Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/9UZQmX3n6DqT1OpkkzwubjR9Aqw.roa
File: 9UZQmX3n6DqT1OpkkzwubjR9Aqw.roa (raw, json)
Hash identifier: PJYowD3aW4w+VeZ4cxq5yn3o+fe+7PFUAMi1y0iCc5s=
Subject key identifier: F5:46:50:99:7D:E7:E8:3A:93:D4:EA:64:93:3C:2E:6E:34:7D:02:AC
Certificate issuer: /CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Certificate serial: 01856C4138463E54D9B6F0CE012A5E812EFB
Authority key identifier: 89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/9UZQmX3n6DqT1OpkkzwubjR9Aqw.roa
Signing time: Sun 01 Jan 2023 07:34:51 +0000
ROA not before: Sun 01 Jan 2023 07:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199289
IP address blocks: 185.21.233.0/24 maxlen: 24
185.21.232.0/24 maxlen: 24
185.21.234.0/24 maxlen: 24
185.21.235.0/24 maxlen: 24
2a00:5a20:5::/48 maxlen: 48
2a00:5a20::/32 maxlen: 32
2a00:5a20:3a10::/48 maxlen: 48
2a00:5a20:3::/48 maxlen: 48
2a00:5a20:9::/48 maxlen: 48
2a00:5a20:4::/48 maxlen: 48
2a00:5a20:7::/48 maxlen: 48
2a00:5a20:2::/48 maxlen: 48
2a00:5a20:8::/48 maxlen: 48
2a00:5a20:6::/48 maxlen: 48
2a00:5a20:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:38:46:3e:54:d9:b6:f0:ce:01:2a:5e:81:2e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Validity
Not Before: Jan 1 07:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f54650997de7e83a93d4ea64933c2e6e347d02ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b1:e9:8c:36:4b:18:fe:bc:14:40:37:e7:28:
91:65:f0:6d:a4:10:db:5f:bb:89:59:a4:71:4b:87:
27:e8:5f:83:16:04:95:34:f1:8d:bd:3a:5d:e8:e3:
f7:ed:9e:bf:26:f4:5c:ab:64:eb:43:8b:0f:75:c2:
b1:43:7f:21:4e:55:35:ab:dd:00:80:35:b5:45:c5:
e8:dc:1c:42:0d:1f:75:43:67:f1:fe:03:1b:b7:2b:
0a:dd:11:a7:0a:b5:da:9d:90:94:e1:19:a9:fa:81:
00:40:b4:67:31:26:d7:5b:69:c7:b4:b2:dd:8d:55:
58:50:4d:d6:ea:4b:a5:62:a3:09:3a:98:d3:a0:db:
89:2a:9b:1c:ae:e8:31:5c:93:fa:c2:11:f3:34:e2:
c3:fb:3f:d7:1c:46:a3:f7:e9:82:37:85:b3:64:c5:
27:87:ef:df:74:90:6d:8a:76:d0:c4:45:25:5d:c9:
83:6c:37:09:8d:20:da:99:5c:d0:71:2a:5f:52:c6:
0a:38:2c:57:66:c0:2c:1c:c5:cf:4d:71:20:13:98:
bf:b8:90:9d:d4:3b:20:41:7c:08:ea:3b:a6:ac:fe:
23:14:80:2a:cf:df:b8:14:56:04:1f:52:03:05:3d:
c6:bb:b5:69:2f:90:dd:93:01:9e:d4:32:c8:15:d3:
fd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:46:50:99:7D:E7:E8:3A:93:D4:EA:64:93:3C:2E:6E:34:7D:02:AC
X509v3 Authority Key Identifier:
keyid:89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/9UZQmX3n6DqT1OpkkzwubjR9Aqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/iXwaiMnImulCVOIkHHiOl8H_Pkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.232.0/22
IPv6:
2a00:5a20::/32
Signature Algorithm: sha256WithRSAEncryption
03:73:8a:8b:4b:c5:44:b2:27:e0:8e:e7:fe:e2:be:c9:7e:c6:
b6:9b:41:a8:66:16:70:c6:72:cf:d7:9e:2b:c8:a7:01:34:2d:
94:a6:35:fe:26:35:ec:0c:dd:01:06:8d:45:fa:70:85:d3:b2:
0d:83:1d:6f:ec:f0:eb:0f:49:9a:da:d4:c6:d8:4f:90:36:fb:
15:0d:bf:5b:58:c2:cd:14:e5:81:f2:2c:ba:11:81:af:7f:41:
34:1a:93:f6:ec:02:4b:02:cc:7b:e3:86:f9:67:e3:fe:54:23:
d6:a4:d9:6c:80:9e:0e:93:23:da:2e:6f:9b:cb:b4:ae:a0:00:
81:2f:ac:f5:d9:7b:c9:24:54:22:59:5f:c4:2e:ab:df:f2:48:
37:95:41:db:8e:fa:b5:be:c3:7c:7e:17:fe:4b:85:77:58:63:
77:e6:03:3c:3e:f8:07:61:fd:bd:6b:ce:45:f5:16:36:da:f1:
99:8d:e1:14:98:aa:dd:f3:d6:58:a1:88:ec:c3:ec:a3:a7:24:
26:78:37:fd:9e:fa:52:7b:c7:62:83:e6:a6:0b:56:72:60:76:
e9:70:c5:f5:78:32:ee:f0:d6:d2:26:93:1c:b3:d7:0c:b0:70:
ed:d2:4d:09:b7:db:95:95:4c:76:33:d4:d0:a4:ab:37:60:34:
e6:87:26:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQThGPlTZtvDOASpegS77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2MxYTg4YzljODlhZTk0MjU0ZTIyNDFjNzg4ZTk3YzFm
ZjNlNDgwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ2NTA5OTdkZTdlODNhOTNkNGVhNjQ5MzNjMmU2ZTM0N2QwMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrHpjDZLGP68FEA35yiRZfBtpBDb
X7uJWaRxS4cn6F+DFgSVNPGNvTpd6OP37Z6/JvRcq2TrQ4sPdcKxQ38hTlU1q90A
gDW1RcXo3BxCDR91Q2fx/gMbtysK3RGnCrXanZCU4Rmp+oEAQLRnMSbXW2nHtLLd
jVVYUE3W6kulYqMJOpjToNuJKpscrugxXJP6whHzNOLD+z/XHEaj9+mCN4WzZMUn
h+/fdJBtinbQxEUlXcmDbDcJjSDamVzQcSpfUsYKOCxXZsAsHMXPTXEgE5i/uJCd
1DsgQXwI6jumrP4jFIAqz9+4FFYEH1IDBT3Gu7VpL5DdkwGe1DLIFdP9gQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPVGUJl95+g6k9TqZJM8Lm40fQKsMB8GA1UdIwQY
MBaAFIl8GojJyJrpQlTiJBx4jpfB/z5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVh3YWlNbkltdWxDVk9Ja0hIaU9sOEhfUGtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lYjNlMDMtMzk2OC00ZGIyLWJmODAt
NDNmNmFlNTIwYjFhLzEvOVVaUW1YM242RHFUMU9wa2t6d3VialI5QXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lYjNlMDMtMzk2OC00ZGIyLWJmODAtNDNmNmFlNTIwYjFh
LzEvaVh3YWlNbkltdWxDVk9Ja0hIaU9sOEhfUGtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRXoMA0E
AgACMAcDBQAqAFogMA0GCSqGSIb3DQEBCwUAA4IBAQADc4qLS8VEsifgjuf+4r7J
fsa2m0GoZhZwxnLP154ryKcBNC2UpjX+JjXsDN0BBo1F+nCF07INgx1v7PDrD0ma
2tTG2E+QNvsVDb9bWMLNFOWB8iy6EYGvf0E0GpP27AJLAsx744b5Z+P+VCPWpNls
gJ4OkyPaLm+by7SuoACBL6z12XvJJFQiWV/ELqvf8kg3lUHbjvq1vsN8fhf+S4V3
WGN35gM8PvgHYf29a85F9RY22vGZjeEUmKrd89ZYoYjsw+yjpyQmeDf9nvpSe8di
g+amC1ZyYHbpcMX1eDLu8NbSJpMcs9cMsHDt0k0Jt9uVlUx2M9TQpKs3YDTmhya0
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:50 2024 by rpki-client on console.sobornost.net