Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/O04WJnX_syIStP0739VJQJp3tAc.roa
File: O04WJnX_syIStP0739VJQJp3tAc.roa (raw, json)
Hash identifier: Ty4JlAlfaKY53lTUdMlwTXiWdlMgrm9sOXXI6/AQ6g4=
Subject key identifier: 3B:4E:16:26:75:FF:B3:22:12:B4:FD:3B:DF:D5:49:40:9A:77:B4:07
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 01856F9E028D3597A78E271C011A1F536E10
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/O04WJnX_syIStP0739VJQJp3tAc.roa
Signing time: Sun 01 Jan 2023 23:15:04 +0000
ROA not before: Sun 01 Jan 2023 23:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44092
IP address blocks: 185.191.105.0/24 maxlen: 24
185.191.104.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
185.56.156.0/22 maxlen: 24
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
185.215.144.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
185.215.145.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
185.248.227.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.200.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.116.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a0b:7b80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:02:8d:35:97:a7:8e:27:1c:01:1a:1f:53:6e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jan 1 23:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b4e162675ffb32212b4fd3bdfd549409a77b407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:42:49:5a:31:8f:51:f2:05:50:a0:a1:f0:6c:
68:ce:36:f9:aa:db:3f:4b:42:d6:58:74:66:66:b1:
d2:28:4f:8c:16:54:6d:a4:37:88:42:99:6a:73:02:
19:15:d1:c9:dc:52:58:ed:6c:fa:46:19:48:15:83:
b2:30:fa:16:5d:eb:c8:c1:50:c7:9f:8d:f8:e3:01:
8e:70:e6:90:0a:c0:63:35:4c:0e:00:5a:28:04:7c:
e2:d1:c7:20:77:16:db:79:83:7a:86:92:3d:b1:fd:
f4:3a:e0:e4:46:19:d3:fa:18:34:31:29:11:2d:30:
53:6f:7e:0f:16:08:bd:ac:8e:09:d7:96:00:90:b9:
58:13:a8:9a:3c:d9:3c:84:44:1a:06:32:24:bc:14:
d2:14:c6:31:2c:f9:cf:78:61:05:c1:0c:81:ee:df:
26:da:18:69:76:03:e2:a9:4c:b3:df:39:46:38:01:
4c:50:6b:80:54:f8:ba:f3:11:24:d8:01:a3:19:ff:
b4:8a:d9:b2:02:ff:01:da:1b:85:8e:41:eb:c7:6c:
4e:4e:68:de:c6:3c:24:e3:23:a1:70:d3:99:b6:17:
e5:78:30:e1:94:46:7e:52:26:19:e1:71:9e:7b:cd:
e5:28:5a:96:2f:ef:ca:52:0f:e0:c1:fc:34:24:84:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:16:26:75:FF:B3:22:12:B4:FD:3B:DF:D5:49:40:9A:77:B4:07
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/O04WJnX_syIStP0739VJQJp3tAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
185.56.156.0/22
185.171.232.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.248.227.0/24
188.191.56.0/22
IPv6:
2a02:53e0::/32
2a0b:7b80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:b6:a3:e1:db:cb:01:0e:48:fb:f2:df:d1:0a:75:6b:61:e2:
6e:40:c6:7c:79:d8:f2:dd:17:0d:41:e2:36:17:a2:94:f5:04:
1b:05:1a:f9:5d:a1:7d:16:b1:6c:f9:69:4e:0b:8d:db:2f:a0:
da:b8:60:25:b2:3a:ba:65:55:c6:ab:81:87:01:ec:59:fa:bc:
f9:ad:0b:73:8f:1a:29:f9:91:17:d3:17:61:a9:c4:e3:ba:34:
d1:f6:87:3e:23:d5:20:bd:ec:20:3f:21:5a:b4:17:02:89:e5:
b7:56:47:54:8e:90:78:26:ce:15:96:b3:ba:24:9f:4f:aa:8e:
cd:80:8d:54:b6:80:30:84:27:c4:aa:0f:1c:ae:38:5b:cc:f2:
6c:08:67:41:00:e9:e2:eb:c4:99:8a:cb:ff:b0:3d:27:fe:a0:
45:ea:5e:9c:db:28:ae:b5:fe:95:3d:21:d5:a2:e9:53:2d:fe:
5e:0f:f9:96:1d:f4:c0:71:2e:0e:e1:1f:d1:fa:85:ad:97:92:
c8:3e:53:6e:1a:df:f4:aa:a9:18:b8:83:cb:f0:2b:00:0e:06:
26:ec:8c:26:21:53:02:44:5d:aa:66:c9:3d:e5:07:62:46:38:
57:fb:ba:b3:39:3c:a6:9d:47:22:3d:24:12:b6:46:3e:b8:42:
de:99:05:bb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVvngKNNZenjiccARofU24QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjMwMTAxMjMxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlMTYyNjc1ZmZiMzIyMTJiNGZkM2JkZmQ1NDk0MDlhNzdiNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEJJWjGPUfIFUKCh8Gxozjb5qts/
S0LWWHRmZrHSKE+MFlRtpDeIQplqcwIZFdHJ3FJY7Wz6RhlIFYOyMPoWXevIwVDH
n4344wGOcOaQCsBjNUwOAFooBHzi0ccgdxbbeYN6hpI9sf30OuDkRhnT+hg0MSkR
LTBTb34PFgi9rI4J15YAkLlYE6iaPNk8hEQaBjIkvBTSFMYxLPnPeGEFwQyB7t8m
2hhpdgPiqUyz3zlGOAFMUGuAVPi68xEk2AGjGf+0itmyAv8B2huFjkHrx2xOTmje
xjwk4yOhcNOZthfleDDhlEZ+UiYZ4XGee83lKFqWL+/KUg/gwfw0JIRScQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDtOFiZ1/7MiErT9O9/VSUCad7QHMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvTzA0V0puWF9zeUlTdFAwNzM5VkpRSnAzdEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCLZHIAwQE
TfKAAwQCVdDIAwQBWSVGAwQCuTicAwQCuavoAwQCub9oAwQCudeQAwQCudt0AwQA
ufjjAwQCvL84MBQEAgACMA4DBQAqAlPgAwUDKgt7gDANBgkqhkiG9w0BAQsFAAOC
AQEAaraj4dvLAQ5I+/Lf0Qp1a2HibkDGfHnY8t0XDUHiNheilPUEGwUa+V2hfRax
bPlpTguN2y+g2rhgJbI6umVVxquBhwHsWfq8+a0Lc48aKfmRF9MXYanE47o00faH
PiPVIL3sID8hWrQXAonlt1ZHVI6QeCbOFZazuiSfT6qOzYCNVLaAMIQnxKoPHK44
W8zybAhnQQDp4uvEmYrL/7A9J/6gRepenNsorrX+lT0h1aLpUy3+Xg/5lh30wHEu
DuEf0fqFrZeSyD5Tbhrf9KqpGLiDy/ArAA4GJuyMJiFTAkRdqmbJPeUHYkY4V/u6
szk8pp1HIj0kErZGPrhC3pkFuw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:47 2023 by rpki-client on console.sobornost.net