Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/xwK4fSOPryRlQT4PnaUBu1gmUgY.roa
File: xwK4fSOPryRlQT4PnaUBu1gmUgY.roa (raw, json)
Hash identifier: o7RRXu8OF4J5JLugrMTd+eWscSkaABG0wOX61XqCJLU=
Subject key identifier: C7:02:B8:7D:23:8F:AF:24:65:41:3E:0F:9D:A5:01:BB:58:26:52:06
Certificate issuer: /CN=e69c92c3b9ee60ba013d941822042f25004c95ec
Certificate serial: 01856ED4E46831C5DAF8E9BA34BB6AFB26A4
Authority key identifier: E6:9C:92:C3:B9:EE:60:BA:01:3D:94:18:22:04:2F:25:00:4C:95:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5pySw7nuYLoBPZQYIgQvJQBMlew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/xwK4fSOPryRlQT4PnaUBu1gmUgY.roa
Signing time: Sun 01 Jan 2023 19:35:23 +0000
ROA not before: Sun 01 Jan 2023 19:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31449
IP address blocks: 185.57.128.0/22 maxlen: 22
185.57.128.0/23 maxlen: 23
185.57.130.0/23 maxlen: 23
217.112.176.0/20 maxlen: 20
217.112.176.0/21 maxlen: 21
217.112.184.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:e4:68:31:c5:da:f8:e9:ba:34:bb:6a:fb:26:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e69c92c3b9ee60ba013d941822042f25004c95ec
Validity
Not Before: Jan 1 19:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c702b87d238faf2465413e0f9da501bb58265206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a4:12:97:20:72:18:bc:01:76:ae:fc:78:e6:
36:dd:6e:74:83:9d:73:e7:5b:83:79:18:32:83:db:
04:46:28:94:4e:42:8d:f8:e4:59:08:ab:7d:80:4a:
3f:5f:0a:c0:1d:dd:75:6e:cb:99:1e:1c:ac:2d:f2:
fb:83:bb:36:73:64:2f:a3:a9:8c:84:0d:9f:60:0d:
2f:56:54:12:6d:9d:40:3e:c4:c4:16:50:10:cc:85:
64:93:2c:0c:ab:a5:a3:d5:01:42:4b:a8:fb:f9:1f:
c7:75:0d:bc:80:54:58:5e:29:5f:e8:38:f3:68:69:
1c:d9:63:35:30:50:f1:ae:3e:ca:f5:76:11:9f:cb:
86:f0:77:f8:ca:a7:07:d6:ad:de:78:74:01:01:b7:
88:30:f4:01:6a:56:f1:c7:e7:75:f6:be:2b:63:cb:
ab:c8:fd:89:97:b3:c3:c2:ce:7c:d2:1f:af:0a:32:
ce:65:db:c6:63:e4:b4:ca:ab:56:f4:ec:46:e9:72:
fd:b2:71:ab:92:79:e8:eb:56:c6:dd:d0:1d:dd:f0:
db:0a:87:4d:85:4e:70:cd:17:cf:8b:82:bc:f9:1b:
87:2d:2f:5d:6c:2d:d9:ea:41:01:cb:b6:44:1e:99:
da:1a:a7:40:89:13:f6:5b:8d:33:6d:3d:63:ca:dd:
9b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:B8:7D:23:8F:AF:24:65:41:3E:0F:9D:A5:01:BB:58:26:52:06
X509v3 Authority Key Identifier:
keyid:E6:9C:92:C3:B9:EE:60:BA:01:3D:94:18:22:04:2F:25:00:4C:95:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pySw7nuYLoBPZQYIgQvJQBMlew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/xwK4fSOPryRlQT4PnaUBu1gmUgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b84c3-d7fd-43d8-a8f1-9137103c93ef/1/5pySw7nuYLoBPZQYIgQvJQBMlew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.128.0/22
217.112.176.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:70:75:14:0d:71:5f:c0:83:f3:26:fd:d4:34:2f:95:52:5f:
60:2b:8c:f1:b2:c6:e0:75:39:77:7a:c6:8b:33:e1:f2:62:ef:
29:1d:7e:df:ee:de:98:cd:37:0f:18:02:95:5b:c8:58:8f:64:
5c:92:0c:fd:fd:69:55:36:e7:eb:27:cd:71:a8:ef:d6:07:0e:
72:a8:fe:88:f7:d3:33:33:bc:7c:52:ec:6d:d2:e8:f4:42:40:
25:ec:36:d3:be:f3:da:c8:52:f6:36:01:20:bc:76:95:29:9c:
1b:cd:73:f3:ff:6a:c5:bd:02:95:62:ce:b6:10:a6:d5:72:9c:
db:84:64:a1:6f:4e:54:db:bf:b8:31:f3:02:24:a6:b2:d1:38:
37:6a:c6:ed:1f:3e:61:93:d1:e9:13:c2:fc:b9:cf:f9:b1:14:
69:a5:63:5b:55:54:13:2f:21:8e:98:f3:d5:a0:14:5a:96:07:
77:f1:fe:e6:3d:22:76:e8:1b:22:11:f6:d5:37:30:a7:73:c9:
a0:af:60:35:47:c2:e1:3c:77:9f:f1:0e:d1:17:47:a2:f4:c4:
0e:a0:49:d6:f0:94:61:dc:1b:71:59:03:99:2d:6b:bc:65:15:
0f:80:8e:d1:61:11:00:d1:6f:a5:a8:62:12:90:0b:db:90:cd:
f8:e5:44:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1ORoMcXa+Om6NLtq+yakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OWM5MmMzYjllZTYwYmEwMTNkOTQxODIyMDQyZjI1MDA0
Yzk1ZWMwHhcNMjMwMTAxMTkzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzAyYjg3ZDIzOGZhZjI0NjU0MTNlMGY5ZGE1MDFiYjU4MjY1MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KQSlyByGLwBdq78eOY23W50g51z
51uDeRgyg9sERiiUTkKN+ORZCKt9gEo/XwrAHd11bsuZHhysLfL7g7s2c2Qvo6mM
hA2fYA0vVlQSbZ1APsTEFlAQzIVkkywMq6Wj1QFCS6j7+R/HdQ28gFRYXilf6Djz
aGkc2WM1MFDxrj7K9XYRn8uG8Hf4yqcH1q3eeHQBAbeIMPQBalbxx+d19r4rY8ur
yP2Jl7PDws580h+vCjLOZdvGY+S0yqtW9OxG6XL9snGrknno61bG3dAd3fDbCodN
hU5wzRfPi4K8+RuHLS9dbC3Z6kEBy7ZEHpnaGqdAiRP2W40zbT1jyt2bfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMcCuH0jj68kZUE+D52lAbtYJlIGMB8GA1UdIwQY
MBaAFOacksO57mC6AT2UGCIELyUATJXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXB5U3c3bnVZTG9CUFpRWUlnUXZKUUJNbGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjg0YzMtZDdmZC00M2Q4LWE4ZjEt
OTEzNzEwM2M5M2VmLzEveHdLNGZTT1ByeVJsUVQ0UG5hVUJ1MWdtVWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjg0YzMtZDdmZC00M2Q4LWE4ZjEtOTEzNzEwM2M5M2Vm
LzEvNXB5U3c3bnVZTG9CUFpRWUlnUXZKUUJNbGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTmAAwQE
2XCwMA0GCSqGSIb3DQEBCwUAA4IBAQCtcHUUDXFfwIPzJv3UNC+VUl9gK4zxssbg
dTl3esaLM+HyYu8pHX7f7t6YzTcPGAKVW8hYj2Rckgz9/WlVNufrJ81xqO/WBw5y
qP6I99MzM7x8Uuxt0uj0QkAl7DbTvvPayFL2NgEgvHaVKZwbzXPz/2rFvQKVYs62
EKbVcpzbhGShb05U27+4MfMCJKay0Tg3asbtHz5hk9HpE8L8uc/5sRRppWNbVVQT
LyGOmPPVoBRalgd38f7mPSJ26BsiEfbVNzCnc8mgr2A1R8LhPHef8Q7RF0ei9MQO
oEnW8JRh3BtxWQOZLWu8ZRUPgI7RYREA0W+lqGISkAvbkM345UQE
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:53 2024 by rpki-client on console.sobornost.net