Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/S3Rz8EVtSq6Ln3zlIkN_azrMhUE.roa
File: S3Rz8EVtSq6Ln3zlIkN_azrMhUE.roa (raw, json)
Hash identifier: 4XJ/1zG2NDbB+JqtPwOlGaRyDltU8bTKiS91vhmgfDk=
Subject key identifier: 4B:74:73:F0:45:6D:4A:AE:8B:9F:7C:E5:22:43:7F:6B:3A:CC:85:41
Certificate issuer: /CN=4d16240897b01305681c9425fe523f58fab27415
Certificate serial: 01856CCAD2956C25B4BB594A5D27954B34B2
Authority key identifier: 4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/S3Rz8EVtSq6Ln3zlIkN_azrMhUE.roa
Signing time: Sun 01 Jan 2023 10:05:09 +0000
ROA not before: Sun 01 Jan 2023 10:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20963
IP address blocks: 81.25.176.0/20 maxlen: 20
80.77.128.0/20 maxlen: 20
185.88.228.0/22 maxlen: 22
46.227.112.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d2:95:6c:25:b4:bb:59:4a:5d:27:95:4b:34:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d16240897b01305681c9425fe523f58fab27415
Validity
Not Before: Jan 1 10:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b7473f0456d4aae8b9f7ce522437f6b3acc8541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:11:e4:89:27:44:34:4d:ab:d9:df:58:7a:55:
f7:60:97:24:4e:e7:9d:8b:a3:9b:5c:82:18:d3:c1:
b9:52:86:63:77:0f:2d:f0:6a:b2:ca:56:45:80:2c:
44:95:7f:90:58:f8:9e:8e:c1:e6:b0:fd:02:e6:12:
ae:7f:19:30:4b:53:43:e3:84:83:9d:0e:b3:06:52:
4e:31:cf:de:bc:24:37:d8:4a:13:c2:e8:b3:9d:5b:
c1:e1:3f:6b:cd:52:c7:b3:75:ae:d1:8b:74:c1:d6:
54:2c:a2:85:54:f8:f8:81:58:67:64:c1:52:b3:c4:
52:03:9f:42:62:6e:b7:09:2c:16:ea:f2:32:83:93:
2e:a4:8a:45:ef:1b:25:b5:18:40:43:63:9a:f3:e5:
ac:94:8d:25:75:5b:fd:fa:13:80:67:ec:b5:5d:f3:
8c:d6:db:35:fe:ca:dc:00:67:c8:9b:8e:b1:70:38:
00:cc:a2:e5:0d:67:f2:c2:61:0b:de:77:f8:07:3c:
8b:90:f7:b4:db:ef:c4:a8:88:ad:40:1b:dd:cb:8c:
1d:36:fd:cf:9a:6d:bb:7d:e3:aa:a1:c6:5c:db:82:
27:4e:5d:38:28:19:8f:a1:a9:39:a3:c9:db:02:d1:
fa:5b:c7:f2:8d:25:60:c0:28:e6:0e:29:d8:55:36:
2b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:74:73:F0:45:6D:4A:AE:8B:9F:7C:E5:22:43:7F:6B:3A:CC:85:41
X509v3 Authority Key Identifier:
keyid:4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/S3Rz8EVtSq6Ln3zlIkN_azrMhUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.112.0/21
80.77.128.0/20
81.25.176.0/20
185.88.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:61:e3:b8:7f:00:ea:93:9e:d2:3c:6d:bf:cd:45:31:60:79:
97:c9:b7:7b:2d:df:db:3a:89:59:40:70:2e:eb:81:88:49:c6:
b9:a9:29:b6:e7:fd:16:07:99:b2:57:2a:1b:57:35:76:83:da:
d4:6d:43:a9:7b:35:79:af:07:4d:98:c2:d3:f0:87:0c:2e:59:
01:9e:35:9a:88:9b:d2:cd:27:3b:00:1b:ee:18:fa:18:e6:d1:
da:6f:60:ee:05:6f:28:9c:1e:ea:d1:24:eb:de:8b:0c:ee:92:
e9:e2:9b:ba:43:23:dc:44:10:bb:de:7c:e3:5f:13:bf:dc:38:
a9:45:e7:7b:1b:f7:e0:7b:d5:ec:0a:ca:6e:5d:3c:e5:fb:08:
97:c3:48:3b:1e:04:4a:a3:80:e9:dd:bf:52:ce:59:5f:38:94:
5b:ac:69:11:2c:03:fb:87:3a:eb:31:23:b0:3e:61:01:8e:14:
62:0b:02:4e:72:52:ef:58:44:7e:c2:1b:90:fc:74:3b:d8:60:
01:8c:3e:17:73:0f:f9:b9:98:d6:d0:a0:1e:6a:0d:53:8a:d1:
57:63:68:df:14:47:95:b6:a3:85:ca:be:f7:92:db:3e:75:a1:
f6:3e:45:10:2d:d0:75:bc:0d:8e:7e:42:b3:15:06:f3:87:c2:
23:58:44:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsytKVbCW0u1lKXSeVSzSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTYyNDA4OTdiMDEzMDU2ODFjOTQyNWZlNTIzZjU4ZmFi
Mjc0MTUwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc0NzNmMDQ1NmQ0YWFlOGI5ZjdjZTUyMjQzN2Y2YjNhY2M4NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBHkiSdENE2r2d9YelX3YJckTued
i6ObXIIY08G5UoZjdw8t8GqyylZFgCxElX+QWPiejsHmsP0C5hKufxkwS1ND44SD
nQ6zBlJOMc/evCQ32EoTwuiznVvB4T9rzVLHs3Wu0Yt0wdZULKKFVPj4gVhnZMFS
s8RSA59CYm63CSwW6vIyg5MupIpF7xsltRhAQ2Oa8+WslI0ldVv9+hOAZ+y1XfOM
1ts1/srcAGfIm46xcDgAzKLlDWfywmEL3nf4BzyLkPe02+/EqIitQBvdy4wdNv3P
mm27feOqocZc24InTl04KBmPoak5o8nbAtH6W8fyjSVgwCjmDinYVTYrvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEt0c/BFbUqui5985SJDf2s6zIVBMB8GA1UdIwQY
MBaAFE0WJAiXsBMFaByUJf5SP1j6snQVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUt
ZWIwMmYzZDNmNDBjLzEvUzNSejhFVnRTcTZMbjN6bElrTl9henJNaFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mYzQ4MWEtYWIwMS00ZjgyLTllNmUtZWIwMmYzZDNmNDBj
LzEvVFJZa0NKZXdFd1ZvSEpRbF9sSV9XUHF5ZEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNwAwQE
UE2AAwQEURmwAwQCuVjkMA0GCSqGSIb3DQEBCwUAA4IBAQArYeO4fwDqk57SPG2/
zUUxYHmXybd7Ld/bOolZQHAu64GISca5qSm25/0WB5myVyobVzV2g9rUbUOpezV5
rwdNmMLT8IcMLlkBnjWaiJvSzSc7ABvuGPoY5tHab2DuBW8onB7q0STr3osM7pLp
4pu6QyPcRBC73nzjXxO/3DipRed7G/fge9XsCspuXTzl+wiXw0g7HgRKo4Dp3b9S
zllfOJRbrGkRLAP7hzrrMSOwPmEBjhRiCwJOclLvWER+whuQ/HQ72GABjD4Xcw/5
uZjW0KAeag1TitFXY2jfFEeVtqOFyr73kts+daH2PkUQLdB1vA2OfkKzFQbzh8Ij
WETw
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:03 2024 by rpki-client on console.sobornost.net