Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/wEpoin5-zUM5763Gm486_BxwDWY.roa
File: wEpoin5-zUM5763Gm486_BxwDWY.roa (raw, json)
Hash identifier: 4FVTIKjD1s2+Ye3Hc7rRCeiN9ZAWydWUos1FKyBhIgQ=
Subject key identifier: C0:4A:68:8A:7E:7E:CD:43:39:EF:AD:C6:9B:8F:3A:FC:1C:70:0D:66
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 0186DB458E73502A31D0CDCBFA6F98220148
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/wEpoin5-zUM5763Gm486_BxwDWY.roa
Signing time: Mon 13 Mar 2023 14:00:14 +0000
ROA not before: Mon 13 Mar 2023 14:00:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49645
IP address blocks: 91.213.76.0/24 maxlen: 24
185.234.130.0/24 maxlen: 24
185.234.129.0/24 maxlen: 24
185.234.128.0/24 maxlen: 24
185.234.128.0/22 maxlen: 22
185.234.131.0/24 maxlen: 24
5.183.168.0/24 maxlen: 24
5.183.171.0/24 maxlen: 24
2a0d:c9c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:45:8e:73:50:2a:31:d0:cd:cb:fa:6f:98:22:01:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Mar 13 14:00:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c04a688a7e7ecd4339efadc69b8f3afc1c700d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b5:2e:aa:01:63:05:0e:66:5c:40:b3:e3:b3:
05:06:3e:13:03:51:a5:f1:53:86:92:db:1b:48:62:
76:9d:62:05:7f:2c:ae:4f:d4:56:78:ba:39:fb:23:
b9:80:d0:8c:94:99:8e:41:76:f4:c6:f0:e0:0b:ef:
ab:c6:a4:c0:12:86:5c:dd:03:d2:1e:81:62:0a:12:
26:83:59:92:61:27:54:43:40:93:25:bb:d7:19:ed:
39:38:c7:8c:54:fb:cb:b7:10:61:6e:6c:e9:13:6d:
f4:4b:c8:eb:13:13:44:4b:41:f0:58:6a:b6:aa:a0:
a0:02:d6:59:fc:21:32:b5:55:c0:53:49:bf:dc:5e:
17:08:c0:93:d4:96:55:a7:46:6d:8a:99:23:eb:d0:
74:62:1e:02:f0:ac:7a:20:a2:30:28:6e:a2:8b:13:
62:4f:bb:01:21:b2:85:a8:b1:ee:62:b1:2b:38:75:
5e:34:39:b0:55:88:d7:38:44:72:96:28:c7:4a:da:
ef:ca:d8:a6:71:59:5c:b1:70:9e:61:b6:ee:6a:d2:
46:14:88:1e:15:6e:29:26:cb:50:98:b6:80:8b:85:
04:24:d1:b4:b0:2a:d6:32:28:cc:02:90:4c:b5:8e:
f2:ad:95:90:60:e6:2c:93:74:b2:78:6e:bb:53:81:
74:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4A:68:8A:7E:7E:CD:43:39:EF:AD:C6:9B:8F:3A:FC:1C:70:0D:66
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/wEpoin5-zUM5763Gm486_BxwDWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
5.183.171.0/24
91.213.76.0/24
185.234.128.0/22
IPv6:
2a0d:c9c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
49:c4:9a:c1:85:e8:6a:08:b1:ab:9b:ca:5e:05:ce:f5:c4:ec:
11:c4:27:75:4e:78:f6:fb:5b:7e:b1:dc:ba:cb:a6:3a:ed:a0:
b3:3c:09:fb:19:73:90:fb:e2:fe:5a:bd:d5:ce:88:80:94:f1:
59:26:5e:80:a6:3b:58:e5:14:a8:45:d0:5a:6c:21:02:2c:2a:
4e:d9:f4:2c:20:4b:b1:89:6b:6e:3f:cd:ce:9c:e2:85:f8:a7:
b5:9f:a6:4b:4f:02:50:57:be:ac:0c:f1:c8:cc:b1:4e:b8:df:
a6:51:79:93:64:d3:57:94:5d:e5:33:e9:16:66:68:c0:f8:6a:
b4:7d:f6:5e:e6:20:ad:76:95:10:c6:a5:4e:0a:69:e6:e4:16:
60:b7:b5:53:4a:42:0b:86:6f:be:c2:76:86:01:6b:2a:63:de:
c7:cc:76:ff:e8:04:86:3a:1c:d9:d1:25:9c:ab:ab:d6:c8:e8:
6c:23:75:3d:03:cb:77:37:b7:55:1b:b2:08:3b:66:d1:0f:56:
fb:cd:31:6f:d3:0e:ab:7b:33:7b:5e:6f:d4:90:01:34:60:50:
fd:86:94:89:1d:81:e6:38:78:9a:db:58:1b:51:1e:c4:06:c6:
b8:1d:f3:48:c4:9f:0d:20:39:21:f8:cf:bb:eb:fb:e4:35:bf:
9f:d1:95:05
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYbbRY5zUCox0M3L+m+YIgFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjMwMzEzMTQwMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRhNjg4YTdlN2VjZDQzMzllZmFkYzY5YjhmM2FmYzFjNzAwZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobUuqgFjBQ5mXECz47MFBj4TA1Gl
8VOGktsbSGJ2nWIFfyyuT9RWeLo5+yO5gNCMlJmOQXb0xvDgC++rxqTAEoZc3QPS
HoFiChImg1mSYSdUQ0CTJbvXGe05OMeMVPvLtxBhbmzpE230S8jrExNES0HwWGq2
qqCgAtZZ/CEytVXAU0m/3F4XCMCT1JZVp0Ztipkj69B0Yh4C8Kx6IKIwKG6iixNi
T7sBIbKFqLHuYrErOHVeNDmwVYjXOERylijHStrvytimcVlcsXCeYbbuatJGFIge
FW4pJstQmLaAi4UEJNG0sCrWMijMApBMtY7yrZWQYOYsk3SyeG67U4F0GQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMBKaIp+fs1DOe+txpuPOvwccA1mMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvd0Vwb2luNS16VU01NzYzR200ODZfQnh3RFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABbeoAwQA
BberAwQAW9VMAwQCueqAMA8EAgACMAkDBwAqDcnAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAEnEmsGF6GoIsaubyl4FzvXE7BHEJ3VOePb7W36x3LrLpjrtoLM8CfsZc5D7
4v5avdXOiICU8VkmXoCmO1jlFKhF0FpsIQIsKk7Z9CwgS7GJa24/zc6c4oX4p7Wf
pktPAlBXvqwM8cjMsU6436ZReZNk01eUXeUz6RZmaMD4arR99l7mIK12lRDGpU4K
aebkFmC3tVNKQguGb77CdoYBaypj3sfMdv/oBIY6HNnRJZyrq9bI6GwjdT0Dy3c3
t1Ubsgg7ZtEPVvvNMW/TDqt7M3teb9SQATRgUP2GlIkdgeY4eJrbWBtRHsQGxrgd
80jEnw0gOSH4z7vr++Q1v5/RlQU=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:19 2023 by rpki-client on console.sobornost.net