Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/YI7HavLw5g3iSyRmPZjxiS5WkTk.roa
File: YI7HavLw5g3iSyRmPZjxiS5WkTk.roa (raw, json)
Hash identifier: L8BrLsMQrxy4/LPvEjGtrZ0M3pADO28MGkh14hgdZj4=
Subject key identifier: 60:8E:C7:6A:F2:F0:E6:0D:E2:4B:24:66:3D:98:F1:89:2E:56:91:39
Certificate issuer: /CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Certificate serial: 018571830C3C783A33545F543EB0DC46D517
Authority key identifier: 42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/YI7HavLw5g3iSyRmPZjxiS5WkTk.roa
Signing time: Mon 02 Jan 2023 08:04:51 +0000
ROA not before: Mon 02 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34430
IP address blocks: 195.242.96.0/23 maxlen: 24
37.220.144.0/23 maxlen: 24
37.220.146.0/24 maxlen: 24
193.43.89.0/24 maxlen: 24
81.18.240.0/20 maxlen: 24
45.145.196.0/22 maxlen: 24
188.95.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:0c:3c:78:3a:33:54:5f:54:3e:b0:dc:46:d5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Validity
Not Before: Jan 2 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=608ec76af2f0e60de24b24663d98f1892e569139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:25:7f:bf:f0:b8:54:9e:43:92:28:41:e6:b8:
fd:a9:9c:fa:ad:fe:1d:c6:6d:96:e9:38:f6:e2:81:
19:0c:3b:74:cc:fa:df:4b:24:6d:31:43:16:8e:dd:
2c:de:30:a3:44:33:d9:b8:10:9c:39:be:1a:6f:78:
d8:18:14:08:87:2d:f4:b1:72:55:be:3d:56:cb:d1:
2f:68:3f:b3:b7:13:f0:75:52:a7:bf:07:c9:12:42:
1e:f4:9f:f9:27:3b:23:1d:15:54:d7:87:a8:d4:ba:
a6:b4:b2:79:b7:bc:f9:be:1a:2c:c5:eb:6d:32:f1:
91:0e:ae:e5:48:2f:c7:e4:12:59:58:19:1a:52:67:
3b:53:11:0f:c7:23:8b:4b:9f:81:08:f3:f4:24:1a:
5b:39:08:64:cc:a2:55:f6:19:a0:1d:14:59:ba:38:
4e:ee:c5:a2:52:d3:07:c4:28:be:69:35:00:c7:62:
c5:ae:cd:38:e2:a2:e4:af:d5:68:49:6e:3c:45:69:
d4:ab:7b:dc:9d:9d:be:0a:aa:43:20:31:a8:10:8c:
71:78:7b:49:49:a6:37:0f:7c:c8:de:39:f7:3a:6c:
d1:0a:be:85:03:41:6a:2b:ae:f3:34:5e:41:e3:ec:
8e:79:84:47:cd:bc:ea:c7:ba:59:5d:81:0f:5b:61:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8E:C7:6A:F2:F0:E6:0D:E2:4B:24:66:3D:98:F1:89:2E:56:91:39
X509v3 Authority Key Identifier:
keyid:42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/YI7HavLw5g3iSyRmPZjxiS5WkTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.144.0-37.220.146.255
45.145.196.0/22
81.18.240.0/20
188.95.168.0/21
193.43.89.0/24
195.242.96.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:a6:8e:59:8a:79:f5:85:0e:48:c9:b4:33:c8:57:d0:25:b1:
60:9b:29:c6:4f:b1:77:74:fe:f1:d9:ac:0c:1b:88:94:48:17:
fd:aa:0f:84:0d:b9:f3:2d:1d:56:48:fd:c3:24:3d:a2:8a:69:
6f:c9:d1:dd:85:c7:e1:a2:57:ac:aa:fd:73:5b:0f:f4:25:31:
b8:a6:07:ae:ad:11:28:29:f1:26:b5:d4:e3:32:7c:d5:1b:6a:
5f:91:a0:d0:fc:4d:39:0b:2f:87:79:2d:e3:ce:38:07:f7:e2:
8a:3a:41:72:5e:0d:2a:7f:58:11:62:66:48:5c:08:79:7f:d1:
a0:b7:56:a7:a1:cc:a4:d6:c1:72:28:19:5a:c7:c2:ac:db:dd:
9b:4a:8c:bb:40:29:c1:79:e0:ae:d8:86:79:09:78:1e:58:34:
ca:a2:16:73:35:ca:c0:7a:5d:be:71:36:cf:b0:39:2d:41:79:
e7:12:41:5b:bf:94:90:c7:82:10:01:f3:08:c6:55:af:47:86:
ea:13:04:a1:c3:02:69:4a:42:75:5a:78:d3:98:fb:89:f5:3e:
14:1a:55:a6:3e:96:2b:c4:18:5b:02:ba:af:f5:34:60:1d:c5:
cc:df:e8:8a:b5:24:90:88:5d:70:89:32:af:18:4e:3a:03:67:
80:54:fa:4a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVxgww8eDozVF9UPrDcRtUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzQyNzIzYzFmNzViYTBiZTg5MzVjNzJmNjFiZmU1YzVm
NGNlM2MwHhcNMjMwMTAyMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhlYzc2YWYyZjBlNjBkZTI0YjI0NjYzZDk4ZjE4OTJlNTY5MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iV/v/C4VJ5DkihB5rj9qZz6rf4d
xm2W6Tj24oEZDDt0zPrfSyRtMUMWjt0s3jCjRDPZuBCcOb4ab3jYGBQIhy30sXJV
vj1Wy9EvaD+ztxPwdVKnvwfJEkIe9J/5JzsjHRVU14eo1LqmtLJ5t7z5vhosxett
MvGRDq7lSC/H5BJZWBkaUmc7UxEPxyOLS5+BCPP0JBpbOQhkzKJV9hmgHRRZujhO
7sWiUtMHxCi+aTUAx2LFrs044qLkr9VoSW48RWnUq3vcnZ2+CqpDIDGoEIxxeHtJ
SaY3D3zI3jn3OmzRCr6FA0FqK67zNF5B4+yOeYRHzbzqx7pZXYEPW2FmsQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGCOx2ry8OYN4kskZj2Y8YkuVpE5MB8GA1UdIwQY
MBaAFELEJyPB91ugvok1xy9hv+XF9M48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAt
Yjk4YTY5MDFlYTEwLzEvWUk3SGF2THc1ZzNpU3lSbVBaanhpUzVXa1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAtYjk4YTY5MDFlYTEw
LzEvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAQl3JAD
BAAl3JIDBAItkcQDBARREvADBAO8X6gDBADBK1kDBAHD8mAwDQYJKoZIhvcNAQEL
BQADggEBAG+mjlmKefWFDkjJtDPIV9AlsWCbKcZPsXd0/vHZrAwbiJRIF/2qD4QN
ufMtHVZI/cMkPaKKaW/J0d2Fx+GiV6yq/XNbD/QlMbimB66tESgp8Sa11OMyfNUb
al+RoND8TTkLL4d5LePOOAf34oo6QXJeDSp/WBFiZkhcCHl/0aC3VqehzKTWwXIo
GVrHwqzb3ZtKjLtAKcF54K7YhnkJeB5YNMqiFnM1ysB6Xb5xNs+wOS1BeecSQVu/
lJDHghAB8wjGVa9HhuoTBKHDAmlKQnVaeNOY+4n1PhQaVaY+livEGFsCuq/1NGAd
xczf6Iq1JJCIXXCJMq8YTjoDZ4BU+ko=
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:05 2024 by rpki-client on console.sobornost.net