Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jhUqi-yjkshhfrQvM7_6tRayU-4.roa
File: jhUqi-yjkshhfrQvM7_6tRayU-4.roa (raw, json)
Hash identifier: 2JzpOcofCFXwztta+Y77zsyH+MiUkvyaOJ2yNOklPIg=
Subject key identifier: 8E:15:2A:8B:EC:A3:92:C8:61:7E:B4:2F:33:BF:FA:B5:16:B2:53:EE
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0189C60A699A3DA111F4447E468ACA5FE8FD
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jhUqi-yjkshhfrQvM7_6tRayU-4.roa
Signing time: Sat 05 Aug 2023 14:11:58 +0000
ROA not before: Sat 05 Aug 2023 14:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/21 maxlen: 24
176.221.24.0/21 maxlen: 24
95.82.32.0/21 maxlen: 24
37.128.252.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
37.128.248.0/23 maxlen: 24
37.128.254.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:0a:69:9a:3d:a1:11:f4:44:7e:46:8a:ca:5f:e8:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 5 14:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e152a8beca392c8617eb42f33bffab516b253ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:16:83:c4:42:dc:df:9b:73:ab:80:2c:f7:42:
60:1b:e0:a9:89:cd:3c:64:e6:ba:28:2c:d7:ad:0c:
e3:db:aa:e8:de:4a:23:95:d2:ff:2c:fb:c9:f5:52:
89:be:d8:a0:ab:8e:50:92:bb:d5:fa:2a:90:b1:2b:
bd:c4:94:4f:c0:f5:0b:17:31:02:4a:f9:21:ee:27:
ae:90:cc:0c:d9:db:8e:31:a1:b0:18:2e:52:16:0d:
eb:a5:c6:95:46:ca:79:2a:0a:74:ba:42:66:5b:eb:
0e:b9:f5:55:bf:6d:95:31:0b:2d:4d:05:3e:b0:86:
12:97:8a:55:1d:63:7d:ff:7f:d4:46:74:0e:5b:bd:
c4:97:07:2b:4b:2f:04:44:fa:9e:74:6c:8a:b9:b7:
a5:4b:95:63:da:19:73:78:39:da:e2:0d:f6:22:a2:
f3:3f:45:e0:55:73:4b:a2:8a:73:2a:a7:a2:90:57:
61:2d:5b:b5:f1:0e:af:61:42:ff:b4:7f:78:b0:70:
2b:08:d4:aa:c7:48:9c:29:0f:b8:9b:b3:02:64:ff:
0c:12:5e:06:81:37:3b:fd:a5:e5:16:9e:9a:94:9e:
70:40:82:0c:79:74:1a:b2:f7:f8:6b:63:3a:90:a2:
c9:40:f8:be:8b:19:f3:77:0e:8c:2e:6a:75:f2:a0:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:15:2A:8B:EC:A3:92:C8:61:7E:B4:2F:33:BF:FA:B5:16:B2:53:EE
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jhUqi-yjkshhfrQvM7_6tRayU-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/21
95.82.0.0/21
95.82.32.0/21
176.221.24.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:e2:ee:1a:d3:ff:b6:54:4c:0f:29:19:54:e0:eb:d8:06:79:
a3:bd:30:80:b1:b6:30:4b:21:e9:c9:96:70:cc:22:2f:ca:5c:
56:80:64:fc:7a:ae:65:1b:6f:16:1c:09:8c:d9:d2:70:84:31:
cc:db:91:23:0d:ea:63:7f:9c:c4:fb:38:88:1f:9e:63:52:7f:
84:ae:8f:a6:9d:e4:c0:7d:ee:87:15:21:f9:7c:28:48:34:db:
35:26:2e:75:3b:de:cd:15:aa:e5:5a:cb:a6:ad:72:ad:74:58:
74:88:d7:60:a5:53:3b:82:26:b5:9f:7f:05:e3:ee:da:ec:c7:
c5:4f:bc:7b:db:72:7c:59:06:c8:12:ee:bd:b9:11:72:79:fa:
63:a4:46:10:7d:c5:75:ba:27:fc:5c:7a:18:eb:05:40:45:99:
6a:df:0b:5a:1f:6c:ca:f8:34:7d:14:bc:c8:3e:47:61:8d:4e:
64:fd:a0:02:38:fd:6c:7d:fa:ac:46:94:70:a2:fa:e2:7b:da:
aa:b4:58:51:7e:58:44:8c:a4:86:7f:75:d5:f2:8c:58:39:4c:
dc:1f:fd:7e:2a:3e:70:95:62:31:ea:11:a1:34:5c:76:f3:70:
95:9e:26:4b:93:ed:e9:21:02:a0:3b:8a:b0:a0:11:b1:a1:9e:
1b:e6:6e:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnGCmmaPaER9ER+RorKX+j9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwODA1MTQxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE1MmE4YmVjYTM5MmM4NjE3ZWI0MmYzM2JmZmFiNTE2YjI1M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBaDxELc35tzq4As90JgG+Cpic08
ZOa6KCzXrQzj26ro3kojldL/LPvJ9VKJvtigq45QkrvV+iqQsSu9xJRPwPULFzEC
Svkh7ieukMwM2duOMaGwGC5SFg3rpcaVRsp5Kgp0ukJmW+sOufVVv22VMQstTQU+
sIYSl4pVHWN9/3/URnQOW73ElwcrSy8ERPqedGyKubelS5Vj2hlzeDna4g32IqLz
P0XgVXNLoopzKqeikFdhLVu18Q6vYUL/tH94sHArCNSqx0icKQ+4m7MCZP8MEl4G
gTc7/aXlFp6alJ5wQIIMeXQasvf4a2M6kKLJQPi+ixnzdw6MLmp18qDCNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI4VKovso5LIYX60LzO/+rUWslPuMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvamhVcWkteWprc2hoZnJRdk03XzZ0UmF5VS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJYD4AwQD
X1IAAwQDX1IgAwQDsN0YMA0GCSqGSIb3DQEBCwUAA4IBAQBP4u4a0/+2VEwPKRlU
4OvYBnmjvTCAsbYwSyHpyZZwzCIvylxWgGT8eq5lG28WHAmM2dJwhDHM25EjDepj
f5zE+ziIH55jUn+Ero+mneTAfe6HFSH5fChINNs1Ji51O97NFarlWsumrXKtdFh0
iNdgpVM7gia1n38F4+7a7MfFT7x723J8WQbIEu69uRFyefpjpEYQfcV1uif8XHoY
6wVARZlq3wtaH2zK+DR9FLzIPkdhjU5k/aACOP1sffqsRpRwovrie9qqtFhRflhE
jKSGf3XV8oxYOUzcH/1+Kj5wlWIx6hGhNFx283CVniZLk+3pIQKgO4qwoBGxoZ4b
5m5C
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:50 2023 by rpki-client on console.sobornost.net