Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/pBZs43kIqJpasdcBRUKoi7QdIw4.roa
File: pBZs43kIqJpasdcBRUKoi7QdIw4.roa (raw, json)
Hash identifier: VVnPdfDasow9IbfWCeE4Iz7/f47tGgV5q7rC6v6+F5M=
Subject key identifier: A4:16:6C:E3:79:08:A8:9A:5A:B1:D7:01:45:42:A8:8B:B4:1D:23:0E
Certificate issuer: /CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Certificate serial: 018B3CF5D79A7534802573D8E4A9E54232D6
Authority key identifier: A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/pBZs43kIqJpasdcBRUKoi7QdIw4.roa
Signing time: Tue 17 Oct 2023 09:27:06 +0000
ROA not before: Tue 17 Oct 2023 09:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200107
IP address blocks: 185.85.15.0/24 maxlen: 24
185.85.14.0/24 maxlen: 24
185.85.12.0/24 maxlen: 24
185.54.222.0/24 maxlen: 24
185.54.220.0/24 maxlen: 24
185.54.221.0/24 maxlen: 24
185.54.223.0/24 maxlen: 24
93.159.226.0/24 maxlen: 24
93.159.230.0/23 maxlen: 23
93.159.228.0/23 maxlen: 24
77.74.178.0/23 maxlen: 24
77.74.176.0/24 maxlen: 24
77.74.176.0/23 maxlen: 24
82.202.185.0/24 maxlen: 24
82.202.184.0/23 maxlen: 23
82.202.184.0/24 maxlen: 24
77.74.182.0/24 maxlen: 24
77.74.183.0/24 maxlen: 24
77.74.180.0/24 maxlen: 24
77.74.181.0/24 maxlen: 24
2a03:2480:802f::/48 maxlen: 48
2a03:2480:802a::/48 maxlen: 48
2a03:2480:8025::/48 maxlen: 48
2a03:2480:8020::/48 maxlen: 48
2a03:2480:80::/48 maxlen: 48
2a03:2480:8023::/48 maxlen: 48
2a03:2480:8027::/48 maxlen: 48
2a03:2480:8022::/48 maxlen: 48
2a03:2480:8000::/44 maxlen: 44
2a03:2480:8031::/48 maxlen: 48
2a03:2480:802c::/48 maxlen: 48
2a03:2480:70::/48 maxlen: 48
2a03:2480:8030::/48 maxlen: 48
2a03:2480:8033::/48 maxlen: 48
2a03:2480:802e::/48 maxlen: 48
2a03:2480:8029::/48 maxlen: 48
2a03:2480:69::/48 maxlen: 48
2a03:2480:8024::/48 maxlen: 48
2a03:2480:8032::/48 maxlen: 48
2a03:2480:802d::/48 maxlen: 48
2a03:2480:8010::/44 maxlen: 44
2a03:2480:8028::/48 maxlen: 48
2a03:2480:68::/48 maxlen: 48
2a03:2480:802b::/48 maxlen: 48
2a03:2480:8026::/48 maxlen: 48
2a03:2480:8021::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:f5:d7:9a:75:34:80:25:73:d8:e4:a9:e5:42:32:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Validity
Not Before: Oct 17 09:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4166ce37908a89a5ab1d7014542a88bb41d230e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:ad:2f:fb:f2:94:bf:b7:76:cd:97:5b:af:
c6:a1:f7:e2:1c:3b:41:96:c9:d6:a6:ef:f9:fe:57:
43:1e:c9:40:c0:a6:d9:ed:03:c2:8e:4d:ae:3d:30:
9f:2c:25:23:a6:a2:70:86:22:ec:68:2d:ee:47:f1:
4e:2e:53:ed:8b:6b:8c:64:ac:a0:d5:4f:27:56:1d:
f5:64:d2:38:39:0a:81:5d:5b:e3:d8:92:f1:27:4c:
14:69:a4:94:b5:96:2a:59:32:17:71:ae:ca:79:d1:
f9:8f:39:47:2c:92:eb:91:f1:82:c0:58:78:4d:fe:
1b:f3:c4:04:0d:38:cc:65:c7:b2:1d:59:f9:69:74:
2e:02:b3:f5:9e:31:03:04:f9:d3:17:35:08:14:ef:
ca:8b:df:99:b1:00:c2:56:41:1b:b2:78:32:c1:ea:
de:74:31:31:e5:72:25:b7:87:b3:d7:b7:fb:5a:3f:
53:14:49:ad:c7:20:f9:4f:3c:99:9e:67:9e:30:9a:
d5:81:95:c6:e1:43:1d:94:5a:47:ae:1b:61:17:68:
f1:2a:16:67:00:1f:de:e1:02:97:cc:34:1c:df:21:
c9:20:14:40:fe:1c:1c:89:5c:e2:40:a3:62:5f:a3:
ed:89:8c:c7:05:17:b1:3a:c3:20:cd:16:05:aa:dc:
8e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:16:6C:E3:79:08:A8:9A:5A:B1:D7:01:45:42:A8:8B:B4:1D:23:0E
X509v3 Authority Key Identifier:
keyid:A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/pBZs43kIqJpasdcBRUKoi7QdIw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.176.0/21
82.202.184.0/23
93.159.226.0/24
93.159.228.0/22
185.54.220.0/22
185.85.12.0/24
185.85.14.0/23
IPv6:
2a03:2480:68::/47
2a03:2480:70::/48
2a03:2480:80::/48
2a03:2480:8000::-2a03:2480:8033:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:b2:66:19:ff:0a:90:0b:e8:c0:87:4d:b3:e3:68:ff:66:bd:
61:b6:fa:6b:72:c7:09:37:34:65:cf:5a:ce:27:f0:8e:06:57:
0d:27:c2:72:80:fa:6c:8d:79:65:45:8f:63:67:05:2a:35:4c:
7f:b1:cb:3e:86:d6:73:20:23:28:fd:d0:55:f2:69:1a:ab:bf:
7c:ba:89:b2:fe:c7:e4:c1:ec:6a:7f:ed:5f:f1:27:0b:6c:d9:
4c:1d:ab:01:2f:6a:bd:50:ba:21:a9:16:50:e3:58:57:89:2c:
87:98:98:6b:60:99:ae:b3:c8:49:84:f9:f2:f2:89:bc:e5:d5:
f9:1a:be:c5:2f:e2:03:66:75:f4:56:e6:4d:35:76:43:0e:fa:
95:56:bd:ae:f6:31:30:e4:5b:a4:56:92:ac:de:29:ce:be:8d:
5c:ae:21:21:fe:47:ad:44:15:7b:ad:3d:d3:3e:f7:7a:95:74:
c4:28:f7:13:af:33:3f:18:18:a9:b7:56:11:ff:5f:84:78:d9:
96:da:d2:5f:cb:fd:ac:b5:73:d0:bb:3d:ec:30:92:7c:fa:9c:
1a:85:f8:57:8b:43:36:f1:d0:16:d6:b1:81:57:8e:a1:7f:c5:
43:08:5f:32:cf:32:03:9f:e6:9d:be:67:e2:a1:50:f6:59:07:
21:e0:33:b5
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYs89deadTSAJXPY5KnlQjLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDg1YWRlMmIwZDRlYzFjYTA5MmE4ZTI3MDNjMTkyMDBj
NzJmMzIwHhcNMjMxMDE3MDkyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE2NmNlMzc5MDhhODlhNWFiMWQ3MDE0NTQyYTg4YmI0MWQyMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcytL/vylL+3ds2XW6/GoffiHDtB
lsnWpu/5/ldDHslAwKbZ7QPCjk2uPTCfLCUjpqJwhiLsaC3uR/FOLlPti2uMZKyg
1U8nVh31ZNI4OQqBXVvj2JLxJ0wUaaSUtZYqWTIXca7KedH5jzlHLJLrkfGCwFh4
Tf4b88QEDTjMZceyHVn5aXQuArP1njEDBPnTFzUIFO/Ki9+ZsQDCVkEbsngywere
dDEx5XIlt4ez17f7Wj9TFEmtxyD5TzyZnmeeMJrVgZXG4UMdlFpHrhthF2jxKhZn
AB/e4QKXzDQc3yHJIBRA/hwciVziQKNiX6PtiYzHBRexOsMgzRYFqtyONQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKQWbON5CKiaWrHXAUVCqIu0HSMOMB8GA1UdIwQY
MBaAFKfYWt4rDU7BygkqjicDwZIAxy8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYt
MDRiMGJmNjBiOWI3LzEvcEJaczQza0lxSnBhc2RjQlJVS29pN1FkSXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYtMDRiMGJmNjBiOWI3
LzEvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDAwBAIAATAqAwQDTUqwAwQB
Usq4AwQAXZ/iAwQCXZ/kAwQCuTbcAwQAuVUMAwQBuVUOMDQEAgACMC4DBwEqAySA
AGgDBwAqAySAAHADBwAqAySAAIAwEQMGByoDJICAAwcCKgMkgIAwMA0GCSqGSIb3
DQEBCwUAA4IBAQAismYZ/wqQC+jAh02z42j/Zr1htvprcscJNzRlz1rOJ/COBlcN
J8JygPpsjXllRY9jZwUqNUx/scs+htZzICMo/dBV8mkaq798uomy/sfkwexqf+1f
8ScLbNlMHasBL2q9ULohqRZQ41hXiSyHmJhrYJmus8hJhPny8om85dX5Gr7FL+ID
ZnX0VuZNNXZDDvqVVr2u9jEw5FukVpKs3inOvo1criEh/ketRBV7rT3TPvd6lXTE
KPcTrzM/GBipt1YR/1+EeNmW2tJfy/2stXPQuz3sMJJ8+pwahfhXi0M28dAW1rGB
V46hf8VDCF8yzzIDn+advmfioVD2WQch4DO1
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:22 2024 by rpki-client on console.sobornost.net