Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/DC4mog1fcMF6SK8oLaoczhzsppU.roa
File: DC4mog1fcMF6SK8oLaoczhzsppU.roa (raw, json)
Hash identifier: 6ea7YYdxjeoNReCyVul0PR1R6OvwbYI7qLNd2Rb/iG4=
Subject key identifier: 0C:2E:26:A2:0D:5F:70:C1:7A:48:AF:28:2D:AA:1C:CE:1C:EC:A6:95
Certificate issuer: /CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Certificate serial: 0187FFD8C61F0E4C96544297839D84F7902F
Authority key identifier: D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/DC4mog1fcMF6SK8oLaoczhzsppU.roa
Signing time: Tue 09 May 2023 09:30:09 +0000
ROA not before: Tue 09 May 2023 09:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48135
IP address blocks: 151.89.128.0/17 maxlen: 17
193.111.46.0/24 maxlen: 24
94.127.84.0/22 maxlen: 22
94.127.83.0/24 maxlen: 24
94.127.80.0/22 maxlen: 22
94.127.81.0/24 maxlen: 24
94.127.86.0/24 maxlen: 24
94.127.86.0/23 maxlen: 23
94.127.87.0/24 maxlen: 24
151.89.232.0/22 maxlen: 22
151.89.55.0/24 maxlen: 24
151.89.56.0/24 maxlen: 24
151.89.54.0/24 maxlen: 24
151.89.0.0/17 maxlen: 17
151.89.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:d8:c6:1f:0e:4c:96:54:42:97:83:9d:84:f7:90:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Validity
Not Before: May 9 09:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2e26a20d5f70c17a48af282daa1cce1ceca695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:f2:09:70:1e:76:52:cc:71:30:59:c2:1a:
00:08:48:a3:c5:1c:8f:d3:23:ae:99:68:0d:89:93:
35:c9:d8:55:b7:77:cd:97:b7:3b:8d:48:a2:73:79:
a7:b1:84:bc:77:4d:10:0b:f4:8e:10:fc:de:e7:8f:
0d:e8:36:f0:0a:2e:75:6f:5d:d9:ea:fd:72:05:f1:
34:b6:eb:d7:02:cd:d9:b2:a7:d1:be:83:73:39:88:
36:a8:45:48:75:2e:03:d3:33:05:de:9e:36:35:d2:
33:a8:51:96:c6:40:76:67:ec:2f:98:db:13:e3:7c:
82:3c:9c:4e:72:ca:40:2f:5c:32:2e:4b:28:27:7a:
c6:e7:0d:94:f5:d9:43:33:45:36:bc:a3:db:ef:ff:
af:0d:1b:4a:2b:81:c5:71:9f:f1:af:84:c5:78:51:
b7:ff:d8:55:41:a1:5f:11:90:7e:8f:ab:76:93:42:
48:3b:fb:82:eb:67:45:a3:60:3f:84:2c:e1:98:50:
8c:c8:45:35:c8:de:de:cd:3f:5d:45:c6:e8:71:39:
1b:6d:c4:3d:24:29:d0:dc:5e:6e:8b:d5:72:35:ca:
6d:bd:71:8a:29:51:ad:21:c4:64:cb:db:fe:24:16:
63:56:48:0a:5f:ee:86:b8:0a:48:7d:d4:48:9e:f2:
2a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2E:26:A2:0D:5F:70:C1:7A:48:AF:28:2D:AA:1C:CE:1C:EC:A6:95
X509v3 Authority Key Identifier:
keyid:D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/DC4mog1fcMF6SK8oLaoczhzsppU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/12b8bxuOK2BPf7c8Kf1daJoOqB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.80.0/21
151.89.0.0/16
193.111.46.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ef:36:93:a2:b2:2e:f0:22:24:7e:ef:62:10:71:89:1d:8d:
95:4e:58:d5:1b:ea:99:87:be:23:f4:ff:b8:78:c2:77:02:97:
e3:ae:87:49:4b:f0:54:ae:79:da:d0:97:5b:ed:9c:c2:34:23:
0e:0a:05:14:df:c0:cc:e4:db:7b:99:67:8a:f5:1e:11:42:3f:
ab:58:18:81:00:b1:92:af:bd:82:e5:17:61:b2:20:71:c4:7e:
da:c1:7d:5e:8b:52:94:e3:63:73:a8:d0:9f:d6:bc:2b:fe:c4:
e4:f9:87:7d:8a:57:e6:28:e2:f0:d8:14:31:ff:1c:6a:4f:fc:
90:fc:cc:66:74:6c:7a:15:f4:a7:8b:51:08:ba:32:05:ae:bf:
bb:ee:60:e9:3c:80:a2:5b:d3:6c:cc:c1:90:7f:fc:e6:f5:ec:
b1:9c:5c:6c:93:dd:bf:1d:99:52:1e:1d:d7:ef:dd:b0:58:13:
8a:44:25:05:59:b7:f0:3b:b8:71:ed:6a:aa:87:5d:4e:1f:2c:
b1:61:7e:a8:af:c7:d1:a0:49:32:16:7b:2b:a6:6c:db:85:9c:
12:da:ee:45:5a:8f:ca:9b:a2:ec:90:aa:62:4f:c2:df:b0:d9:
66:2d:c8:0f:f4:89:a4:1f:81:f5:9a:57:93:a1:2c:4a:29:00:
64:e5:03:ee
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYf/2MYfDkyWVEKXg52E95AvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NjZmYzZmMWI4ZTJiNjA0ZjdmYjczYzI5ZmQ1ZDY4OWEw
ZWE4MWQwHhcNMjMwNTA5MDkzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJlMjZhMjBkNWY3MGMxN2E0OGFmMjgyZGFhMWNjZTFjZWNhNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSjyCXAedlLMcTBZwhoACEijxRyP
0yOumWgNiZM1ydhVt3fNl7c7jUiic3mnsYS8d00QC/SOEPze548N6DbwCi51b13Z
6v1yBfE0tuvXAs3ZsqfRvoNzOYg2qEVIdS4D0zMF3p42NdIzqFGWxkB2Z+wvmNsT
43yCPJxOcspAL1wyLksoJ3rG5w2U9dlDM0U2vKPb7/+vDRtKK4HFcZ/xr4TFeFG3
/9hVQaFfEZB+j6t2k0JIO/uC62dFo2A/hCzhmFCMyEU1yN7ezT9dRcbocTkbbcQ9
JCnQ3F5ui9VyNcptvXGKKVGtIcRky9v+JBZjVkgKX+6GuApIfdRInvIq+QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFAwuJqINX3DBekivKC2qHM4c7KaVMB8GA1UdIwQY
MBaAFNdm/G8bjitgT3+3PCn9XWiaDqgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzIt
M2VmM2ZkOTY5OTU3LzEvREM0bW9nMWZjTUY2U0s4b0xhb2N6aHpzcHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzItM2VmM2ZkOTY5OTU3
LzEvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQDXn9QAwMA
l1kDBADBby4wDQYJKoZIhvcNAQELBQADggEBAA/vNpOisi7wIiR+72IQcYkdjZVO
WNUb6pmHviP0/7h4wncCl+Ouh0lL8FSuedrQl1vtnMI0Iw4KBRTfwMzk23uZZ4r1
HhFCP6tYGIEAsZKvvYLlF2GyIHHEftrBfV6LUpTjY3Oo0J/WvCv+xOT5h32KV+Yo
4vDYFDH/HGpP/JD8zGZ0bHoV9KeLUQi6MgWuv7vuYOk8gKJb02zMwZB//Ob17LGc
XGyT3b8dmVIeHdfv3bBYE4pEJQVZt/A7uHHtaqqHXU4fLLFhfqivx9GgSTIWeyum
bNuFnBLa7kVaj8qbouyQqmJPwt+w2WYtyA/0iaQfgfWaV5OhLEopAGTlA+4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:09 2023 by rpki-client on console.sobornost.net