Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/FhBu9jQr28fjqR3X71W8KHVIbKk.roa
File: FhBu9jQr28fjqR3X71W8KHVIbKk.roa (raw, json)
Hash identifier: MwHPUi7h1u79RlmMeLFNTzmvlSfhc/xBBXD4nKQxl28=
Subject key identifier: 16:10:6E:F6:34:2B:DB:C7:E3:A9:1D:D7:EF:55:BC:28:75:48:6C:A9
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 018573C3B3F006BA33BC84AE2EF52B1C389B
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/FhBu9jQr28fjqR3X71W8KHVIbKk.roa
Signing time: Mon 02 Jan 2023 18:34:43 +0000
ROA not before: Mon 02 Jan 2023 18:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211582
IP address blocks: 212.60.24.0/21 maxlen: 21
185.214.188.0/22 maxlen: 22
80.243.224.0/22 maxlen: 22
5.45.144.0/22 maxlen: 22
2a10:b040:1::/48 maxlen: 48
2a10:b040:4::/48 maxlen: 48
2a10:b040:2::/48 maxlen: 48
2a10:b040:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:c3:b3:f0:06:ba:33:bc:84:ae:2e:f5:2b:1c:38:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Jan 2 18:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16106ef6342bdbc7e3a91dd7ef55bc2875486ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c5:98:eb:fa:b8:27:e7:a9:69:14:59:c2:53:
ba:1f:a0:96:f4:98:36:2a:8e:ad:be:c0:78:ec:0d:
6b:8e:bc:68:0a:a2:7d:a9:15:21:55:bd:47:a9:93:
72:6d:23:6f:5c:a9:45:8a:11:d1:6b:d0:27:e5:a6:
0b:1c:41:9e:16:4f:1a:e7:84:d1:92:fe:66:39:6f:
5c:bb:ae:9e:7d:0b:c0:3c:dd:e6:7b:a5:11:67:6f:
29:81:f2:9a:fb:22:f8:ab:cc:3a:5c:70:ea:de:b0:
ea:e4:60:7e:28:59:47:ca:b1:da:cd:a0:c3:f6:fe:
e6:74:05:36:cf:d5:0c:4d:ce:0a:2f:6d:d8:cb:06:
18:ea:5b:00:e0:5a:b6:03:64:b9:bb:ce:10:d5:54:
c7:19:ba:fc:ce:2b:02:5a:e6:94:84:16:53:a7:af:
ae:c8:43:35:09:58:ff:fd:78:5f:04:a9:3c:84:09:
ab:e5:64:c0:f5:b7:8a:4d:be:b7:ca:c8:fd:fb:7e:
37:7e:f1:d0:f0:f0:a8:39:84:81:ad:38:e0:1c:f2:
77:24:18:2e:8c:a1:a5:6a:0d:cd:71:61:bf:0b:ce:
f9:93:f5:4a:b8:df:b9:eb:16:90:f5:c3:d1:da:89:
ca:b4:8c:8c:26:18:78:7c:6f:35:1f:f5:8e:ef:83:
4f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:10:6E:F6:34:2B:DB:C7:E3:A9:1D:D7:EF:55:BC:28:75:48:6C:A9
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/FhBu9jQr28fjqR3X71W8KHVIbKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.144.0/22
80.243.224.0/22
185.214.188.0/22
212.60.24.0/21
IPv6:
2a10:b040:1::-2a10:b040:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cf:98:bd:3e:44:60:45:ea:67:2c:93:b8:19:a2:11:37:b4:d1:
42:7e:f4:52:1a:04:02:f6:4d:21:79:98:a1:0a:2a:49:7f:87:
ce:79:41:bc:f8:cd:80:33:a8:41:98:ce:8e:38:aa:fd:88:5c:
31:ed:44:6a:51:ea:49:31:d9:1c:58:59:c4:91:be:47:91:51:
09:99:64:28:78:e9:ee:7e:ca:80:1a:df:f3:f0:31:9f:7b:76:
3e:61:6b:31:b7:24:eb:85:df:f7:ad:a3:75:42:66:48:14:2d:
59:0c:06:e5:aa:82:b1:fa:7f:43:23:3c:c7:3b:25:95:ca:a8:
8d:8f:30:1b:29:48:57:b3:dc:6c:b6:e8:8c:1a:8f:6b:d5:22:
f9:e5:6a:dc:06:37:66:b2:01:91:1e:d5:6a:6a:97:0f:28:17:
71:e2:38:6d:92:54:4b:0c:41:a8:40:e2:58:ff:bb:8d:f8:c3:
fb:e4:0d:c2:96:2d:2d:43:df:66:5b:b7:ed:31:0c:36:e8:30:
7d:c0:96:84:2a:14:a8:e9:c2:31:fb:75:59:f1:fc:1b:5b:17:
db:1f:5f:eb:77:16:dc:f9:bf:d2:83:e9:5f:aa:8c:1e:46:7d:
16:9a:b6:b5:2f:2b:eb:b9:ec:e8:8c:22:da:5f:31:d4:5e:e7:
2b:04:3a:00
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVzw7PwBrozvISuLvUrHDibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjMwMTAyMTgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjEwNmVmNjM0MmJkYmM3ZTNhOTFkZDdlZjU1YmMyODc1NDg2Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsWY6/q4J+epaRRZwlO6H6CW9Jg2
Ko6tvsB47A1rjrxoCqJ9qRUhVb1HqZNybSNvXKlFihHRa9An5aYLHEGeFk8a54TR
kv5mOW9cu66efQvAPN3me6URZ28pgfKa+yL4q8w6XHDq3rDq5GB+KFlHyrHazaDD
9v7mdAU2z9UMTc4KL23YywYY6lsA4Fq2A2S5u84Q1VTHGbr8zisCWuaUhBZTp6+u
yEM1CVj//XhfBKk8hAmr5WTA9beKTb63ysj9+343fvHQ8PCoOYSBrTjgHPJ3JBgu
jKGlag3NcWG/C875k/VKuN+56xaQ9cPR2onKtIyMJhh4fG81H/WO74NPMwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBYQbvY0K9vH46kd1+9VvCh1SGypMB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvRmhCdTlqUXIyOGZqcVIzWDcxVzhLSFZJYktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAeBAIAATAYAwQCBS2QAwQC
UPPgAwQCuda8AwQD1DwYMBoEAgACMBQwEgMHACoQsEAAAQMHACoQsEAABDANBgkq
hkiG9w0BAQsFAAOCAQEAz5i9PkRgRepnLJO4GaIRN7TRQn70UhoEAvZNIXmYoQoq
SX+HznlBvPjNgDOoQZjOjjiq/YhcMe1EalHqSTHZHFhZxJG+R5FRCZlkKHjp7n7K
gBrf8/Axn3t2PmFrMbck64Xf962jdUJmSBQtWQwG5aqCsfp/QyM8xzsllcqojY8w
GylIV7PcbLbojBqPa9Ui+eVq3AY3ZrIBkR7VamqXDygXceI4bZJUSwxBqEDiWP+7
jfjD++QNwpYtLUPfZlu37TEMNugwfcCWhCoUqOnCMft1WfH8G1sX2x9f63cW3Pm/
0oPpX6qMHkZ9Fpq2tS8r67ns6Iwi2l8x1F7nKwQ6AA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:57 2024 by rpki-client on console.sobornost.net