Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/8UxBSuF_ICscTBDgyRmpGhy5Rwk.roa
File: 8UxBSuF_ICscTBDgyRmpGhy5Rwk.roa (raw, json)
Hash identifier: kPX1Q84CmVTtSJ/ptw1CE8mKGfHTCrHsB/AA/u/sNLM=
Subject key identifier: F1:4C:41:4A:E1:7F:20:2B:1C:4C:10:E0:C9:19:A9:1A:1C:B9:47:09
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 0186382CD86DD1ADCB01F2DF3744CA4761CB
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/8UxBSuF_ICscTBDgyRmpGhy5Rwk.roa
Signing time: Thu 09 Feb 2023 21:55:08 +0000
ROA not before: Thu 09 Feb 2023 21:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.128.0/23 maxlen: 23
185.173.158.0/24 maxlen: 24
89.107.128.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:38:2c:d8:6d:d1:ad:cb:01:f2:df:37:44:ca:47:61:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 9 21:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f14c414ae17f202b1c4c10e0c919a91a1cb94709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ae:42:55:8f:f4:2d:6f:45:55:a3:67:38:c1:
92:53:23:48:87:86:e1:91:1e:c6:44:64:6d:40:03:
24:83:70:33:27:c7:7e:88:de:fe:f7:b5:80:03:2b:
2b:51:c2:05:a8:7d:cd:b8:98:c1:74:5a:14:00:5f:
35:a2:a7:0c:88:6f:65:ec:7c:3c:70:60:98:6a:da:
d3:0a:85:78:44:62:7b:77:b8:7a:aa:f2:01:5b:c2:
5c:0e:81:06:72:36:99:02:75:5b:dc:1b:59:0e:b8:
73:b6:54:d7:c9:87:6a:d5:b1:4a:95:c3:13:34:44:
75:78:0e:15:ce:dd:ac:05:05:24:80:7e:08:12:c7:
84:98:b1:b2:a5:aa:ce:f1:87:82:1b:1c:a2:d5:9d:
88:a8:4c:4a:ec:84:14:3f:84:29:71:77:d9:6c:78:
e9:c7:cb:50:e0:ab:bf:38:1f:f9:af:de:30:bd:55:
45:0e:e9:bd:95:64:bf:2c:3e:68:3c:6d:ee:b5:55:
35:9e:e9:95:b4:61:ce:27:6f:15:94:77:0c:6f:f0:
02:b2:cd:a1:8e:c0:4b:ca:c1:97:88:f6:75:a4:b7:
d0:7f:06:f8:4a:6a:09:3c:15:bc:87:74:4c:5a:66:
a9:1a:26:aa:d7:3a:64:b4:0c:6c:91:54:b5:a2:a1:
34:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4C:41:4A:E1:7F:20:2B:1C:4C:10:E0:C9:19:A9:1A:1C:B9:47:09
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/8UxBSuF_ICscTBDgyRmpGhy5Rwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
89:3c:16:6d:0b:30:9c:64:ac:08:42:93:50:a0:f5:60:35:51:
28:c8:4f:bb:29:c5:8f:9f:14:27:8f:b2:34:05:38:54:ca:d0:
7a:75:d5:48:46:58:37:71:a9:ca:d6:ef:3d:85:cd:6a:92:0b:
05:2f:41:02:1b:46:50:b2:4f:18:df:3d:d1:f4:e7:24:1a:f9:
48:5c:f6:1a:b4:9c:56:ac:8e:9e:13:be:26:c3:26:2f:5e:41:
8b:31:9e:ad:01:f2:6d:39:f1:ac:73:10:16:f6:27:97:5d:3f:
b5:16:4a:5c:1d:ca:2c:5d:e6:e0:00:df:fc:2c:18:e2:5b:58:
25:d4:82:a8:06:b4:58:f3:3a:6d:3e:40:55:c1:40:ac:bc:46:
4d:36:32:bd:1b:8b:f2:92:04:8e:76:e1:60:7c:1d:6f:0c:6f:
ad:cf:bb:eb:f5:fa:dc:e7:ed:11:22:0c:f1:96:f0:c8:79:71:
1f:29:c6:bb:08:df:57:86:76:8b:8a:46:a8:28:64:7a:53:be:
e2:59:e0:a8:29:1d:fb:28:2f:5d:47:56:c7:2b:3c:11:5d:1e:
7f:fe:c8:40:48:ed:88:5e:de:d4:9d:0e:ec:fb:0e:90:e5:89:
55:2b:67:df:63:6b:9e:1c:55:1f:cd:14:60:98:de:81:fb:5e:
b0:6d:1e:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY4LNht0a3LAfLfN0TKR2HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA5MjE1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRjNDE0YWUxN2YyMDJiMWM0YzEwZTBjOTE5YTkxYTFjYjk0NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq5CVY/0LW9FVaNnOMGSUyNIh4bh
kR7GRGRtQAMkg3AzJ8d+iN7+97WAAysrUcIFqH3NuJjBdFoUAF81oqcMiG9l7Hw8
cGCYatrTCoV4RGJ7d7h6qvIBW8JcDoEGcjaZAnVb3BtZDrhztlTXyYdq1bFKlcMT
NER1eA4Vzt2sBQUkgH4IEseEmLGyparO8YeCGxyi1Z2IqExK7IQUP4QpcXfZbHjp
x8tQ4Ku/OB/5r94wvVVFDum9lWS/LD5oPG3utVU1numVtGHOJ28VlHcMb/ACss2h
jsBLysGXiPZ1pLfQfwb4SmoJPBW8h3RMWmapGiaq1zpktAxskVS1oqE0/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPFMQUrhfyArHEwQ4MkZqRocuUcJMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvOFV4QlN1Rl9JQ3NjVEJEZ3lSbXBHaHk1UndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQCJPBZtCzCcZKwIQpNQoPVgNVEo
yE+7KcWPnxQnj7I0BThUytB6ddVIRlg3canK1u89hc1qkgsFL0ECG0ZQsk8Y3z3R
9OckGvlIXPYatJxWrI6eE74mwyYvXkGLMZ6tAfJtOfGscxAW9ieXXT+1FkpcHcos
XebgAN/8LBjiW1gl1IKoBrRY8zptPkBVwUCsvEZNNjK9G4vykgSOduFgfB1vDG+t
z7vr9frc5+0RIgzxlvDIeXEfKca7CN9XhnaLikaoKGR6U77iWeCoKR37KC9dR1bH
KzwRXR5//shASO2IXt7UnQ7s+w6Q5YlVK2ffY2ueHFUfzRRgmN6B+16wbR7E
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:15 2023 by rpki-client on console.sobornost.net