Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/Flqb0sLAivZPMyzId5iFfqSGdps.roa
File: Flqb0sLAivZPMyzId5iFfqSGdps.roa (raw, json)
Hash identifier: rHJEFX8JU0s81bqGc3qAEX5lhC7j9ur35VmffcG7sKQ=
Subject key identifier: 16:5A:9B:D2:C2:C0:8A:F6:4F:33:2C:C8:77:98:85:7E:A4:86:76:9B
Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial: 01856C7840873A7ED1092692DE9265A1D0AE
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/Flqb0sLAivZPMyzId5iFfqSGdps.roa
Signing time: Sun 01 Jan 2023 08:34:58 +0000
ROA not before: Sun 01 Jan 2023 08:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202414
IP address blocks: 194.54.138.0/23 maxlen: 24
194.54.136.0/23 maxlen: 24
185.1.129.0/24 maxlen: 24
2a0c:c9c0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:40:87:3a:7e:d1:09:26:92:de:92:65:a1:d0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
Validity
Not Before: Jan 1 08:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=165a9bd2c2c08af64f332cc87798857ea486769b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:02:71:60:bf:b8:06:af:8c:3b:66:4e:f9:99:
05:e0:67:9f:48:e5:ea:db:42:36:ec:ca:93:1c:50:
2a:6f:74:22:70:e3:e4:d2:df:f6:f2:c1:db:ad:57:
d7:aa:73:57:1b:4b:70:55:4e:af:12:4c:3d:61:0a:
34:76:39:f2:6b:ef:fe:1c:da:74:60:bb:16:47:d1:
d1:bc:b8:c6:37:2d:74:0a:0f:a7:cb:ef:2c:10:1e:
67:48:fc:47:c4:17:19:a7:21:7d:30:c4:46:d5:ff:
ae:27:82:ef:5c:bc:f8:70:02:86:ad:1e:b6:7b:98:
80:6d:57:38:ad:36:fa:99:ea:03:fc:0c:7d:b0:71:
b0:38:0c:73:37:8f:37:33:5e:9c:01:d2:e8:4f:90:
7c:25:6b:09:51:7f:65:21:a8:64:3b:4a:2d:72:65:
57:9d:5a:e9:ba:84:4c:ca:00:1f:c5:24:93:7c:87:
82:37:1a:e6:61:d9:fb:da:07:77:85:8d:f6:27:c6:
71:46:79:1d:79:9d:4c:69:5b:43:ba:b2:24:e7:79:
d5:17:6b:f0:c2:85:53:6a:4a:26:b4:b9:34:a9:79:
0c:77:ac:16:51:76:cd:87:7d:46:98:53:d2:b8:65:
fe:9a:5f:44:b2:64:2d:16:a2:62:38:5c:c8:58:1c:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5A:9B:D2:C2:C0:8A:F6:4F:33:2C:C8:77:98:85:7E:A4:86:76:9B
X509v3 Authority Key Identifier:
keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/Flqb0sLAivZPMyzId5iFfqSGdps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.129.0/24
194.54.136.0/22
IPv6:
2a0c:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:a2:80:f4:32:52:4e:b3:e1:2c:30:8f:17:d3:56:e5:21:71:
f6:b6:4d:cb:0d:2b:0a:75:b0:4b:6e:f3:fe:e0:98:b7:c3:e8:
6c:74:7e:c2:39:1f:96:3b:35:e2:ee:6f:45:3e:c5:cc:da:1c:
78:ca:b2:ce:d4:8f:74:68:d2:38:ca:14:d4:16:3e:e0:96:df:
a7:0e:ef:6a:ef:88:41:c0:a7:d3:e1:d7:2f:06:d0:12:38:c1:
96:d8:4e:91:bf:bd:40:37:1e:a5:dc:e9:87:14:cd:19:3b:ed:
b4:19:82:dd:5f:1e:c3:f3:3a:b4:a4:a9:59:7d:a0:83:65:8d:
67:75:14:68:75:8d:ef:18:30:58:5d:e9:ae:c4:c7:39:6f:5b:
ee:01:74:ba:8b:e3:89:03:df:ce:ad:dc:59:1f:b8:3d:a3:eb:
5a:d6:09:d7:09:d4:28:8d:6a:b2:d4:65:31:be:4f:4f:55:34:
ac:c2:03:c5:a1:ec:cd:a9:21:1a:20:58:04:4e:85:0e:c6:d2:
2d:15:fc:00:be:7e:d0:d9:bf:b8:39:9f:7b:e5:bc:a0:bf:2a:
fc:64:63:b3:62:bf:4a:ee:19:98:33:d7:52:56:91:88:35:b9:
0e:22:1f:12:c3:ec:8e:ba:52:13:16:96:9b:46:90:bb:51:8b:
91:ba:d6:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVseECHOn7RCSaS3pJlodCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjMwMTAxMDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjVhOWJkMmMyYzA4YWY2NGYzMzJjYzg3Nzk4ODU3ZWE0ODY3NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQJxYL+4Bq+MO2ZO+ZkF4GefSOXq
20I27MqTHFAqb3QicOPk0t/28sHbrVfXqnNXG0twVU6vEkw9YQo0djnya+/+HNp0
YLsWR9HRvLjGNy10Cg+ny+8sEB5nSPxHxBcZpyF9MMRG1f+uJ4LvXLz4cAKGrR62
e5iAbVc4rTb6meoD/Ax9sHGwOAxzN483M16cAdLoT5B8JWsJUX9lIahkO0otcmVX
nVrpuoRMygAfxSSTfIeCNxrmYdn72gd3hY32J8ZxRnkdeZ1MaVtDurIk53nVF2vw
woVTakomtLk0qXkMd6wWUXbNh31GmFPSuGX+ml9EsmQtFqJiOFzIWBzRFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBZam9LCwIr2TzMsyHeYhX6khnabMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvRmxxYjBzTEFpdlpQTXl6SWQ1aUZmcVNHZHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQGBAwQC
wjaIMA0EAgACMAcDBQMqDMnAMA0GCSqGSIb3DQEBCwUAA4IBAQBpooD0MlJOs+Es
MI8X01blIXH2tk3LDSsKdbBLbvP+4Ji3w+hsdH7COR+WOzXi7m9FPsXM2hx4yrLO
1I90aNI4yhTUFj7glt+nDu9q74hBwKfT4dcvBtASOMGW2E6Rv71ANx6l3OmHFM0Z
O+20GYLdXx7D8zq0pKlZfaCDZY1ndRRodY3vGDBYXemuxMc5b1vuAXS6i+OJA9/O
rdxZH7g9o+ta1gnXCdQojWqy1GUxvk9PVTSswgPFoezNqSEaIFgEToUOxtItFfwA
vn7Q2b+4OZ975bygvyr8ZGOzYr9K7hmYM9dSVpGINbkOIh8Sw+yOulITFpabRpC7
UYuRutal
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:26 2024 by rpki-client on console.sobornost.net