Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/XN-ShbgcdGxtcuD_iJDXCJ3OG00.roa
File: XN-ShbgcdGxtcuD_iJDXCJ3OG00.roa (raw, json)
Hash identifier: yRHsIE4/10lkGnYfOrRTEs2hPNNrBiuGZH09wtGuAUM=
Subject key identifier: 5C:DF:92:85:B8:1C:74:6C:6D:72:E0:FF:88:90:D7:08:9D:CE:1B:4D
Certificate issuer: /CN=660c32996ae12461897222e2d9cc093930927ddd
Certificate serial: 01856CEF1CB8F452204C3F925107B9AADAF7
Authority key identifier: 66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/XN-ShbgcdGxtcuD_iJDXCJ3OG00.roa
Signing time: Sun 01 Jan 2023 10:44:47 +0000
ROA not before: Sun 01 Jan 2023 10:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198325
IP address blocks: 89.145.185.0/24 maxlen: 24
89.145.184.0/24 maxlen: 24
89.145.186.0/24 maxlen: 24
89.145.189.0/24 maxlen: 24
89.145.188.0/24 maxlen: 24
89.145.190.0/24 maxlen: 24
89.145.191.0/24 maxlen: 24
89.145.187.0/24 maxlen: 24
185.251.35.0/24 maxlen: 24
185.251.34.0/24 maxlen: 24
185.251.33.0/24 maxlen: 24
185.251.32.0/24 maxlen: 24
2a04:6680::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:1c:b8:f4:52:20:4c:3f:92:51:07:b9:aa:da:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=660c32996ae12461897222e2d9cc093930927ddd
Validity
Not Before: Jan 1 10:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cdf9285b81c746c6d72e0ff8890d7089dce1b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:5f:41:43:d3:4d:db:a3:ce:70:7d:d2:98:
9c:f6:23:f2:b3:92:b3:bf:79:43:21:ef:aa:73:4d:
6f:01:0c:bc:44:de:fb:d0:dc:b4:40:8f:7c:6c:6e:
45:b7:60:65:a9:91:ef:8a:de:a3:4d:b5:9f:c8:8c:
cc:70:b7:f4:e4:54:34:34:12:7e:18:0b:2f:3e:ed:
81:dc:e7:c6:51:13:66:78:1a:c4:89:6f:f8:f3:ba:
1c:ab:7a:9f:f7:17:5a:58:82:94:d5:0c:88:39:8b:
fe:d1:5a:64:a8:39:f2:95:a3:0e:e9:3e:17:a6:fc:
a4:4d:31:1b:7f:c4:0c:5f:7b:e2:5c:aa:52:5f:f9:
f8:c4:14:01:f5:2c:2f:f3:f8:2d:d5:f3:14:57:12:
44:5f:a1:07:2d:83:27:11:95:eb:39:39:02:6f:84:
de:bd:eb:70:85:b0:bf:8f:09:32:3c:bf:e5:ad:49:
60:fd:36:c9:ad:2d:ca:00:98:1f:40:78:e8:54:1a:
9d:27:34:17:6a:cf:85:f2:6b:4c:df:35:c9:5a:a7:
dc:29:4c:06:fc:b6:44:36:40:62:72:d4:6e:e9:ec:
ba:5a:8a:5c:6d:e8:ae:a6:84:93:3e:d1:e1:ec:4c:
5c:1c:d0:7d:60:36:ce:d1:4b:9d:fc:0e:82:ae:25:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DF:92:85:B8:1C:74:6C:6D:72:E0:FF:88:90:D7:08:9D:CE:1B:4D
X509v3 Authority Key Identifier:
keyid:66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/XN-ShbgcdGxtcuD_iJDXCJ3OG00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.184.0/21
185.251.32.0/22
IPv6:
2a04:6680::/48
Signature Algorithm: sha256WithRSAEncryption
8e:9b:15:aa:7d:00:ea:30:19:87:2f:c7:4b:89:2a:2d:e4:b7:
4d:5f:9b:1f:b6:a8:46:ed:cb:84:5f:53:a1:2a:1e:34:8e:03:
0f:f9:79:a9:e6:bc:1b:b4:d7:b8:ff:e8:3c:a3:45:30:bf:fb:
2b:61:16:59:68:19:f3:95:d5:42:2d:d4:c1:dc:d4:a0:cf:7d:
f3:86:03:a7:53:c7:bd:8f:69:94:b6:9f:8b:10:4a:62:7e:54:
fb:ec:e7:4c:4a:9e:90:9a:dc:0c:20:57:31:76:c0:37:de:07:
d0:d5:ae:98:03:fd:f8:60:3b:28:4c:95:c3:b1:2e:b6:e7:29:
b8:57:fa:b7:a9:8c:17:5d:a1:a1:fb:54:df:65:c4:b6:b0:a0:
cb:b2:92:c9:74:fe:8e:cc:aa:d7:e1:cd:a0:e3:61:78:a4:3c:
e8:f2:c7:5f:7a:b4:86:ba:b6:d2:f6:db:54:77:1e:62:1e:bb:
bc:0f:52:70:a5:d7:75:75:a5:19:0b:77:23:ff:85:37:69:d0:
14:11:14:61:f5:87:db:7c:46:19:38:35:0c:77:b2:ac:3a:90:
82:29:00:6b:d6:96:a0:45:b7:34:d2:f4:14:9b:68:e5:df:bf:
06:19:64:5d:86:5b:5d:7a:e2:0d:1f:71:21:9d:26:36:6a:6d:
f9:c1:eb:e7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVs7xy49FIgTD+SUQe5qtr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MGMzMjk5NmFlMTI0NjE4OTcyMjJlMmQ5Y2MwOTM5MzA5
MjdkZGQwHhcNMjMwMTAxMTA0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RmOTI4NWI4MWM3NDZjNmQ3MmUwZmY4ODkwZDcwODlkY2UxYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn11fQUPTTdujznB90pic9iPys5Kz
v3lDIe+qc01vAQy8RN770Ny0QI98bG5Ft2BlqZHvit6jTbWfyIzMcLf05FQ0NBJ+
GAsvPu2B3OfGURNmeBrEiW/487ocq3qf9xdaWIKU1QyIOYv+0VpkqDnylaMO6T4X
pvykTTEbf8QMX3viXKpSX/n4xBQB9Swv8/gt1fMUVxJEX6EHLYMnEZXrOTkCb4Te
vetwhbC/jwkyPL/lrUlg/TbJrS3KAJgfQHjoVBqdJzQXas+F8mtM3zXJWqfcKUwG
/LZENkBictRu6ey6WopcbeiupoSTPtHh7ExcHNB9YDbO0Uud/A6CriWfIwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFzfkoW4HHRsbXLg/4iQ1widzhtNMB8GA1UdIwQY
MBaAFGYMMplq4SRhiXIi4tnMCTkwkn3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQt
NTVjM2EyOGU2MmMzLzEvWE4tU2hiZ2NkR3h0Y3VEX2lKRFhDSjNPRzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQtNTVjM2EyOGU2MmMz
LzEvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDWZG4AwQC
ufsgMA8EAgACMAkDBwAqBGaAAAAwDQYJKoZIhvcNAQELBQADggEBAI6bFap9AOow
GYcvx0uJKi3kt01fmx+2qEbty4RfU6EqHjSOAw/5eanmvBu017j/6DyjRTC/+yth
FlloGfOV1UIt1MHc1KDPffOGA6dTx72PaZS2n4sQSmJ+VPvs50xKnpCa3AwgVzF2
wDfeB9DVrpgD/fhgOyhMlcOxLrbnKbhX+repjBddoaH7VN9lxLawoMuyksl0/o7M
qtfhzaDjYXikPOjyx196tIa6ttL221R3HmIeu7wPUnCl13V1pRkLdyP/hTdp0BQR
FGH1h9t8Rhk4NQx3sqw6kIIpAGvWlqBFtzTS9BSbaOXfvwYZZF2GW1164g0fcSGd
JjZqbfnB6+c=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:30 2024 by rpki-client on console.sobornost.net