Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/o5FjrQWR7xzl64QGEFtwbTPikck.roa
File: o5FjrQWR7xzl64QGEFtwbTPikck.roa (raw, json)
Hash identifier: QOqIMVDfTz5bhl2LYhm23SLT2MA2+Nfmq2nC4PO+glM=
Subject key identifier: A3:91:63:AD:05:91:EF:1C:E5:EB:84:06:10:5B:70:6D:33:E2:91:C9
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 01856D9D177E866913C3352189D2DA9550AD
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/o5FjrQWR7xzl64QGEFtwbTPikck.roa
Signing time: Sun 01 Jan 2023 13:54:49 +0000
ROA not before: Sun 01 Jan 2023 13:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203459
IP address blocks: 185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:17:7e:86:69:13:c3:35:21:89:d2:da:95:50:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Jan 1 13:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a39163ad0591ef1ce5eb8406105b706d33e291c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f9:9f:1f:c0:0e:1d:a4:52:ef:5f:ab:a5:97:
f1:f9:ee:53:62:32:e0:d3:71:54:5e:2f:76:12:2b:
d6:84:0e:9b:37:e0:15:c7:9b:9c:e3:2b:04:dd:61:
ce:b8:06:d0:a8:f8:44:4b:5a:51:55:34:87:c0:ee:
aa:63:69:22:ab:55:fe:ec:eb:a2:b2:e0:9d:d1:0f:
ec:74:a6:70:eb:23:e1:4b:41:31:50:07:8f:35:87:
fa:63:ae:4c:24:79:25:16:69:9c:64:e3:f2:be:c6:
86:00:e5:16:96:d9:e6:2a:5a:26:57:95:41:1d:ee:
08:c6:20:c8:83:cc:92:97:ef:03:38:68:df:19:b4:
17:09:9b:cc:ea:a3:1a:c3:dc:22:7f:28:b7:8a:8f:
9a:a9:96:c5:0d:f6:4f:db:5b:5a:a1:7c:ea:aa:50:
d8:f7:6f:ce:53:a2:e9:4a:42:19:36:cc:a4:40:cb:
e7:6d:5f:01:f6:32:5b:2c:55:8d:8d:01:36:64:4c:
82:b4:93:66:4c:c2:70:92:fe:40:dd:52:e8:b0:ea:
fa:f1:29:82:ee:ed:98:d7:cf:ec:de:d6:ab:1a:62:
d7:7e:8b:26:77:ab:d4:10:37:44:7d:6b:08:48:7d:
1c:79:0d:11:1f:da:c1:63:d2:9b:30:38:57:28:40:
fd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:91:63:AD:05:91:EF:1C:E5:EB:84:06:10:5B:70:6D:33:E2:91:C9
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/o5FjrQWR7xzl64QGEFtwbTPikck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.224.0/22
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:0f:fe:e2:56:80:dc:b4:c3:e9:d2:47:77:65:33:58:ad:70:
ab:b7:dc:78:e0:c3:70:d3:b2:4f:ef:49:20:b2:89:8f:2c:6b:
d9:8c:61:fd:57:93:a8:77:3f:39:28:5c:2e:99:68:a8:a6:a3:
f3:44:9a:85:db:77:8f:73:3f:54:77:4f:6e:69:9d:14:9f:2a:
dc:c3:e5:54:dd:94:f5:27:3b:d1:d1:c7:41:21:7e:6e:be:9e:
a3:ed:6a:98:bd:da:43:94:52:b4:6e:ca:79:c1:4c:55:96:e4:
ff:c4:eb:6d:86:29:08:85:ad:a4:21:f1:0e:dc:89:e9:79:e6:
ec:6c:3f:9e:f9:7a:eb:d6:87:bd:6f:29:d8:dc:e0:1f:b1:46:
74:d7:52:a0:b6:2b:7f:ed:6f:96:9b:d2:00:2e:45:a8:20:ff:
49:72:e2:9d:32:66:60:8f:68:fb:35:26:4c:62:d9:8c:66:ab:
f9:ee:c4:a9:22:6c:2a:ac:d3:0e:e2:e1:a4:02:15:26:67:0c:
8b:ac:d9:e5:13:f8:14:4e:21:42:7c:ac:f9:b9:8c:b0:3a:ed:
de:fe:b7:71:c0:b0:e4:01:f2:f4:3f:7d:af:6f:3e:2e:e9:0b:
d4:fb:32:d0:be:62:56:c0:1b:4a:62:87:b9:c6:e6:3c:24:09:
d3:21:9e:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtnRd+hmkTwzUhidLalVCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjMwMTAxMTM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkxNjNhZDA1OTFlZjFjZTVlYjg0MDYxMDViNzA2ZDMzZTI5MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPmfH8AOHaRS71+rpZfx+e5TYjLg
03FUXi92EivWhA6bN+AVx5uc4ysE3WHOuAbQqPhES1pRVTSHwO6qY2kiq1X+7Oui
suCd0Q/sdKZw6yPhS0ExUAePNYf6Y65MJHklFmmcZOPyvsaGAOUWltnmKlomV5VB
He4IxiDIg8ySl+8DOGjfGbQXCZvM6qMaw9wifyi3io+aqZbFDfZP21taoXzqqlDY
92/OU6LpSkIZNsykQMvnbV8B9jJbLFWNjQE2ZEyCtJNmTMJwkv5A3VLosOr68SmC
7u2Y18/s3tarGmLXfosmd6vUEDdEfWsISH0ceQ0RH9rBY9KbMDhXKED9pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKORY60Fke8c5euEBhBbcG0z4pHJMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvbzVGanJRV1I3eHpsNjRRR0VGdHdiVFBpa2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYXgMA0E
AgACMAcDBQMqBn/AMA0GCSqGSIb3DQEBCwUAA4IBAQAaD/7iVoDctMPp0kd3ZTNY
rXCrt9x44MNw07JP70kgsomPLGvZjGH9V5Oodz85KFwumWiopqPzRJqF23ePcz9U
d09uaZ0Unyrcw+VU3ZT1JzvR0cdBIX5uvp6j7WqYvdpDlFK0bsp5wUxVluT/xOtt
hikIha2kIfEO3InpeebsbD+e+Xrr1oe9bynY3OAfsUZ011Kgtit/7W+Wm9IALkWo
IP9JcuKdMmZgj2j7NSZMYtmMZqv57sSpImwqrNMO4uGkAhUmZwyLrNnlE/gUTiFC
fKz5uYywOu3e/rdxwLDkAfL0P32vbz4u6QvU+zLQvmJWwBtKYoe5xuY8JAnTIZ6m
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:30 2023 by rpki-client on console.sobornost.net