Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/oq-cXXMhpyfOcfBRl5-AwhTBpnY.roa
File: oq-cXXMhpyfOcfBRl5-AwhTBpnY.roa (raw, json)
Hash identifier: Fcvb4IwAms4klLHvEs4oG4fpKlfaoZexcNXxauTngzI=
Subject key identifier: A2:AF:9C:5D:73:21:A7:27:CE:71:F0:51:97:9F:80:C2:14:C1:A6:76
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 01856C1CC231E114929E0CB756B4939F8700
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/oq-cXXMhpyfOcfBRl5-AwhTBpnY.roa
Signing time: Sun 01 Jan 2023 06:55:01 +0000
ROA not before: Sun 01 Jan 2023 06:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8326
IP address blocks: 212.122.192.0/20 maxlen: 20
212.122.208.0/21 maxlen: 21
46.239.128.0/20 maxlen: 20
89.191.128.0/20 maxlen: 20
82.146.224.0/19 maxlen: 19
2001:908::/30 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c2:31:e1:14:92:9e:0c:b7:56:b4:93:9f:87:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 06:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2af9c5d7321a727ce71f051979f80c214c1a676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:72:5c:cd:45:01:73:a5:70:f6:c5:3a:b5:95:
94:1f:c6:e2:08:d5:08:6e:6e:f0:ce:a4:ed:63:12:
b2:e8:5a:40:c1:e3:19:65:bd:bb:8a:3c:80:ab:93:
6c:ef:3e:93:56:ab:d9:53:bc:7a:75:7e:e8:b0:a9:
98:87:53:3d:74:5a:93:87:22:79:06:79:f4:92:28:
a4:55:01:57:fa:90:f2:5d:61:bf:3a:80:7e:91:fb:
1a:87:8b:b7:60:3d:77:76:06:15:96:8e:f2:c8:0b:
ee:fe:a4:66:9a:05:36:2a:7c:82:1d:91:cd:b1:2c:
69:97:03:e8:8f:b2:0b:b1:06:3b:71:40:56:51:3c:
43:3b:38:45:57:e7:8b:27:52:8b:f1:90:7f:9f:24:
0a:ca:ae:d5:20:58:c6:1b:f5:4f:f3:85:f3:a8:a5:
cb:b1:f8:00:bb:3e:17:f8:cf:db:81:b3:08:5d:27:
3c:7f:42:e1:bd:91:38:d4:e8:4a:c6:dc:36:8c:de:
91:2f:1b:2c:5c:ac:c7:60:2e:e3:23:60:2e:90:87:
7c:2d:2f:58:4f:30:f7:0b:b3:ee:a2:c4:8d:f4:47:
0f:2e:1d:e8:f6:bd:7f:42:b1:bc:47:bd:48:df:63:
e8:ba:cb:dd:89:8e:0a:fc:a5:52:c0:0c:eb:da:86:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AF:9C:5D:73:21:A7:27:CE:71:F0:51:97:9F:80:C2:14:C1:A6:76
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/oq-cXXMhpyfOcfBRl5-AwhTBpnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.239.128.0/20
82.146.224.0/19
89.191.128.0/20
212.122.192.0-212.122.215.255
IPv6:
2001:908::/30
Signature Algorithm: sha256WithRSAEncryption
9f:a1:4d:9f:ea:6d:71:d7:b7:d5:87:24:8a:fb:99:70:a9:f7:
4f:78:c1:78:85:37:12:7a:bd:a9:4f:cb:33:43:13:6e:5b:54:
82:83:c8:cf:fc:70:1c:5b:3c:ae:66:de:ad:66:c9:f1:ea:d7:
b9:9d:93:7f:dc:ba:29:ed:6d:31:e6:92:86:c7:11:91:5c:57:
67:d6:97:41:7d:75:df:e4:7c:91:f6:5e:8e:02:45:b8:cb:b3:
ff:a4:18:c3:e2:56:9b:44:e2:ee:a8:b4:0e:09:0c:1e:a6:aa:
22:0d:58:b0:35:65:e8:ac:3c:07:98:dc:c4:41:97:56:c6:49:
31:7f:1f:24:ab:62:5a:85:18:35:53:2d:c7:c5:66:5c:6d:bc:
30:8a:cd:5b:17:fa:b0:71:af:2f:cb:82:82:86:cd:22:f7:e8:
14:8f:2e:2e:5d:29:9d:b4:05:d4:73:0c:9e:16:a1:24:ec:bf:
ee:ab:dd:51:e3:a2:73:1e:77:30:6a:9c:fe:0e:23:fa:17:48:
03:05:34:5b:ef:89:ba:24:66:ba:54:71:97:ce:1e:60:b5:fb:
72:d0:d1:5a:6d:df:ba:8f:e8:93:64:39:83:1b:bc:b0:d0:6d:
1d:5b:6b:b1:5f:d3:ac:f4:19:58:4c:d4:25:83:a6:69:aa:8e:
8f:69:71:c6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVsHMIx4RSSngy3VrSTn4cAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjMwMTAxMDY1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFmOWM1ZDczMjFhNzI3Y2U3MWYwNTE5NzlmODBjMjE0YzFhNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3JczUUBc6Vw9sU6tZWUH8biCNUI
bm7wzqTtYxKy6FpAweMZZb27ijyAq5Ns7z6TVqvZU7x6dX7osKmYh1M9dFqThyJ5
Bnn0kiikVQFX+pDyXWG/OoB+kfsah4u3YD13dgYVlo7yyAvu/qRmmgU2KnyCHZHN
sSxplwPoj7ILsQY7cUBWUTxDOzhFV+eLJ1KL8ZB/nyQKyq7VIFjGG/VP84XzqKXL
sfgAuz4X+M/bgbMIXSc8f0LhvZE41OhKxtw2jN6RLxssXKzHYC7jI2AukId8LS9Y
TzD3C7PuosSN9EcPLh3o9r1/QrG8R71I32PousvdiY4K/KVSwAzr2oaAoQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKKvnF1zIacnznHwUZefgMIUwaZ2MB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvb3EtY1hYTWhweWZPY2ZCUmw1LUF3aFRCcG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQELu+AAwQF
UpLgAwQEWb+AMAwDBAbUesADBAPUetAwDQQCAAIwBwMFAiABCQgwDQYJKoZIhvcN
AQELBQADggEBAJ+hTZ/qbXHXt9WHJIr7mXCp9094wXiFNxJ6valPyzNDE25bVIKD
yM/8cBxbPK5m3q1myfHq17mdk3/cuintbTHmkobHEZFcV2fWl0F9dd/kfJH2Xo4C
RbjLs/+kGMPiVptE4u6otA4JDB6mqiINWLA1ZeisPAeY3MRBl1bGSTF/HySrYlqF
GDVTLcfFZlxtvDCKzVsX+rBxry/LgoKGzSL36BSPLi5dKZ20BdRzDJ4WoSTsv+6r
3VHjonMedzBqnP4OI/oXSAMFNFvvibokZrpUcZfOHmC1+3LQ0Vpt37qP6JNkOYMb
vLDQbR1ba7Ff06z0GVhM1CWDpmmqjo9pccY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:31 2024 by rpki-client on console.sobornost.net