Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Cb13NcFfclpgsG0huNqqt5vg1Fw.roa
File: Cb13NcFfclpgsG0huNqqt5vg1Fw.roa (raw, json)
Hash identifier: mkZ3aXe/Jn3wGrwtBMxvHvV2tdVTbWjo2vP9cC8kLas=
Subject key identifier: 09:BD:77:35:C1:5F:72:5A:60:B0:6D:21:B8:DA:AA:B7:9B:E0:D4:5C
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0185700281F1994BB2D9B72E745E256E0376
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Cb13NcFfclpgsG0huNqqt5vg1Fw.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
185.24.140.0/22 maxlen: 22
88.213.224.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
217.181.128.0/17 maxlen: 17
37.97.80.0/23 maxlen: 23
185.6.92.0/22 maxlen: 22
178.255.160.0/21 maxlen: 21
37.97.96.0/20 maxlen: 20
195.135.0.0/17 maxlen: 17
217.74.96.0/20 maxlen: 20
195.135.0.0/18 maxlen: 18
185.65.248.0/22 maxlen: 22
157.143.128.0/17 maxlen: 17
81.93.0.0/19 maxlen: 19
217.181.250.0/23 maxlen: 23
109.235.232.0/21 maxlen: 21
109.235.232.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
185.32.208.0/22 maxlen: 22
80.251.96.0/20 maxlen: 20
178.157.16.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
178.157.32.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
185.8.252.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
2a0c:600::/29 maxlen: 29
2a02:c440::/29 maxlen: 29
2a02:6e8::/32 maxlen: 32
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:81:f1:99:4b:b2:d9:b7:2e:74:5e:25:6e:03:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09bd7735c15f725a60b06d21b8daaab79be0d45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dc:81:08:02:fe:d0:3d:4e:8b:a3:1d:47:a7:
82:36:09:f1:06:8d:0c:e4:2e:77:17:d1:89:37:7b:
91:f3:9d:6d:c6:13:8c:fb:cf:09:ca:8d:60:7e:2b:
bf:ae:f7:c8:35:be:16:a2:ec:2d:27:15:e5:42:99:
f2:75:7a:89:49:86:96:27:59:a9:43:c2:07:e5:42:
9b:03:e1:4d:84:86:07:3a:af:3d:96:60:99:66:eb:
c8:c7:fa:da:4c:67:8d:2f:c5:78:25:fb:92:8e:26:
0e:2b:1e:40:4d:0c:79:21:fa:ab:cd:6c:22:3a:07:
c9:8a:f5:14:7d:c9:f9:89:cf:54:0a:95:42:d7:8a:
06:d8:e5:a0:ea:a8:38:56:67:78:73:42:d2:80:83:
45:31:28:d3:f4:6b:61:33:e3:e3:ea:93:1c:cb:60:
95:37:43:d9:00:54:94:b2:8c:74:b0:2b:31:67:87:
a1:58:8a:8e:0c:49:ef:f0:1c:b5:de:d1:9c:3f:40:
50:2f:22:d2:7a:8a:28:35:94:44:ac:2e:0f:e6:0e:
60:2b:8b:c5:47:0e:4b:2f:39:b5:81:44:bd:18:3a:
6e:53:c1:39:e8:8d:60:9d:23:df:da:36:d4:b0:e9:
3b:7e:31:0c:93:2d:87:0d:77:68:01:a7:da:fd:fa:
57:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BD:77:35:C1:5F:72:5A:60:B0:6D:21:B8:DA:AA:B7:9B:E0:D4:5C
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Cb13NcFfclpgsG0huNqqt5vg1Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/21
157.143.128.0/17
178.157.16.0-178.157.47.255
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
b6:0c:b2:36:34:e7:1e:35:c6:52:e1:d3:75:ce:f6:e8:33:5b:
2b:66:82:3c:7d:72:7b:7e:5b:e8:11:25:ea:f6:03:d6:a6:f3:
7f:00:d1:00:01:02:2b:97:1d:a3:44:1a:97:fb:e3:b0:a0:43:
d8:9a:25:0a:58:79:05:a0:dc:b1:80:5b:7f:c6:2f:e9:ef:65:
04:fc:e1:7c:a8:2f:8a:cf:62:03:9f:af:2f:9c:4a:a2:6a:83:
f2:25:98:f8:08:a6:e1:d8:4a:9b:96:a6:ee:fb:ae:5a:80:ac:
db:8a:b1:a5:df:89:aa:a3:5d:a3:3e:91:d6:b2:42:d4:eb:b8:
b6:11:2f:d0:d5:f4:3f:ce:13:e3:f9:10:58:a1:14:07:1b:06:
7e:50:9b:90:61:fa:5e:4c:94:b3:ad:b2:c5:39:94:be:79:54:
a2:59:44:92:ec:6a:f6:58:87:05:42:41:23:22:57:62:fb:05:
a3:b0:bd:8a:58:fe:53:18:64:90:8b:d5:c4:79:c7:1a:f9:96:
4b:bd:12:bf:8e:c0:5a:2f:6e:17:58:1d:59:4e:0f:5d:6d:26:
ac:e6:52:86:0b:64:a9:04:dd:24:7d:67:8e:fa:5c:80:77:be:
7c:a1:ca:da:10:88:c4:db:7f:55:1e:8b:e1:61:db:f9:69:37:
3c:80:b1:d4
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYVwAoHxmUuy2bcudF4lbgN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJkNzczNWMxNWY3MjVhNjBiMDZkMjFiOGRhYWFiNzliZTBkNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptyBCAL+0D1Oi6MdR6eCNgnxBo0M
5C53F9GJN3uR851txhOM+88Jyo1gfiu/rvfINb4WouwtJxXlQpnydXqJSYaWJ1mp
Q8IH5UKbA+FNhIYHOq89lmCZZuvIx/raTGeNL8V4JfuSjiYOKx5ATQx5IfqrzWwi
OgfJivUUfcn5ic9UCpVC14oG2OWg6qg4Vmd4c0LSgINFMSjT9GthM+Pj6pMcy2CV
N0PZAFSUsox0sCsxZ4ehWIqODEnv8By13tGcP0BQLyLSeoooNZRErC4P5g5gK4vF
Rw5LLzm1gUS9GDpuU8E56I1gnSPf2jbUsOk7fjEMky2HDXdoAafa/fpXBQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFAm9dzXBX3JaYLBtIbjaqreb4NRcMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvQ2IxM05jRmZjbHBnc0cwaHVOcXF0NXZnMUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBggQCAAEwfDAMAwQG
JWFAAwQEJWFgAwQFQSdAAwQEUPtgAwQFUV0AAwQFWNXgAwQDbevoAwQHnY+AMAwD
BASynRADBASynSADBAOy/6ADBAK5BlwDBAK5CPwDBAK5GIwDBAK5INADBAK5KrAD
BAK5QfgDBAfDhwADBATZSmADBAfZtYAwIgQCAAIwHAMFACoCBugDBQMqAsRAAwUD
KgvjwAMFAyoMBgAwDQYJKoZIhvcNAQELBQADggEBALYMsjY05x41xlLh03XO9ugz
Wytmgjx9cnt+W+gRJer2A9am838A0QABAiuXHaNEGpf747CgQ9iaJQpYeQWg3LGA
W3/GL+nvZQT84XyoL4rPYgOfry+cSqJqg/IlmPgIpuHYSpuWpu77rlqArNuKsaXf
iaqjXaM+kdayQtTruLYRL9DV9D/OE+P5EFihFAcbBn5Qm5Bh+l5MlLOtssU5lL55
VKJZRJLsavZYhwVCQSMiV2L7BaOwvYpY/lMYZJCL1cR5xxr5lku9Er+OwFovbhdY
HVlOD11tJqzmUoYLZKkE3SR9Z476XIB3vnyhytoQiMTbf1Uei+Fh2/lpNzyAsdQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:32 2023 by rpki-client on console.sobornost.net