Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/76KtsLk0lv8CPpb2y6h4epIhTlc.roa
File: 76KtsLk0lv8CPpb2y6h4epIhTlc.roa (raw, json)
Hash identifier: EtZ9O6V8WLas7UNp2LYeiv7RU2+vhBnldI6dHC0POAM=
Subject key identifier: EF:A2:AD:B0:B9:34:96:FF:02:3E:96:F6:CB:A8:78:7A:92:21:4E:57
Certificate issuer: /CN=5bd3e848c58a6451ca874cdcfc37e9bc0f5d9ac7
Certificate serial: 01856B254B23F0F9C1FFF497AD6D9E881540
Authority key identifier: 5B:D3:E8:48:C5:8A:64:51:CA:87:4C:DC:FC:37:E9:BC:0F:5D:9A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9PoSMWKZFHKh0zc_DfpvA9dmsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/76KtsLk0lv8CPpb2y6h4epIhTlc.roa
Signing time: Sun 01 Jan 2023 02:24:44 +0000
ROA not before: Sun 01 Jan 2023 02:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209820
IP address blocks: 80.209.254.0/24 maxlen: 24
185.40.140.0/24 maxlen: 24
80.208.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:4b:23:f0:f9:c1:ff:f4:97:ad:6d:9e:88:15:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd3e848c58a6451ca874cdcfc37e9bc0f5d9ac7
Validity
Not Before: Jan 1 02:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efa2adb0b93496ff023e96f6cba8787a92214e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9f:b7:23:0a:85:e4:d8:9c:5e:8c:e9:e2:2a:
72:e0:46:84:3f:fc:06:c0:51:2b:5b:2d:d4:1c:b1:
71:d4:27:69:fc:c8:7b:37:3f:ec:91:37:ca:8c:3e:
fa:fd:7c:be:a8:6a:17:a0:1f:c1:2e:63:d7:b0:df:
8c:8b:0d:3b:39:f4:b2:0f:f1:de:0d:42:a4:51:92:
c0:b9:d2:8c:31:b6:e0:e8:f6:cf:7a:d7:6e:b9:4f:
97:38:40:52:00:9d:c6:05:3c:ea:03:5a:aa:89:0a:
ad:2e:68:d4:dc:40:08:ad:07:29:d6:6b:0b:a6:93:
98:6f:18:1d:b7:06:6c:52:ad:d8:39:ee:4d:a9:c3:
71:fc:3f:dd:6a:a6:36:4f:33:8e:e8:66:e2:42:d6:
d5:36:e4:7e:7f:15:0e:ce:e9:a2:17:c9:e9:3e:02:
9d:9b:17:5f:3d:01:34:4a:97:ab:60:2b:cb:ee:fa:
77:ec:14:0b:e8:73:2e:7e:ac:4e:71:dc:48:59:ac:
21:88:4a:1a:37:a0:e0:b9:ac:8d:19:38:7e:89:ab:
88:75:45:e7:10:0c:7d:5a:cf:21:57:52:31:e4:e0:
0f:16:08:6d:f9:9f:84:3a:8b:ec:bb:f6:f1:21:81:
48:06:53:7d:b5:d5:9c:58:f5:d6:49:aa:04:7c:f4:
74:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A2:AD:B0:B9:34:96:FF:02:3E:96:F6:CB:A8:78:7A:92:21:4E:57
X509v3 Authority Key Identifier:
keyid:5B:D3:E8:48:C5:8A:64:51:CA:87:4C:DC:FC:37:E9:BC:0F:5D:9A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9PoSMWKZFHKh0zc_DfpvA9dmsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/76KtsLk0lv8CPpb2y6h4epIhTlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/W9PoSMWKZFHKh0zc_DfpvA9dmsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.208.254.0/24
80.209.254.0/24
185.40.140.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2b:b3:d1:66:55:0f:7a:20:1f:d9:a7:24:fe:98:16:e3:c4:
4a:64:22:6c:cd:15:18:be:16:4a:8d:ce:15:62:68:db:61:95:
f2:b8:4b:10:42:86:3b:44:7d:34:97:42:37:5d:41:10:1a:81:
93:63:5c:cf:4a:1d:ad:52:62:7b:3d:28:47:4f:b6:c0:6d:fe:
83:6d:1f:99:3b:6c:c8:63:04:94:ca:e6:16:86:df:8a:4c:de:
8f:6c:fe:d1:e0:20:c4:af:79:9a:5f:07:8a:cc:c0:a0:11:6f:
e0:29:91:5f:3a:34:d6:42:64:ec:38:aa:46:c9:63:0f:43:0a:
3c:08:98:f8:2c:16:18:7d:b0:82:e0:d2:1d:a9:7e:77:16:d2:
4b:7c:e4:e2:9b:25:22:99:ae:81:84:0b:06:ec:77:b7:da:f7:
8c:29:f8:74:df:8b:1a:fd:8f:23:2d:16:e4:57:be:6a:6a:8a:
cb:c6:ff:7c:bf:12:d2:61:d4:04:3a:10:60:16:c8:99:72:04:
81:e1:d6:9a:20:ba:ca:7a:5f:52:df:16:25:cb:13:b3:0d:8c:
57:2e:b3:bd:7e:46:46:17:56:b5:a5:f8:1d:07:ac:02:8a:45:
22:73:01:94:a5:8c:51:63:80:b5:2b:a1:23:ad:18:da:b3:15:
59:6e:d1:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrJUsj8PnB//SXrW2eiBVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDNlODQ4YzU4YTY0NTFjYTg3NGNkY2ZjMzdlOWJjMGY1
ZDlhYzcwHhcNMjMwMTAxMDIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmEyYWRiMGI5MzQ5NmZmMDIzZTk2ZjZjYmE4Nzg3YTkyMjE0ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ+3IwqF5NicXozp4ipy4EaEP/wG
wFErWy3UHLFx1Cdp/Mh7Nz/skTfKjD76/Xy+qGoXoB/BLmPXsN+Miw07OfSyD/He
DUKkUZLAudKMMbbg6PbPetduuU+XOEBSAJ3GBTzqA1qqiQqtLmjU3EAIrQcp1msL
ppOYbxgdtwZsUq3YOe5NqcNx/D/daqY2TzOO6GbiQtbVNuR+fxUOzumiF8npPgKd
mxdfPQE0SperYCvL7vp37BQL6HMufqxOcdxIWawhiEoaN6DguayNGTh+iauIdUXn
EAx9Ws8hV1Ix5OAPFght+Z+EOovsu/bxIYFIBlN9tdWcWPXWSaoEfPR0VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO+irbC5NJb/Aj6W9suoeHqSIU5XMB8GA1UdIwQY
MBaAFFvT6EjFimRRyodM3Pw36bwPXZrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlQb1NNV0taRkhLaDB6Y19EZnB2QTlkbXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYjg3ZjUtZTVkMi00NTZmLWFiZTAt
NDg0ZDQ1ODZlZTdiLzEvNzZLdHNMazBsdjhDUHBiMnk2aDRlcEloVGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYjg3ZjUtZTVkMi00NTZmLWFiZTAtNDg0ZDQ1ODZlZTdi
LzEvVzlQb1NNV0taRkhLaDB6Y19EZnB2QTlkbXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUND+AwQA
UNH+AwQAuSiMMA0GCSqGSIb3DQEBCwUAA4IBAQCFK7PRZlUPeiAf2ack/pgW48RK
ZCJszRUYvhZKjc4VYmjbYZXyuEsQQoY7RH00l0I3XUEQGoGTY1zPSh2tUmJ7PShH
T7bAbf6DbR+ZO2zIYwSUyuYWht+KTN6PbP7R4CDEr3maXweKzMCgEW/gKZFfOjTW
QmTsOKpGyWMPQwo8CJj4LBYYfbCC4NIdqX53FtJLfOTimyUima6BhAsG7He32veM
Kfh034sa/Y8jLRbkV75qaorLxv98vxLSYdQEOhBgFsiZcgSB4daaILrKel9S3xYl
yxOzDYxXLrO9fkZGF1a1pfgdB6wCikUicwGUpYxRY4C1K6EjrRjasxVZbtEc
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:17 2024 by rpki-client on console.sobornost.net