Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/T-RrSyp9frQotpiqY8yIQNVDSjc.roa
File: T-RrSyp9frQotpiqY8yIQNVDSjc.roa (raw, json)
Hash identifier: nQwCkR4j5S0sSMKh1PX9D6Jtr57eQ6Nb9J8TwXniGbQ=
Subject key identifier: 4F:E4:6B:4B:2A:7D:7E:B4:28:B6:98:AA:63:CC:88:40:D5:43:4A:37
Certificate issuer: /CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Certificate serial: 0185719571B048D72CA1A7CDD4EDA66C11D5
Authority key identifier: FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/T-RrSyp9frQotpiqY8yIQNVDSjc.roa
Signing time: Mon 02 Jan 2023 08:24:57 +0000
ROA not before: Mon 02 Jan 2023 08:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202319
IP address blocks: 185.166.104.0/24 maxlen: 24
185.166.105.0/24 maxlen: 24
185.166.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:71:b0:48:d7:2c:a1:a7:cd:d4:ed:a6:6c:11:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Validity
Not Before: Jan 2 08:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fe46b4b2a7d7eb428b698aa63cc8840d5434a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:20:fc:35:93:a1:85:d2:1d:a1:02:fc:a2:
7e:31:b9:b2:55:0d:ef:0b:a2:c5:0c:7b:c2:12:c0:
fd:d1:d7:66:dd:73:f1:6f:98:29:c8:09:2b:b1:b7:
c8:3c:85:cf:bb:d8:b0:d1:b5:9d:83:5b:51:0d:8c:
29:35:5a:90:c9:63:99:35:1b:96:a6:58:e5:15:be:
b3:67:45:20:71:af:d7:84:7e:ba:61:dc:bf:3d:12:
11:73:06:61:7b:9c:33:67:7e:8d:11:66:f5:d0:93:
12:ca:94:bc:d1:13:90:68:e6:5c:21:4b:86:fc:1e:
02:89:4a:d6:43:24:15:fe:05:f2:df:af:bd:1d:06:
0f:bc:e4:16:49:4d:1c:a6:3a:33:19:65:ee:70:a6:
cb:d4:17:bd:95:5b:86:c7:79:61:e7:8c:1b:fe:d1:
66:d6:9f:08:d9:c9:c8:8a:3d:41:62:5d:04:e1:9d:
34:bd:e8:d1:8d:a8:d5:88:88:a9:43:63:54:6c:e7:
c4:01:7e:cc:5d:20:78:1f:ba:9d:65:07:bf:be:2f:
76:d9:69:ff:b2:f0:5d:ea:cf:73:ae:e7:a4:96:b8:
3c:5d:4b:75:bd:e9:aa:61:95:2e:df:91:1e:d6:29:
46:4d:e2:0f:d1:af:a9:b6:8a:c7:55:e3:49:f6:d7:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E4:6B:4B:2A:7D:7E:B4:28:B6:98:AA:63:CC:88:40:D5:43:4A:37
X509v3 Authority Key Identifier:
keyid:FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/T-RrSyp9frQotpiqY8yIQNVDSjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/_Jvk7U5UtgHmtqQtC6BM-3qyw78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.104.0/23
185.166.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:7a:dc:45:a3:d0:8c:f0:d1:eb:bd:16:1b:2c:3e:b6:e7:09:
20:a9:d2:4b:de:81:b6:1e:3a:53:8b:5f:62:3c:0b:3c:e6:69:
86:fb:06:58:ac:37:7b:82:2f:2b:67:d1:91:28:84:ca:f5:67:
95:0c:90:de:f2:61:45:0f:a4:85:9d:ab:2e:98:21:bb:20:80:
a8:18:34:31:96:0f:ce:60:3c:08:10:75:b8:4e:0a:43:93:2c:
75:98:eb:96:1a:39:21:13:75:9e:8c:af:fb:38:64:3b:3e:1e:
b1:27:6f:2e:1d:58:84:2a:bb:0b:1a:ba:03:8b:58:ab:87:a0:
85:34:9c:d9:9a:88:00:d8:9d:ba:a9:8a:16:65:b4:be:fd:46:
e5:d8:a8:b8:61:0c:19:74:dc:b5:73:28:53:d0:45:59:cf:70:
02:cb:0d:90:67:fb:76:9e:7c:fc:05:d3:fa:c1:cf:4d:31:18:
7c:ee:b6:6c:de:89:b6:3e:df:27:a5:28:c4:4d:84:10:81:52:
77:5f:49:17:d5:03:43:2e:00:19:aa:c5:c0:e0:15:1f:ed:e7:
aa:28:5f:a3:a2:be:cc:77:70:a6:3b:26:14:b5:a7:f7:db:ae:
13:1f:50:cb:5d:e1:a6:fb:8c:1c:c0:28:5c:47:6d:66:e0:47:
3b:3f:ff:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxlXGwSNcsoafN1O2mbBHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOWJlNGVkNGU1NGI2MDFlNmI2YTQyZDBiYTA0Y2ZiN2Fi
MmMzYmYwHhcNMjMwMTAyMDgyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmU0NmI0YjJhN2Q3ZWI0MjhiNjk4YWE2M2NjODg0MGQ1NDM0YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrIg/DWToYXSHaEC/KJ+MbmyVQ3v
C6LFDHvCEsD90ddm3XPxb5gpyAkrsbfIPIXPu9iw0bWdg1tRDYwpNVqQyWOZNRuW
pljlFb6zZ0Ugca/XhH66Ydy/PRIRcwZhe5wzZ36NEWb10JMSypS80ROQaOZcIUuG
/B4CiUrWQyQV/gXy36+9HQYPvOQWSU0cpjozGWXucKbL1Be9lVuGx3lh54wb/tFm
1p8I2cnIij1BYl0E4Z00vejRjajViIipQ2NUbOfEAX7MXSB4H7qdZQe/vi922Wn/
svBd6s9zrueklrg8XUt1vemqYZUu35Ee1ilGTeIP0a+ptorHVeNJ9tcduQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE/ka0sqfX60KLaYqmPMiEDVQ0o3MB8GA1UdIwQY
MBaAFPyb5O1OVLYB5rakLQugTPt6ssO/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzct
MWQyNTEzMzA4ZDIxLzEvVC1SclN5cDlmclFvdHBpcVk4eUlRTlZEU2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzctMWQyNTEzMzA4ZDIx
LzEvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaZoAwQA
uaZrMA0GCSqGSIb3DQEBCwUAA4IBAQAaetxFo9CM8NHrvRYbLD625wkgqdJL3oG2
HjpTi19iPAs85mmG+wZYrDd7gi8rZ9GRKITK9WeVDJDe8mFFD6SFnasumCG7IICo
GDQxlg/OYDwIEHW4TgpDkyx1mOuWGjkhE3WejK/7OGQ7Ph6xJ28uHViEKrsLGroD
i1irh6CFNJzZmogA2J26qYoWZbS+/Ubl2Ki4YQwZdNy1cyhT0EVZz3ACyw2QZ/t2
nnz8BdP6wc9NMRh87rZs3om2Pt8npSjETYQQgVJ3X0kX1QNDLgAZqsXA4BUf7eeq
KF+jor7Md3CmOyYUtaf3264TH1DLXeGm+4wcwChcR21m4Ec7P//1
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:37 2024 by rpki-client on console.sobornost.net