Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/uFmtSR8Z4UvP6GVcvD32gg-EWE0.roa
File: uFmtSR8Z4UvP6GVcvD32gg-EWE0.roa (raw, json)
Hash identifier: odgIbouB0jHfef1gs96/O0i4eQYDOFwX5sTrY88847o=
Subject key identifier: B8:59:AD:49:1F:19:E1:4B:CF:E8:65:5C:BC:3D:F6:82:0F:84:58:4D
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018C3F42F509C4C4A857113CCB70EE06BA94
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/uFmtSR8Z4UvP6GVcvD32gg-EWE0.roa
Signing time: Wed 06 Dec 2023 13:13:21 +0000
ROA not before: Wed 06 Dec 2023 13:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47330
IP address blocks: 188.213.69.0/24 maxlen: 24
188.213.66.0/24 maxlen: 24
188.213.67.0/24 maxlen: 24
188.213.68.0/24 maxlen: 24
188.213.65.0/24 maxlen: 24
37.156.28.0/23 maxlen: 23
92.114.16.0/22 maxlen: 22
2a00:5ca6::/31 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:42:f5:09:c4:c4:a8:57:11:3c:cb:70:ee:06:ba:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Dec 6 13:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b859ad491f19e14bcfe8655cbc3df6820f84584d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:04:26:26:3d:70:c1:eb:7a:bb:58:f6:b5:5a:
eb:5d:7c:cc:73:7e:ca:9a:23:da:e6:06:ac:dd:79:
d6:7f:b1:b8:65:b2:19:d7:c7:5a:c2:3a:c2:0b:80:
9f:81:16:aa:10:e5:26:32:66:98:e9:60:f0:80:83:
40:62:fb:0b:63:4e:d6:60:94:70:85:f0:c7:67:39:
d3:2e:82:1b:d8:83:df:fc:9f:42:c3:75:a7:bd:62:
fa:d8:b7:82:a4:a9:f8:6c:83:88:52:45:29:28:19:
e9:ee:08:6b:d5:38:1e:db:aa:58:ee:53:fc:b5:11:
13:51:2e:12:28:71:e2:31:34:60:e0:29:be:d4:34:
43:39:45:45:0c:26:0c:bc:b7:32:bc:ad:3e:a6:63:
0a:ac:bb:67:7d:22:4b:f8:e8:03:5c:34:9c:0b:42:
f2:5a:30:1a:1f:9d:97:ca:65:fc:24:9f:06:6b:5e:
9b:c1:67:99:f9:31:75:34:a9:e1:aa:92:66:c2:54:
a8:1b:b3:a8:8f:9c:39:c3:a2:1a:26:9f:25:0e:50:
68:d9:c0:c2:36:f9:e7:03:71:41:36:c3:57:dc:43:
15:a3:38:f2:2a:b1:b4:d7:db:4a:89:34:38:cb:39:
ed:e2:a4:ec:e0:90:83:ce:a0:93:7e:04:da:5a:3b:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:59:AD:49:1F:19:E1:4B:CF:E8:65:5C:BC:3D:F6:82:0F:84:58:4D
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/uFmtSR8Z4UvP6GVcvD32gg-EWE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.28.0/23
92.114.16.0/22
188.213.65.0-188.213.69.255
IPv6:
2a00:5ca6::/31
Signature Algorithm: sha256WithRSAEncryption
70:92:98:e1:ab:4b:d3:d3:b0:b6:d5:d7:33:96:3b:04:0e:a0:
ad:87:60:aa:95:e5:03:48:70:8c:c3:68:f2:8a:33:16:54:a3:
35:b8:a7:3f:e8:10:03:3a:a8:8f:29:b0:d7:a3:62:16:64:45:
d5:89:f7:a8:4d:95:05:d3:86:62:08:6f:ac:96:13:91:b7:4f:
96:52:99:6d:95:7d:e7:8e:6e:13:20:67:27:ee:f9:35:80:a7:
fd:c2:c6:18:32:90:e3:c0:2e:f7:93:e6:15:27:55:61:85:54:
ad:5b:6b:b9:bc:6a:bd:ce:d4:1e:27:ed:7c:38:18:e0:b3:76:
ce:71:eb:e5:90:64:1b:91:df:5b:94:ab:bd:9f:cc:14:52:bc:
b2:97:3a:69:81:03:d7:34:c0:4f:ec:03:09:71:60:0f:ef:9d:
45:13:57:22:28:4f:1d:db:64:59:44:b5:50:57:0e:30:df:86:
15:ff:85:29:59:27:9f:10:1f:ac:a1:eb:2c:9a:74:52:8a:f3:
ac:fb:5b:c1:f7:4f:a3:94:4b:96:25:37:99:49:cf:23:19:10:
10:06:c2:49:89:cd:e0:b6:30:15:1e:57:9b:13:6b:48:e5:fa:
ec:88:46:d3:8b:4f:cd:1c:a8:3b:35:8d:f9:b3:37:5a:1d:33:
23:aa:6d:09
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYw/QvUJxMSoVxE8y3DuBrqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjMxMjA2MTMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU5YWQ0OTFmMTllMTRiY2ZlODY1NWNiYzNkZjY4MjBmODQ1ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwQmJj1wwet6u1j2tVrrXXzMc37K
miPa5gas3XnWf7G4ZbIZ18dawjrCC4CfgRaqEOUmMmaY6WDwgINAYvsLY07WYJRw
hfDHZznTLoIb2IPf/J9Cw3WnvWL62LeCpKn4bIOIUkUpKBnp7ghr1Tge26pY7lP8
tRETUS4SKHHiMTRg4Cm+1DRDOUVFDCYMvLcyvK0+pmMKrLtnfSJL+OgDXDScC0Ly
WjAaH52XymX8JJ8Ga16bwWeZ+TF1NKnhqpJmwlSoG7Ooj5w5w6IaJp8lDlBo2cDC
NvnnA3FBNsNX3EMVozjyKrG019tKiTQ4yznt4qTs4JCDzqCTfgTaWjs2jQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLhZrUkfGeFLz+hlXLw99oIPhFhNMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvdUZtdFNSOFo0VXZQNkdWY3ZEMzJnZy1FV0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBJZwcAwQC
XHIQMAwDBAC81UEDBAG81UQwDQQCAAIwBwMFASoAXKYwDQYJKoZIhvcNAQELBQAD
ggEBAHCSmOGrS9PTsLbV1zOWOwQOoK2HYKqV5QNIcIzDaPKKMxZUozW4pz/oEAM6
qI8psNejYhZkRdWJ96hNlQXThmIIb6yWE5G3T5ZSmW2VfeeObhMgZyfu+TWAp/3C
xhgykOPALveT5hUnVWGFVK1ba7m8ar3O1B4n7Xw4GOCzds5x6+WQZBuR31uUq72f
zBRSvLKXOmmBA9c0wE/sAwlxYA/vnUUTVyIoTx3bZFlEtVBXDjDfhhX/hSlZJ58Q
H6yh6yyadFKK86z7W8H3T6OUS5YlN5lJzyMZEBAGwkmJzeC2MBUeV5sTa0jl+uyI
RtOLT80cqDs1jfmzN1odMyOqbQk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:12 2024 by rpki-client on console.sobornost.net