f5049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:e6:b0:7f:48:62:b4:9d:2e:e6:9a:17:71:
c8:06:f4:98:1a:e1:e1:ad:1b:1d:06:43:e7:8e:a4:
e7:f2:ae:da:69:82:a0:3c:de:16:87:e6:33:39:d2:
6c:42:26:4f:69:79:f1:80:b5:5b:b7:23:dc:8a:d2:
ee:09:40:f0:aa:4f:90:68:a3:63:8e:07:d8:74:24:
62:36:ed:0c:72:24:67:60:60:a9:db:f2:15:1e:41:
30:41:7c:d3:6b:54:34:0f:df:66:5f:9a:b3:ad:47:
5d:16:58:7b:de:a5:bc:4d:38:48:42:d2:3f:40:0a:
d0:6a:f0:5d:b9:99:0e:b4:78:3b:5f:29:ae:c1:a6:
9a:6b:a2:35:79:88:eb:10:99:f5:ed:bc:f2:99:a9:
6b:93:d9:9b:8d:14:9a:d8:55:58:3d:fc:1d:f0:c0:
ae:7c:86:28:d2:07:f3:50:e6:e3:6b:6c:f9:28:7d:
2b:d8:30:eb:b9:df:aa:f2:0f:4f:25:a8:cd:a4:fd:
a5:65:cc:f0:ae:b8:08:6d:db:88:9a:42:9c:0a:d0:
47:e8:bd:c0:c3:20:d6:a7:ef:c7:10:f5:a1:94:f6:
6b:94:d4:8a:09:7b:f4:ed:79:fe:f6:9b:a0:0d:aa:
e9:4c:44:a3:8d:f0:08:5a:74:b7:1c:17:37:94:59:
69:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0E:D6:9A:DC:F0:C0:77:A8:7B:42:BB:B4:61:36:05:A1:1F:50:49
X509v3 Authority Key Identifier:
keyid:CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/xA7WmtzwwHeoe0K7tGE2BaEfUEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.49.0-85.91.56.255
91.217.237.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:24:4e:6a:d9:e0:19:e7:fc:62:06:99:ae:eb:c1:e9:ab:45:
08:f0:24:bf:e6:33:02:58:c4:66:51:b1:e2:6d:d8:0d:b3:d2:
dc:95:e3:22:5c:9c:5d:7e:81:8a:d3:33:3a:32:17:40:51:b7:
46:73:6f:08:6a:20:32:cb:6e:c4:5b:01:4c:99:be:aa:5d:d4:
6f:da:e0:8c:44:f1:0d:60:85:92:cf:47:29:b6:a4:fa:25:05:
73:4f:47:3d:d5:9b:4f:22:b3:bb:17:55:ef:41:f0:1a:d9:97:
a6:f9:96:f2:0f:d8:31:bf:35:65:7c:09:d7:ce:12:b4:27:83:
24:33:0e:65:3c:2f:99:5c:42:80:c4:f3:38:e1:f6:9a:d3:06:
31:14:6c:da:46:f9:ff:72:f3:98:23:bb:0f:9c:96:4a:14:b1:
a9:8f:15:95:4c:8e:6f:a7:5a:87:14:e6:91:75:c6:1b:a5:55:
c5:aa:de:a7:2d:f8:9d:1b:fe:32:4c:1a:da:76:0c:dc:10:ac:
dd:49:f1:b9:c3:d9:7e:41:9c:9b:cb:79:28:e9:76:53:95:64:
c9:bc:e0:68:81:aa:03:2b:16:a0:8f:6d:9c:94:b1:53:7e:ab:
c0:1b:bb:23:1f:74:5f:e8:b6:34:28:49:7d:f7:4b:b3:23:95:
bc:f2:ba:e5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkhTNW/h3rPySHPOZzKjLLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODM3NWMzMjFkZWY5MjY1OTgzZTIxOTRkNDBiYTk3YWZl
N2YxY2MwHhcNMjMwNzA0MTQyNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBlZDY5YWRjZjBjMDc3YTg3YjQyYmJiNDYxMzYwNWExMWY1MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/DmsH9IYrSdLuaaF3HIBvSYGuHh
rRsdBkPnjqTn8q7aaYKgPN4Wh+YzOdJsQiZPaXnxgLVbtyPcitLuCUDwqk+QaKNj
jgfYdCRiNu0MciRnYGCp2/IVHkEwQXzTa1Q0D99mX5qzrUddFlh73qW8TThIQtI/
QArQavBduZkOtHg7Xymuwaaaa6I1eYjrEJn17bzymalrk9mbjRSa2FVYPfwd8MCu
fIYo0gfzUObja2z5KH0r2DDrud+q8g9PJajNpP2lZczwrrgIbduImkKcCtBH6L3A
wyDWp+/HEPWhlPZrlNSKCXv07Xn+9pugDarpTESjjfAIWnS3HBc3lFlpDQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMQO1prc8MB3qHtCu7RhNgWhH1BJMB8GA1UdIwQY
MBaAFM+DdcMh3vkmWYPiGU1Aupev5/HMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUt
ZTBjN2I5NmI1N2YyLzEveEE3V210end3SGVvZTBLN3RHRTJCYUVmVUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUtZTBjN2I5NmI1N2Yy
LzEvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVWzED
BABVWzgDBABb2e0wDQYJKoZIhvcNAQELBQADggEBALUkTmrZ4Bnn/GIGma7rwemr
RQjwJL/mMwJYxGZRseJt2A2z0tyV4yJcnF1+gYrTMzoyF0BRt0ZzbwhqIDLLbsRb
AUyZvqpd1G/a4IxE8Q1ghZLPRym2pPolBXNPRz3Vm08is7sXVe9B8BrZl6b5lvIP
2DG/NWV8CdfOErQngyQzDmU8L5lcQoDE8zjh9prTBjEUbNpG+f9y85gjuw+clkoU
samPFZVMjm+nWocU5pF1xhulVcWq3qct+J0b/jJMGtp2DNwQrN1J8bnD2X5BnJvL
eSjpdlOVZMm84GiBqgMrFqCPbZyUsVN+q8AbuyMfdF/otjQoSX33S7MjlbzyuuU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:22 2024 by rpki-client on console.sobornost.net