Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/rC7ZW7cxYHgUvhZqbAxzWnwz9U0.roa
File: rC7ZW7cxYHgUvhZqbAxzWnwz9U0.roa (raw, json)
Hash identifier: Yo7F0AFR5L5FURkRlZVzG4yD6dYl4D3LasObkP24xds=
Subject key identifier: AC:2E:D9:5B:B7:31:60:78:14:BE:16:6A:6C:0C:73:5A:7C:33:F5:4D
Certificate issuer: /CN=805c0c9f23763c037bd6884745cf8464d2db663e
Certificate serial: 018570F08106779EA60AC91660CEF058F4C8
Authority key identifier: 80:5C:0C:9F:23:76:3C:03:7B:D6:88:47:45:CF:84:64:D2:DB:66:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFwMnyN2PAN71ohHRc-EZNLbZj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/rC7ZW7cxYHgUvhZqbAxzWnwz9U0.roa
Signing time: Mon 02 Jan 2023 05:24:47 +0000
ROA not before: Mon 02 Jan 2023 05:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41480
IP address blocks: 185.25.164.0/22 maxlen: 22
185.67.24.0/22 maxlen: 22
2a00:8120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:81:06:77:9e:a6:0a:c9:16:60:ce:f0:58:f4:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=805c0c9f23763c037bd6884745cf8464d2db663e
Validity
Not Before: Jan 2 05:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac2ed95bb731607814be166a6c0c735a7c33f54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a2:11:68:4d:f8:5b:54:95:eb:b6:0b:6a:e4:
9d:1e:dc:10:df:d4:50:4c:cc:af:d8:2a:e7:0a:26:
4b:b1:d6:2a:83:ab:07:7a:1a:4e:2e:ba:33:01:e9:
a3:2e:25:24:b8:26:be:e0:b7:8a:34:f0:25:f3:66:
84:da:db:74:19:fd:08:5b:55:0d:0e:3a:e1:4e:ad:
3c:d4:3b:78:79:c1:71:9a:4a:0b:07:bb:25:1a:ef:
48:95:b6:58:f5:92:51:e1:20:ae:26:9d:00:33:ed:
b5:fe:a8:47:02:c8:34:cc:29:94:9c:84:2b:5c:4a:
fe:b8:c6:14:62:f7:35:0a:10:f7:fc:6e:00:cd:88:
04:d6:bb:8f:ed:fb:9b:9b:d2:ff:63:6e:df:22:fe:
39:55:95:c2:bb:c2:30:28:42:2d:bc:be:91:c7:e1:
42:a1:63:ce:93:b7:77:c4:8b:8e:61:25:71:b6:cb:
37:e1:46:31:fb:73:5e:10:ab:dd:50:e0:c8:c2:37:
f2:2e:6f:ef:78:e9:e9:c5:79:3b:e0:ca:9e:d6:d6:
dd:c3:97:17:a0:24:11:0e:82:29:47:9d:ac:48:47:
3b:8c:4c:03:31:99:37:38:24:1a:45:df:78:ef:b7:
a7:b7:2f:96:d8:14:98:21:7f:b6:07:96:fd:55:5f:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:2E:D9:5B:B7:31:60:78:14:BE:16:6A:6C:0C:73:5A:7C:33:F5:4D
X509v3 Authority Key Identifier:
keyid:80:5C:0C:9F:23:76:3C:03:7B:D6:88:47:45:CF:84:64:D2:DB:66:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFwMnyN2PAN71ohHRc-EZNLbZj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/rC7ZW7cxYHgUvhZqbAxzWnwz9U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/gFwMnyN2PAN71ohHRc-EZNLbZj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.164.0/22
185.67.24.0/22
IPv6:
2a00:8120::/32
Signature Algorithm: sha256WithRSAEncryption
06:b9:00:6c:5e:94:03:6d:9b:f7:d1:de:73:13:c9:a2:a9:cf:
87:af:0b:91:f5:95:16:6f:ef:b8:be:e6:59:ae:70:d2:2d:a2:
34:68:c8:56:a4:57:75:aa:4c:f0:da:d0:1f:e6:59:46:a4:2b:
92:ad:dc:4a:24:90:74:89:7e:2f:a0:b6:fb:2d:fb:d9:4d:02:
cd:24:c5:56:3e:64:20:9e:49:04:c2:cc:b3:ae:81:38:ee:79:
93:22:7f:6a:56:57:2d:f3:55:6c:75:8e:6d:8e:23:a8:ff:a6:
d3:d5:db:39:b6:4f:4d:e6:62:c8:6f:60:98:57:ab:2a:f7:02:
f1:b9:61:07:29:0d:b5:ca:f8:87:e9:88:3f:a3:ee:bd:3d:98:
e8:d2:c9:07:12:0d:e3:d3:26:46:d1:3d:b7:65:e7:64:27:95:
b8:27:9f:c8:b4:70:1b:f5:27:91:5f:0f:9a:82:c5:d7:ca:8f:
81:b5:e2:6a:bb:97:dc:5f:3b:ba:27:75:60:26:28:e9:0d:8b:
4d:50:3b:8d:81:63:69:ed:6c:ff:75:53:33:57:2d:0b:1e:26:
0b:aa:f9:88:ac:ef:63:09:de:1e:d3:09:e3:ff:cb:05:d1:d0:
14:37:98:92:63:76:c6:51:b6:e6:47:d7:fe:a5:54:f6:7d:89:
90:8e:64:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8IEGd56mCskWYM7wWPTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNWMwYzlmMjM3NjNjMDM3YmQ2ODg0NzQ1Y2Y4NDY0ZDJk
YjY2M2UwHhcNMjMwMTAyMDUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzJlZDk1YmI3MzE2MDc4MTRiZTE2NmE2YzBjNzM1YTdjMzNmNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKIRaE34W1SV67YLauSdHtwQ39RQ
TMyv2CrnCiZLsdYqg6sHehpOLrozAemjLiUkuCa+4LeKNPAl82aE2tt0Gf0IW1UN
DjrhTq081Dt4ecFxmkoLB7slGu9IlbZY9ZJR4SCuJp0AM+21/qhHAsg0zCmUnIQr
XEr+uMYUYvc1ChD3/G4AzYgE1ruP7fubm9L/Y27fIv45VZXCu8IwKEItvL6Rx+FC
oWPOk7d3xIuOYSVxtss34UYx+3NeEKvdUODIwjfyLm/veOnpxXk74Mqe1tbdw5cX
oCQRDoIpR52sSEc7jEwDMZk3OCQaRd9477enty+W2BSYIX+2B5b9VV+2WQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKwu2Vu3MWB4FL4WamwMc1p8M/VNMB8GA1UdIwQY
MBaAFIBcDJ8jdjwDe9aIR0XPhGTS22Y+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0Z3TW55TjJQQU43MW9oSFJjLUVaTkxiWmo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83MjQ3ZDUtZTI4My00YjI5LWFjZmQt
ODJlMWUyMDA1MDRlLzEvckM3Wlc3Y3hZSGdVdmhacWJBeHpXbnd6OVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83MjQ3ZDUtZTI4My00YjI5LWFjZmQtODJlMWUyMDA1MDRl
LzEvZ0Z3TW55TjJQQU43MW9oSFJjLUVaTkxiWmo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRmkAwQC
uUMYMA0EAgACMAcDBQAqAIEgMA0GCSqGSIb3DQEBCwUAA4IBAQAGuQBsXpQDbZv3
0d5zE8miqc+HrwuR9ZUWb++4vuZZrnDSLaI0aMhWpFd1qkzw2tAf5llGpCuSrdxK
JJB0iX4voLb7LfvZTQLNJMVWPmQgnkkEwsyzroE47nmTIn9qVlct81VsdY5tjiOo
/6bT1ds5tk9N5mLIb2CYV6sq9wLxuWEHKQ21yviH6Yg/o+69PZjo0skHEg3j0yZG
0T23ZedkJ5W4J5/ItHAb9SeRXw+agsXXyo+BteJqu5fcXzu6J3VgJijpDYtNUDuN
gWNp7Wz/dVMzVy0LHiYLqvmIrO9jCd4e0wnj/8sF0dAUN5iSY3bGUbbmR9f+pVT2
fYmQjmQE
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:30 2024 by rpki-client on console.sobornost.net