Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/sQyRHm82JMkzc2dU_cfi-uOdrIY.roa
File: sQyRHm82JMkzc2dU_cfi-uOdrIY.roa (raw, json)
Hash identifier: xj2uHT+IMA8eakEtDE4iTWMhPxpjfUSjD0tc055Z6nU=
Subject key identifier: B1:0C:91:1E:6F:36:24:C9:33:73:67:54:FD:C7:E2:FA:E3:9D:AC:86
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CC9B7CD66C87730C5E9C6A08BDBF70
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/sQyRHm82JMkzc2dU_cfi-uOdrIY.roa
Signing time: Mon 02 Jan 2023 14:04:49 +0000
ROA not before: Mon 02 Jan 2023 14:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39351
IP address blocks: 85.203.53.0/24 maxlen: 24
85.203.55.0/24 maxlen: 24
85.203.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:9b:7c:d6:6c:87:73:0c:5e:9c:6a:08:bd:bf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b10c911e6f3624c933736754fdc7e2fae39dac86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d7:03:e2:5f:65:37:2f:89:7f:8f:53:71:e5:
46:ef:e1:ca:2c:08:9a:b9:bf:48:e6:a4:28:a8:a9:
f5:f4:49:d1:bc:e4:a9:49:a1:3c:d5:9d:51:20:28:
3a:a3:19:83:c0:f6:62:a7:25:1b:91:82:bd:32:e5:
c3:b3:fa:71:9b:ea:f8:3c:24:fb:6c:11:17:f5:a7:
d3:91:58:32:32:8e:30:ef:2e:69:85:2b:a0:dc:3d:
18:bc:e0:3f:9d:c6:2e:09:0a:b2:96:79:72:42:7e:
b8:7e:18:13:3d:a2:9a:e3:33:8a:63:c8:34:b0:6d:
20:87:95:2c:90:43:22:35:25:16:f8:39:01:d4:10:
2c:d2:4d:4c:7e:8d:b3:f2:3d:a6:51:ff:07:b9:a9:
13:ba:5f:e1:db:aa:7e:32:c7:a8:14:48:57:85:7b:
58:c5:4d:e7:10:b6:fc:46:d9:74:46:48:9f:08:00:
a8:6b:8b:2a:ed:48:3f:31:d9:87:16:49:b0:87:32:
41:a3:f7:ea:70:a3:ce:1d:2c:dc:2d:4f:ab:6c:2b:
c1:da:89:f5:a2:d2:76:8e:a0:0f:30:b8:cf:d5:d9:
80:47:f0:a8:48:46:8d:56:8e:2f:dd:ec:95:c6:0e:
e8:1d:8d:21:65:9d:3f:f5:47:7d:97:0a:ba:7b:22:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0C:91:1E:6F:36:24:C9:33:73:67:54:FD:C7:E2:FA:E3:9D:AC:86
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/sQyRHm82JMkzc2dU_cfi-uOdrIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.53.0-85.203.55.255
Signature Algorithm: sha256WithRSAEncryption
65:62:09:e0:fd:63:85:3c:82:ad:74:b7:68:b4:56:74:c4:59:
07:67:f9:b1:f1:ce:a2:5c:94:31:9e:a4:ec:48:fc:f3:1a:b9:
c1:eb:42:76:b0:3a:8b:f5:37:93:56:2d:cb:1c:96:43:18:9c:
69:08:02:51:16:af:ad:da:18:40:87:0c:69:ac:c9:ff:ea:8b:
a4:06:68:af:d1:4a:46:6e:50:1f:85:bb:01:bb:a1:7f:17:5d:
35:f2:39:37:60:a6:dd:65:b3:27:6e:e0:fb:47:9f:e0:78:f5:
51:3d:fb:2f:07:09:02:51:10:51:79:22:5a:4e:54:7f:fa:19:
24:bb:ad:3f:a2:f1:a3:47:de:a6:ab:28:1b:f3:0d:df:36:8e:
2a:20:16:6f:a3:5c:ef:e8:a2:74:76:9c:a1:b5:20:27:f4:bf:
89:d9:3e:6f:11:bf:a8:66:96:ef:33:67:33:98:84:da:3a:a1:
5e:84:e8:f9:b2:ac:85:8d:3e:1a:80:89:0c:2c:96:90:ed:0b:
3f:a3:66:d4:03:eb:bd:58:65:73:3a:30:7f:4a:6f:47:9b:f8:
25:91:6d:9f:9d:81:a0:58:60:54:97:0a:80:ee:b6:7f:12:18:
9f:bf:df:29:6e:ee:5c:e4:45:81:39:10:71:c6:7d:d4:32:74:
21:87:be:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyzJt81myHcwxenGoIvb9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBjOTExZTZmMzYyNGM5MzM3MzY3NTRmZGM3ZTJmYWUzOWRhYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9cD4l9lNy+Jf49TceVG7+HKLAia
ub9I5qQoqKn19EnRvOSpSaE81Z1RICg6oxmDwPZipyUbkYK9MuXDs/pxm+r4PCT7
bBEX9afTkVgyMo4w7y5phSug3D0YvOA/ncYuCQqylnlyQn64fhgTPaKa4zOKY8g0
sG0gh5UskEMiNSUW+DkB1BAs0k1Mfo2z8j2mUf8HuakTul/h26p+MseoFEhXhXtY
xU3nELb8Rtl0RkifCACoa4sq7Ug/MdmHFkmwhzJBo/fqcKPOHSzcLU+rbCvB2on1
otJ2jqAPMLjP1dmAR/CoSEaNVo4v3eyVxg7oHY0hZZ0/9Ud9lwq6eyK/ZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLEMkR5vNiTJM3NnVP3H4vrjnayGMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvc1F5UkhtODJKTWt6YzJkVV9jZmktdU9kcklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVyzUD
BANVyzAwDQYJKoZIhvcNAQELBQADggEBAGViCeD9Y4U8gq10t2i0VnTEWQdn+bHx
zqJclDGepOxI/PMaucHrQnawOov1N5NWLcsclkMYnGkIAlEWr63aGECHDGmsyf/q
i6QGaK/RSkZuUB+FuwG7oX8XXTXyOTdgpt1lsydu4PtHn+B49VE9+y8HCQJREFF5
IlpOVH/6GSS7rT+i8aNH3qarKBvzDd82jiogFm+jXO/oonR2nKG1ICf0v4nZPm8R
v6hmlu8zZzOYhNo6oV6E6PmyrIWNPhqAiQwslpDtCz+jZtQD671YZXM6MH9Kb0eb
+CWRbZ+dgaBYYFSXCoDutn8SGJ+/3ylu7lzkRYE5EHHGfdQydCGHvmM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:45 2024 by rpki-client on console.sobornost.net