Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/AfFlTWbffuQmjeQ0Qhbc5juPY5w.roa
File: AfFlTWbffuQmjeQ0Qhbc5juPY5w.roa (raw, json)
Hash identifier: QHPKbAAh9egfWWWepr37KTk7oqqOkJdBTPCYsGZRXIs=
Subject key identifier: 01:F1:65:4D:66:DF:7E:E4:26:8D:E4:34:42:16:DC:E6:3B:8F:63:9C
Certificate issuer: /CN=7ec81de2da2f0a5aab4182614bbcc5e413d5521b
Certificate serial: 01857267CC2F6F29AF4A84E1CA723E56A1AA
Authority key identifier: 7E:C8:1D:E2:DA:2F:0A:5A:AB:41:82:61:4B:BC:C5:E4:13:D5:52:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsgd4tovClqrQYJhS7zF5BPVUhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/AfFlTWbffuQmjeQ0Qhbc5juPY5w.roa
Signing time: Mon 02 Jan 2023 12:14:43 +0000
ROA not before: Mon 02 Jan 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201241
IP address blocks: 185.81.34.0/24 maxlen: 24
185.81.35.0/24 maxlen: 24
185.81.32.0/24 maxlen: 24
185.81.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:67:cc:2f:6f:29:af:4a:84:e1:ca:72:3e:56:a1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec81de2da2f0a5aab4182614bbcc5e413d5521b
Validity
Not Before: Jan 2 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f1654d66df7ee4268de4344216dce63b8f639c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c2:1f:0d:21:e7:d2:6e:fe:03:b2:1d:89:04:
03:26:01:80:54:bf:74:78:84:27:fe:5f:f4:aa:62:
19:6f:0a:9e:4e:42:44:d3:6d:9f:ca:97:a6:cd:c8:
70:d0:e2:06:13:f3:57:72:be:1d:05:e9:3f:4d:4b:
f8:a3:03:db:e8:87:ce:4f:2b:72:3a:8d:28:a8:3f:
fd:f7:85:c6:10:ae:04:54:ed:13:74:b9:c9:72:e6:
77:ad:6b:ee:b8:f7:1b:a3:79:ba:9c:9e:23:88:11:
1d:03:9c:87:88:f9:81:a1:50:e3:04:4a:7d:ad:4f:
3e:98:1e:2d:78:62:bb:2d:39:fb:1a:91:37:18:b6:
20:ee:4d:a2:05:a3:ac:20:af:d3:8f:fa:5f:b5:e1:
35:75:c9:56:e4:ac:6d:b0:cd:ae:d5:08:cd:f4:02:
a1:b3:b9:07:f3:da:a6:b0:6b:c7:d0:d4:f5:3b:5e:
89:96:26:22:7e:3d:a9:67:91:f7:a5:6b:e8:44:44:
ea:dc:3b:43:95:f8:fa:da:c4:c4:c1:c8:bb:c6:de:
cf:3b:1e:8b:7f:53:1c:0a:00:12:8d:b2:a1:84:9e:
05:ed:59:84:20:84:be:a1:56:88:31:07:53:66:6f:
8a:3b:05:2c:42:1c:be:f3:f2:4d:a4:64:ea:7c:8c:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F1:65:4D:66:DF:7E:E4:26:8D:E4:34:42:16:DC:E6:3B:8F:63:9C
X509v3 Authority Key Identifier:
keyid:7E:C8:1D:E2:DA:2F:0A:5A:AB:41:82:61:4B:BC:C5:E4:13:D5:52:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsgd4tovClqrQYJhS7zF5BPVUhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/AfFlTWbffuQmjeQ0Qhbc5juPY5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0985e7-df08-42a5-9a86-bd91e92aca90/1/fsgd4tovClqrQYJhS7zF5BPVUhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:1c:0b:34:7a:20:9e:f7:44:ab:18:44:55:95:b3:c5:45:ae:
a6:b4:56:90:71:7c:d1:86:dd:6f:95:f6:3b:6c:af:51:00:40:
6f:d9:73:20:2c:56:96:07:9f:8d:cf:62:94:3b:d5:d0:17:89:
c7:25:d2:de:7a:47:0e:d5:2b:db:fa:ac:b1:fa:2e:02:d7:a4:
b0:25:0a:2a:4d:6b:6b:2f:9d:20:19:40:0f:91:16:9d:b5:b1:
f8:33:fc:a7:f4:71:88:6d:97:8d:a9:c5:da:f7:7c:ab:e1:46:
d6:9e:9d:ef:04:d3:70:0c:3b:ff:23:de:e3:d7:8c:3b:62:26:
9e:7e:24:a0:02:9d:a0:15:bf:4e:97:63:fe:a0:d0:f9:82:b5:
f9:f1:9b:71:e0:02:6d:be:c9:1b:59:89:65:a3:f6:99:eb:23:
aa:fd:a0:42:3f:5b:94:91:56:ef:e5:7e:58:d3:d3:83:6a:97:
bb:2a:58:b5:77:e0:35:17:e4:eb:5c:6c:63:24:d2:5a:cb:d8:
35:24:63:6c:82:a4:41:1a:5e:0d:19:89:48:b5:72:92:0f:12:
69:94:9e:5d:bc:c9:c1:b7:5d:e4:1d:2a:0c:d2:22:70:45:5b:
31:cc:de:7f:25:1b:17:65:72:ff:52:84:fe:3d:38:07:c5:be:
04:40:65:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyZ8wvbymvSoThynI+VqGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzgxZGUyZGEyZjBhNWFhYjQxODI2MTRiYmNjNWU0MTNk
NTUyMWIwHhcNMjMwMTAyMTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWYxNjU0ZDY2ZGY3ZWU0MjY4ZGU0MzQ0MjE2ZGNlNjNiOGY2MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MIfDSHn0m7+A7IdiQQDJgGAVL90
eIQn/l/0qmIZbwqeTkJE022fypemzchw0OIGE/NXcr4dBek/TUv4owPb6IfOTyty
Oo0oqD/994XGEK4EVO0TdLnJcuZ3rWvuuPcbo3m6nJ4jiBEdA5yHiPmBoVDjBEp9
rU8+mB4teGK7LTn7GpE3GLYg7k2iBaOsIK/Tj/pfteE1dclW5KxtsM2u1QjN9AKh
s7kH89qmsGvH0NT1O16JliYifj2pZ5H3pWvoRETq3DtDlfj62sTEwci7xt7POx6L
f1McCgASjbKhhJ4F7VmEIIS+oVaIMQdTZm+KOwUsQhy+8/JNpGTqfIzedQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHxZU1m337kJo3kNEIW3OY7j2OcMB8GA1UdIwQY
MBaAFH7IHeLaLwpaq0GCYUu8xeQT1VIbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNnZDR0b3ZDbHFyUVlKaFM3ekY1QlBWVWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wOTg1ZTctZGYwOC00MmE1LTlhODYt
YmQ5MWU5MmFjYTkwLzEvQWZGbFRXYmZmdVFtamVRMFFoYmM1anVQWTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wOTg1ZTctZGYwOC00MmE1LTlhODYtYmQ5MWU5MmFjYTkw
LzEvZnNnZDR0b3ZDbHFyUVlKaFM3ekY1QlBWVWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVEgMA0G
CSqGSIb3DQEBCwUAA4IBAQA/HAs0eiCe90SrGERVlbPFRa6mtFaQcXzRht1vlfY7
bK9RAEBv2XMgLFaWB5+Nz2KUO9XQF4nHJdLeekcO1Svb+qyx+i4C16SwJQoqTWtr
L50gGUAPkRadtbH4M/yn9HGIbZeNqcXa93yr4UbWnp3vBNNwDDv/I97j14w7Yiae
fiSgAp2gFb9Ol2P+oND5grX58Ztx4AJtvskbWYllo/aZ6yOq/aBCP1uUkVbv5X5Y
09ODape7Kli1d+A1F+TrXGxjJNJay9g1JGNsgqRBGl4NGYlItXKSDxJplJ5dvMnB
t13kHSoM0iJwRVsxzN5/JRsXZXL/UoT+PTgHxb4EQGVY
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:22 2024 by rpki-client on console.sobornost.net