Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/L8v6iAD_QECB4UEg5as92Y1qi1Y.roa
File: L8v6iAD_QECB4UEg5as92Y1qi1Y.roa (raw, json)
Hash identifier: H4w+OkwikmGptHXJSy94IqTK54lXDYIrNydnFU44toQ=
Subject key identifier: 2F:CB:FA:88:00:FF:40:40:81:E1:41:20:E5:AB:3D:D9:8D:6A:8B:56
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 0188FC4F50BD840D587EF200C33B57EA85AA
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/L8v6iAD_QECB4UEg5as92Y1qi1Y.roa
Signing time: Tue 27 Jun 2023 10:03:56 +0000
ROA not before: Tue 27 Jun 2023 10:03:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59395
IP address blocks: 185.136.73.0/24 maxlen: 24
185.136.74.0/23 maxlen: 24
5.175.61.0/24 maxlen: 24
5.175.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:4f:50:bd:84:0d:58:7e:f2:00:c3:3b:57:ea:85:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Jun 27 10:03:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fcbfa8800ff404081e14120e5ab3dd98d6a8b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:34:32:4e:c6:0a:d4:e4:77:2e:b8:38:3d:4a:
bc:5f:75:a6:46:d1:65:d3:f6:48:94:bc:65:1f:88:
24:ad:62:bb:8b:c8:a4:3f:50:0a:63:05:0a:da:77:
14:1f:4f:c0:1c:32:19:81:e7:d9:bd:d8:3e:31:c8:
0b:20:30:aa:40:44:5b:ba:a0:a5:d4:3f:c7:70:97:
cf:18:3b:36:0b:0c:b7:a4:36:fd:22:65:1f:3d:4c:
87:1c:f0:52:76:c9:dc:36:3a:91:ef:6b:68:58:ef:
69:53:1a:43:b5:dd:31:5a:61:53:b0:47:58:72:0e:
c3:3c:44:d2:5a:45:4e:eb:4e:02:7e:5f:92:04:f5:
32:5f:26:e2:61:bf:ee:1b:69:76:e4:67:fe:ff:36:
07:1d:9d:c4:22:0e:06:e8:e2:93:11:07:d3:a2:99:
2a:84:da:21:fa:e9:42:c7:02:c1:9a:fc:e1:00:be:
7d:d1:ab:1f:c1:6e:c3:65:43:69:36:4c:e5:fb:ff:
c7:c5:33:c1:68:3e:be:5b:72:3d:09:ec:10:46:25:
28:0f:52:17:1a:3f:49:fc:45:fe:ea:4a:eb:8e:ed:
e1:4b:53:84:55:e3:79:0a:05:62:8f:65:8a:1c:86:
6f:28:23:c5:f9:a9:b5:b2:0e:d1:b6:3f:40:3d:c7:
03:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CB:FA:88:00:FF:40:40:81:E1:41:20:E5:AB:3D:D9:8D:6A:8B:56
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/L8v6iAD_QECB4UEg5as92Y1qi1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.59.0/24
5.175.61.0/24
185.136.73.0-185.136.75.255
Signature Algorithm: sha256WithRSAEncryption
91:ba:58:2a:7c:21:af:40:2d:c1:4d:ab:6c:d6:ba:67:87:24:
c7:58:da:72:d6:37:6d:47:44:a0:19:24:d7:2a:5c:a6:3f:6a:
bd:0f:aa:9f:cd:03:cd:5c:ae:86:d4:04:d5:eb:e2:a1:5c:fd:
c3:0c:0e:1e:a7:57:c6:08:ff:88:03:8a:bd:99:f0:09:02:50:
29:99:fd:b6:bf:ad:b8:c5:84:96:6c:f2:31:75:0b:a7:b1:ee:
03:7d:20:af:d5:f9:97:7e:5a:9d:5c:33:06:58:46:a4:ce:9e:
64:e0:bf:8b:ed:f8:04:08:7d:f5:7b:d9:98:73:d6:78:a7:d1:
84:01:dd:5a:29:2b:12:c3:f7:0f:ac:9d:15:3a:95:84:d1:7c:
e6:44:5e:54:12:01:83:2c:dd:f3:69:03:51:f0:7d:1c:67:a9:
70:c4:f3:72:12:ed:20:ee:e2:76:0b:c2:b7:a4:97:e9:75:94:
95:03:bf:59:13:41:8a:ed:91:34:76:9d:45:a5:2d:b5:e0:69:
ac:c8:c3:44:d9:c9:18:73:ad:e9:09:b5:7c:91:f9:c8:23:a8:
8e:48:eb:bc:6e:24:7c:c6:5f:97:a3:8c:f3:86:1f:0a:24:a2:
f9:ae:0a:58:2e:27:a9:0c:74:e6:b9:f0:0f:2e:30:ad:6c:f3:
9f:74:74:93
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYj8T1C9hA1YfvIAwztX6oWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjMwNjI3MTAwMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNiZmE4ODAwZmY0MDQwODFlMTQxMjBlNWFiM2RkOThkNmE4YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTQyTsYK1OR3Lrg4PUq8X3WmRtFl
0/ZIlLxlH4gkrWK7i8ikP1AKYwUK2ncUH0/AHDIZgefZvdg+McgLIDCqQERbuqCl
1D/HcJfPGDs2Cwy3pDb9ImUfPUyHHPBSdsncNjqR72toWO9pUxpDtd0xWmFTsEdY
cg7DPETSWkVO604Cfl+SBPUyXybiYb/uG2l25Gf+/zYHHZ3EIg4G6OKTEQfTopkq
hNoh+ulCxwLBmvzhAL590asfwW7DZUNpNkzl+//HxTPBaD6+W3I9CewQRiUoD1IX
Gj9J/EX+6krrju3hS1OEVeN5CgVij2WKHIZvKCPF+am1sg7Rtj9APccDAwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC/L+ogA/0BAgeFBIOWrPdmNaotWMB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvTDh2NmlBRF9RRUNCNFVFZzVhczkyWTFxaTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABa87AwQA
Ba89MAwDBAC5iEkDBAK5iEgwDQYJKoZIhvcNAQELBQADggEBAJG6WCp8Ia9ALcFN
q2zWumeHJMdY2nLWN21HRKAZJNcqXKY/ar0Pqp/NA81crobUBNXr4qFc/cMMDh6n
V8YI/4gDir2Z8AkCUCmZ/ba/rbjFhJZs8jF1C6ex7gN9IK/V+Zd+Wp1cMwZYRqTO
nmTgv4vt+AQIffV72Zhz1nin0YQB3VopKxLD9w+snRU6lYTRfOZEXlQSAYMs3fNp
A1HwfRxnqXDE83IS7SDu4nYLwrekl+l1lJUDv1kTQYrtkTR2nUWlLbXgaazIw0TZ
yRhzrekJtXyR+cgjqI5I67xuJHzGX5ejjPOGHwokovmuClguJ6kMdOa58A8uMK1s
8590dJM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:56 2024 by rpki-client on console.sobornost.net