Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/XCeiAfVn6Jl9Wkq-92SjeCcFcqc.roa
File: XCeiAfVn6Jl9Wkq-92SjeCcFcqc.roa (raw, json)
Hash identifier: ymE/N+6wkYCwxkN1gy6xiqnzcEqYqAF2EH4NvoTuL3M=
Subject key identifier: 5C:27:A2:01:F5:67:E8:99:7D:5A:4A:BE:F7:64:A3:78:27:05:72:A7
Certificate issuer: /CN=019ad1824be546163b481fc49647a0508b226bf4
Certificate serial: 01857082CF5DB00005C6A79E5D2E0F22B8D1
Authority key identifier: 01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/XCeiAfVn6Jl9Wkq-92SjeCcFcqc.roa
Signing time: Mon 02 Jan 2023 03:24:58 +0000
ROA not before: Mon 02 Jan 2023 03:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59865
IP address blocks: 185.240.168.0/22 maxlen: 22
89.255.216.0/21 maxlen: 24
89.255.221.0/24 maxlen: 24
89.255.223.0/24 maxlen: 24
185.232.112.0/22 maxlen: 24
185.68.172.0/22 maxlen: 22
2a0c:8680::/29 maxlen: 32
2a03:2ca0:3135::/48 maxlen: 48
2a03:2ca0:255::/48 maxlen: 48
2a03:2ca0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:cf:5d:b0:00:05:c6:a7:9e:5d:2e:0f:22:b8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=019ad1824be546163b481fc49647a0508b226bf4
Validity
Not Before: Jan 2 03:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c27a201f567e8997d5a4abef764a378270572a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:46:1b:4b:29:ee:9b:85:e8:67:2c:f3:61:
1a:37:e7:f3:3c:bf:16:d5:8d:8a:45:7c:2e:4b:3e:
a7:1a:39:ea:3f:08:be:b4:83:7f:c4:8a:08:f4:02:
14:e1:66:0e:c0:1e:7f:40:17:81:16:f5:b7:ea:39:
de:d0:6b:5d:9d:5e:60:4e:8b:79:2f:32:2e:86:28:
cd:8f:f1:2d:7e:b6:d9:05:11:e2:d6:ce:55:4d:c7:
bc:8f:3d:d2:4e:01:26:df:31:11:8a:23:73:53:47:
c8:c5:0e:2e:a1:a0:8b:b4:d9:85:d9:69:89:41:2c:
06:b7:94:0b:2e:d9:16:30:fc:9a:22:a0:b0:e1:5d:
37:d2:cf:fa:4e:40:36:30:de:ab:21:f5:4f:4e:3b:
c8:ec:44:8f:1d:92:9d:93:3a:16:a7:1b:2f:29:6a:
87:33:e9:8f:f6:35:aa:05:82:dc:97:7d:a1:34:42:
49:a4:ec:12:47:d6:cf:da:16:3f:0f:81:5a:b7:0c:
7c:f7:87:a9:5b:d5:da:cb:f8:04:3a:26:0e:c7:d3:
e5:aa:c5:ab:9b:a9:93:57:72:77:f8:c7:9f:16:48:
d9:20:cf:c0:23:e3:d0:eb:9a:35:ad:d4:59:4b:a9:
8b:96:d3:40:97:49:0e:6e:b1:58:1e:85:6a:72:dc:
70:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:27:A2:01:F5:67:E8:99:7D:5A:4A:BE:F7:64:A3:78:27:05:72:A7
X509v3 Authority Key Identifier:
keyid:01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/XCeiAfVn6Jl9Wkq-92SjeCcFcqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/AZrRgkvlRhY7SB_ElkegUIsia_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.216.0/21
185.68.172.0/22
185.232.112.0/22
185.240.168.0/22
IPv6:
2a03:2ca0::/32
2a0c:8680::/29
Signature Algorithm: sha256WithRSAEncryption
0f:fe:22:a0:e6:a8:ac:c0:7f:cb:d3:ce:07:82:84:1e:6f:06:
6f:d2:d7:cd:6c:b0:58:a6:22:eb:bf:51:23:02:b6:1d:61:ab:
db:39:b3:af:b2:ca:93:c8:30:36:6a:95:74:24:16:2f:77:4d:
b9:39:35:6f:be:24:1a:84:b4:d2:a4:52:91:b8:14:25:f5:05:
45:46:cd:34:2e:a2:97:17:f6:9c:9d:3b:f5:b4:cf:19:b1:e1:
29:b7:f0:bf:e7:d0:77:91:7b:7c:83:86:ac:b8:04:5e:b8:0a:
b2:a7:aa:3b:3d:0b:13:0c:1e:a2:f6:e6:f6:4a:ee:a4:fd:52:
1b:b6:c2:7f:82:d2:b4:84:00:f2:60:5c:35:ed:af:22:fc:ad:
ff:f6:a5:65:3f:9f:53:62:9e:71:0c:a5:50:c4:36:8a:3c:98:
3e:df:ef:51:8e:b1:84:6e:59:13:49:47:55:b3:8f:4b:a1:4d:
c0:64:da:66:0c:56:ad:b7:dc:29:24:69:3a:e0:9c:90:f2:68:
f8:7c:13:5d:03:fe:d9:26:ba:29:64:31:97:52:69:5e:e4:7d:
35:0e:e2:72:25:b5:95:a7:16:3e:07:48:ce:85:a1:54:d6:d3:
e6:47:a2:97:7b:45:a5:b4:87:e5:ca:1f:49:cc:b4:c2:48:e8:
87:77:5a:7b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVwgs9dsAAFxqeeXS4PIrjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOWFkMTgyNGJlNTQ2MTYzYjQ4MWZjNDk2NDdhMDUwOGIy
MjZiZjQwHhcNMjMwMTAyMDMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI3YTIwMWY1NjdlODk5N2Q1YTRhYmVmNzY0YTM3ODI3MDU3MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJBGG0sp7puF6Gcs82EaN+fzPL8W
1Y2KRXwuSz6nGjnqPwi+tIN/xIoI9AIU4WYOwB5/QBeBFvW36jne0GtdnV5gTot5
LzIuhijNj/EtfrbZBRHi1s5VTce8jz3STgEm3zERiiNzU0fIxQ4uoaCLtNmF2WmJ
QSwGt5QLLtkWMPyaIqCw4V030s/6TkA2MN6rIfVPTjvI7ESPHZKdkzoWpxsvKWqH
M+mP9jWqBYLcl32hNEJJpOwSR9bP2hY/D4Fatwx894epW9Xay/gEOiYOx9PlqsWr
m6mTV3J3+MefFkjZIM/AI+PQ65o1rdRZS6mLltNAl0kObrFYHoVqctxwfwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFwnogH1Z+iZfVpKvvdko3gnBXKnMB8GA1UdIwQY
MBaAFAGa0YJL5UYWO0gfxJZHoFCLImv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMt
ZThlMTNiYjBlMDg0LzEvWENlaUFmVm42Smw5V2txLTkyU2plQ2NGY3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMtZThlMTNiYjBlMDg0
LzEvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDWf/YAwQC
uUSsAwQCuehwAwQCufCoMBQEAgACMA4DBQAqAyygAwUDKgyGgDANBgkqhkiG9w0B
AQsFAAOCAQEAD/4ioOaorMB/y9POB4KEHm8Gb9LXzWywWKYi679RIwK2HWGr2zmz
r7LKk8gwNmqVdCQWL3dNuTk1b74kGoS00qRSkbgUJfUFRUbNNC6ilxf2nJ079bTP
GbHhKbfwv+fQd5F7fIOGrLgEXrgKsqeqOz0LEwweovbm9krupP1SG7bCf4LStIQA
8mBcNe2vIvyt//alZT+fU2KecQylUMQ2ijyYPt/vUY6xhG5ZE0lHVbOPS6FNwGTa
ZgxWrbfcKSRpOuCckPJo+HwTXQP+2Sa6KWQxl1JpXuR9NQ7iciW1lacWPgdIzoWh
VNbT5keil3tFpbSH5cofScy0wkjoh3daew==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:48 2023 by rpki-client on console.sobornost.net