Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/q8emjZ0NjqxeCvgVQfnvXXPQhVc.roa
File: q8emjZ0NjqxeCvgVQfnvXXPQhVc.roa (raw, json)
Hash identifier: srDftj5Y6TVsCg370shbSi8ClNghT3ngognQkQ676oM=
Subject key identifier: AB:C7:A6:8D:9D:0D:8E:AC:5E:0A:F8:15:41:F9:EF:5D:73:D0:85:57
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 01856FF9648D7D3FA7F9243E4992A5B104F4
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/q8emjZ0NjqxeCvgVQfnvXXPQhVc.roa
Signing time: Mon 02 Jan 2023 00:54:53 +0000
ROA not before: Mon 02 Jan 2023 00:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49265
IP address blocks: 94.230.76.0/24 maxlen: 24
94.230.77.0/24 maxlen: 24
94.230.78.0/24 maxlen: 24
94.230.76.0/22 maxlen: 22
94.230.79.0/24 maxlen: 24
109.104.240.0/22 maxlen: 22
109.104.240.0/24 maxlen: 24
109.104.241.0/24 maxlen: 24
109.104.242.0/24 maxlen: 24
109.104.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:64:8d:7d:3f:a7:f9:24:3e:49:92:a5:b1:04:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 2 00:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abc7a68d9d0d8eac5e0af81541f9ef5d73d08557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f3:3b:96:95:99:10:c1:37:45:47:a4:f8:41:
97:cd:42:28:c6:43:0b:92:2b:cc:62:2b:06:98:e0:
53:8c:60:fb:2c:b7:b8:22:c3:c0:8e:cd:5d:5f:e8:
6f:28:0e:08:2e:e2:fa:b8:0a:fe:47:0e:a0:e6:25:
89:fb:48:c7:c1:ff:95:b6:84:41:89:18:14:8a:f3:
fd:74:25:f3:eb:a0:a4:ee:c4:ef:59:83:46:55:23:
99:8b:8f:b1:14:e9:db:82:da:7a:0e:b8:13:cc:5d:
ad:09:b8:50:db:68:98:c1:a5:69:96:61:46:62:b9:
6a:24:01:aa:72:26:8b:f4:60:64:2f:89:a5:72:bf:
2e:19:24:a7:8e:97:94:57:07:9f:7f:6b:47:e4:59:
5b:44:f6:20:cb:97:04:6a:01:ee:e5:c7:10:7c:58:
81:9c:63:04:22:0b:12:3f:cd:df:82:00:52:86:07:
b8:73:df:b1:60:b3:2c:a4:b2:73:e8:45:6a:1f:84:
85:a5:ed:79:1b:ea:d1:b5:4f:1e:a8:bc:d9:f4:e6:
13:5c:e1:30:e5:e2:2b:34:1c:af:72:0e:13:5b:39:
3a:96:11:d2:2c:a5:b7:69:a7:ee:3a:4a:c9:6c:e3:
6e:c6:c6:75:30:eb:9a:d5:98:7d:79:36:62:72:a0:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C7:A6:8D:9D:0D:8E:AC:5E:0A:F8:15:41:F9:EF:5D:73:D0:85:57
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/q8emjZ0NjqxeCvgVQfnvXXPQhVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.76.0/22
109.104.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:3a:4f:74:27:47:d0:d4:22:85:62:44:27:37:a9:4b:07:dc:
23:36:df:30:a0:c9:8b:fd:24:77:3b:8e:5d:2c:17:ae:a4:38:
f5:14:8d:67:a6:2b:c5:39:aa:7f:e7:47:27:96:ad:a6:02:41:
02:c5:9d:be:94:7b:a6:a7:d6:5e:b7:97:d7:22:ef:38:fd:9d:
a5:5d:82:99:a2:42:d7:3f:33:81:1a:96:d1:fb:0c:03:07:ce:
94:08:56:c7:cf:45:67:1b:34:13:ff:23:a5:e0:6d:3c:46:67:
0b:b1:10:22:91:90:a2:73:f1:e7:94:0a:e4:a5:9e:00:5f:cb:
02:85:26:c1:d3:e1:d9:10:6e:80:c1:64:e1:5f:53:45:e5:73:
96:08:17:c4:4c:f1:3a:5d:24:aa:1f:a8:22:55:4a:f7:a6:2e:
b8:1c:1d:56:34:44:0b:40:97:ce:57:2b:88:bc:af:27:75:5b:
b7:72:3b:49:f4:52:83:77:e3:a9:4e:de:62:89:5b:75:5d:09:
87:00:a1:86:86:15:59:4d:17:66:5f:1d:ef:97:07:39:58:7f:
37:5b:2d:50:79:ec:d5:4d:72:65:dd:54:2c:6c:76:f7:02:0d:
02:7c:ed:fc:e8:89:41:25:c7:12:0f:4e:88:2f:86:bd:09:7c:
b6:51:ef:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv+WSNfT+n+SQ+SZKlsQT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM3YTY4ZDlkMGQ4ZWFjNWUwYWY4MTU0MWY5ZWY1ZDczZDA4NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvM7lpWZEME3RUek+EGXzUIoxkML
kivMYisGmOBTjGD7LLe4IsPAjs1dX+hvKA4ILuL6uAr+Rw6g5iWJ+0jHwf+VtoRB
iRgUivP9dCXz66Ck7sTvWYNGVSOZi4+xFOnbgtp6DrgTzF2tCbhQ22iYwaVplmFG
YrlqJAGqciaL9GBkL4mlcr8uGSSnjpeUVweff2tH5FlbRPYgy5cEagHu5ccQfFiB
nGMEIgsSP83fggBShge4c9+xYLMspLJz6EVqH4SFpe15G+rRtU8eqLzZ9OYTXOEw
5eIrNByvcg4TWzk6lhHSLKW3aafuOkrJbONuxsZ1MOua1Zh9eTZicqD9rwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKvHpo2dDY6sXgr4FUH5711z0IVXMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvcThlbWpaME5qcXhlQ3ZnVlFmbnZYWFBRaFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXuZMAwQC
bWjwMA0GCSqGSIb3DQEBCwUAA4IBAQCkOk90J0fQ1CKFYkQnN6lLB9wjNt8woMmL
/SR3O45dLBeupDj1FI1npivFOap/50cnlq2mAkECxZ2+lHump9Zet5fXIu84/Z2l
XYKZokLXPzOBGpbR+wwDB86UCFbHz0VnGzQT/yOl4G08RmcLsRAikZCic/HnlArk
pZ4AX8sChSbB0+HZEG6AwWThX1NF5XOWCBfETPE6XSSqH6giVUr3pi64HB1WNEQL
QJfOVyuIvK8ndVu3cjtJ9FKDd+OpTt5iiVt1XQmHAKGGhhVZTRdmXx3vlwc5WH83
Wy1QeezVTXJl3VQsbHb3Ag0CfO386IlBJccSD06IL4a9CXy2Ue8u
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:05 2024 by rpki-client on console.sobornost.net