Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/Dj0shU5RfKCyThIMopXeREpKK0Y.roa
File: Dj0shU5RfKCyThIMopXeREpKK0Y.roa (raw, json)
Hash identifier: XrFIJnDw1le2nigzgT6VVZbmpEPPWoSFYc3IPxO9OvI=
Subject key identifier: 0E:3D:2C:85:4E:51:7C:A0:B2:4E:12:0C:A2:95:DE:44:4A:4A:2B:46
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 018CC64B7FCEF992EDE1E4B3564DAB5FC185
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/Dj0shU5RfKCyThIMopXeREpKK0Y.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60203
IP address blocks: 185.43.72.0/24 maxlen: 24
171.22.10.0/24 maxlen: 24
171.22.8.0/24 maxlen: 24
171.22.11.0/24 maxlen: 24
171.22.9.0/24 maxlen: 24
185.62.21.0/24 maxlen: 24
185.62.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 12:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7f:ce:f9:92:ed:e1:e4:b3:56:4d:ab:5f:c1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e3d2c854e517ca0b24e120ca295de444a4a2b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:79:66:d9:b6:22:79:28:1a:3f:a0:5f:1c:da:
de:a5:57:dc:54:95:6e:5e:8f:41:10:ad:5b:11:fa:
fc:2a:56:a1:61:56:6d:d1:c7:cd:dc:44:61:09:a8:
b0:a1:df:73:56:d5:2a:2c:26:fd:61:6a:b4:18:10:
b7:f4:9f:a5:28:ef:da:2f:0c:49:84:09:19:f7:2b:
06:ca:d8:61:65:86:cb:9e:35:af:13:5a:60:66:50:
56:b3:58:04:7a:a0:af:69:57:0c:b9:62:d1:c8:a4:
ac:7a:ae:10:01:bd:62:63:5e:55:c5:73:88:90:39:
94:02:cc:9f:d2:8f:c8:54:63:1a:f0:24:f7:c4:17:
7e:1e:c3:ff:23:79:ce:bd:9e:8a:0a:92:09:43:1e:
e4:0c:1e:57:80:76:4b:31:8e:14:b0:f1:e6:51:f9:
c9:a5:58:32:93:5a:9a:02:b7:08:3b:b8:c5:6a:84:
2b:11:08:74:cc:40:34:f6:0b:7a:3d:c2:be:e5:a5:
29:ee:55:ab:11:58:53:22:92:da:c8:c4:e9:ef:ac:
57:a3:53:db:8f:69:4b:a2:7c:e4:4a:17:0f:31:a7:
53:90:b7:25:e6:1e:c5:86:0a:c3:20:ab:04:ed:03:
b3:17:58:c8:dc:64:83:2f:36:f8:50:d9:07:61:50:
13:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3D:2C:85:4E:51:7C:A0:B2:4E:12:0C:A2:95:DE:44:4A:4A:2B:46
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/Dj0shU5RfKCyThIMopXeREpKK0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.8.0/22
185.43.72.0/24
185.62.20.0/23
Signature Algorithm: sha256WithRSAEncryption
37:bc:b0:17:3c:1d:a7:29:e0:e5:08:c9:6f:bd:5e:7b:e6:42:
d6:af:05:e6:64:2f:e6:c3:c0:9e:12:bf:90:ba:59:e6:77:eb:
14:f5:b4:61:e3:84:a5:c3:40:0e:e5:0a:c5:7c:e1:9a:7a:24:
01:49:19:73:9b:03:3a:56:92:74:34:d8:fe:3f:52:0a:51:68:
c1:dd:b4:c0:2c:2c:65:3b:0d:bf:b3:4f:ad:33:30:b6:e2:e3:
87:d0:73:a8:a0:a5:c9:ea:32:13:e6:52:7d:95:f4:7d:43:b3:
d5:1b:85:9c:4e:bd:d4:19:97:f9:65:92:0f:52:56:31:a9:2e:
a5:94:5e:f6:67:9c:06:53:ca:ad:79:59:16:ab:bc:d9:51:9f:
04:05:53:a2:20:80:17:74:8f:34:b9:7d:09:ba:0f:6e:b7:9a:
51:74:23:1f:a7:3e:a9:56:5b:82:3b:1f:71:a9:39:d0:79:18:
2c:f1:15:89:80:e8:86:71:f6:87:d6:e4:87:fc:49:e0:98:67:
f4:f0:7a:24:62:13:92:e0:82:3d:a4:5b:3e:ea:1c:14:a7:c2:
1c:6a:0e:93:b1:f8:cb:3b:dc:14:f5:09:3a:96:db:39:2c:e9:
bf:f2:08:0f:19:3a:74:19:5d:8b:65:7e:ca:74:1d:3a:86:aa:
67:8f:c9:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGS3/O+ZLt4eSzVk2rX8GFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNkMmM4NTRlNTE3Y2EwYjI0ZTEyMGNhMjk1ZGU0NDRhNGEyYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3lm2bYieSgaP6BfHNrepVfcVJVu
Xo9BEK1bEfr8KlahYVZt0cfN3ERhCaiwod9zVtUqLCb9YWq0GBC39J+lKO/aLwxJ
hAkZ9ysGythhZYbLnjWvE1pgZlBWs1gEeqCvaVcMuWLRyKSseq4QAb1iY15VxXOI
kDmUAsyf0o/IVGMa8CT3xBd+HsP/I3nOvZ6KCpIJQx7kDB5XgHZLMY4UsPHmUfnJ
pVgyk1qaArcIO7jFaoQrEQh0zEA09gt6PcK+5aUp7lWrEVhTIpLayMTp76xXo1Pb
j2lLonzkShcPMadTkLcl5h7FhgrDIKsE7QOzF1jI3GSDLzb4UNkHYVAT9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA49LIVOUXygsk4SDKKV3kRKSitGMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvRGowc2hVNVJmS0N5VGhJTW9wWGVSRXBLSzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCqxYIAwQA
uStIAwQBuT4UMA0GCSqGSIb3DQEBCwUAA4IBAQA3vLAXPB2nKeDlCMlvvV575kLW
rwXmZC/mw8CeEr+Qulnmd+sU9bRh44Slw0AO5QrFfOGaeiQBSRlzmwM6VpJ0NNj+
P1IKUWjB3bTALCxlOw2/s0+tMzC24uOH0HOooKXJ6jIT5lJ9lfR9Q7PVG4WcTr3U
GZf5ZZIPUlYxqS6llF72Z5wGU8qteVkWq7zZUZ8EBVOiIIAXdI80uX0Jug9ut5pR
dCMfpz6pVluCOx9xqTnQeRgs8RWJgOiGcfaH1uSH/EngmGf08HokYhOS4II9pFs+
6hwUp8Icag6TsfjLO9wU9Qk6lts5LOm/8ggPGTp0GV2LZX7KdB06hqpnj8lu
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:57 2024 by rpki-client on console.sobornost.net