Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/23b148-e0dd-4fa6-af44-613017886e8b/1/r_RqR5qHNzu0dszbGWgyhtMK2z4.roa
File: r_RqR5qHNzu0dszbGWgyhtMK2z4.roa (raw, json)
Hash identifier: sFfn/hAtcGnaW9t4ZXjIvimWqFGJPJhfTYsep4/TPds=
Subject key identifier: AF:F4:6A:47:9A:87:37:3B:B4:76:CC:DB:19:68:32:86:D3:0A:DB:3E
Certificate issuer: /CN=b911c7edbf1d3cc4fb075381a37f76256b87285d
Certificate serial: 01856F3931A0375F1CCE732190313D6D957E
Authority key identifier: B9:11:C7:ED:BF:1D:3C:C4:FB:07:53:81:A3:7F:76:25:6B:87:28:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRHH7b8dPMT7B1OBo392JWuHKF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/23b148-e0dd-4fa6-af44-613017886e8b/1/r_RqR5qHNzu0dszbGWgyhtMK2z4.roa
Signing time: Sun 01 Jan 2023 21:24:57 +0000
ROA not before: Sun 01 Jan 2023 21:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20751
IP address blocks: 83.216.208.0/20 maxlen: 20
83.216.208.0/21 maxlen: 21
185.136.212.0/22 maxlen: 22
83.216.216.0/22 maxlen: 22
83.216.220.0/22 maxlen: 22
80.64.128.0/21 maxlen: 21
80.64.131.0/24 maxlen: 24
80.64.136.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:31:a0:37:5f:1c:ce:73:21:90:31:3d:6d:95:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b911c7edbf1d3cc4fb075381a37f76256b87285d
Validity
Not Before: Jan 1 21:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aff46a479a87373bb476ccdb19683286d30adb3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4c:83:e1:71:c1:a7:c7:4d:e1:9d:f7:05:fa:
4d:0e:cc:89:7f:e7:c9:0f:51:34:e0:f6:e8:41:e1:
6e:01:54:38:41:ea:41:5e:84:54:6a:39:dc:52:ba:
c6:d4:b4:8f:70:a0:dd:76:13:70:4f:f1:c3:25:75:
1c:f0:0b:a4:97:d4:93:8b:a0:c7:d9:54:b9:18:ca:
f8:b4:f4:ab:b9:67:56:e8:a4:81:fc:eb:5e:6c:35:
34:00:20:ee:a8:7f:3a:a9:6f:d0:0c:d2:b6:9f:d2:
25:1e:bf:c8:04:51:ba:84:67:68:17:4a:e3:eb:b8:
ea:3a:b7:28:ef:a6:7e:cd:6e:9e:ab:46:f6:6f:c3:
fe:cc:77:52:68:6a:9f:22:6b:ce:a6:87:0c:6d:49:
ea:f4:68:ca:5d:e2:9a:ac:e2:06:dd:de:ad:f4:de:
a9:77:b2:66:97:e5:af:04:46:a1:ca:70:78:9e:83:
c0:a1:76:40:94:e5:37:fe:25:d7:f9:84:9f:81:f3:
cf:9b:61:ca:95:aa:23:25:21:80:2f:5f:3f:b7:6b:
03:1f:c7:64:2e:66:8d:0a:12:73:d2:8a:17:e1:3c:
b6:41:fb:a6:b5:a0:fe:7b:30:0e:43:95:61:90:be:
b9:a4:ef:06:d1:2c:1c:52:63:0d:ce:f4:f6:36:b1:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F4:6A:47:9A:87:37:3B:B4:76:CC:DB:19:68:32:86:D3:0A:DB:3E
X509v3 Authority Key Identifier:
keyid:B9:11:C7:ED:BF:1D:3C:C4:FB:07:53:81:A3:7F:76:25:6B:87:28:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRHH7b8dPMT7B1OBo392JWuHKF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23b148-e0dd-4fa6-af44-613017886e8b/1/r_RqR5qHNzu0dszbGWgyhtMK2z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/23b148-e0dd-4fa6-af44-613017886e8b/1/uRHH7b8dPMT7B1OBo392JWuHKF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.128.0-80.64.139.255
83.216.208.0/20
185.136.212.0/22
Signature Algorithm: sha256WithRSAEncryption
89:7e:ff:fb:a7:4e:ca:00:36:25:7c:52:80:1b:d0:47:4d:8b:
d2:13:06:71:c5:c8:19:99:34:1a:66:01:84:3a:f0:9a:58:cc:
2b:b9:8d:75:3d:2a:89:73:f5:9b:5a:d4:be:70:83:2f:33:4b:
ac:5d:e1:05:84:06:f2:be:c0:f2:2a:e2:23:9b:2b:82:ef:04:
73:b4:da:a9:61:79:d2:36:16:44:d0:12:0b:9c:3d:62:31:38:
37:15:a1:e5:5b:52:fc:87:15:ee:30:9b:cd:c6:36:e9:c5:0d:
e6:32:5d:53:6b:72:c7:85:c6:ac:9b:1c:08:49:12:ad:1f:44:
47:82:0c:e2:91:2c:55:c1:ee:37:52:45:46:78:92:34:6d:18:
70:25:19:f4:bb:9e:88:fc:91:03:12:14:9e:d3:b4:e0:e9:d6:
82:38:a4:bf:fa:19:b6:d0:67:a2:59:ce:03:43:6f:06:66:09:
31:99:e7:bb:41:ce:bb:b7:17:62:17:dd:41:1c:f6:f7:d8:e5:
29:69:06:45:ac:04:bc:3a:40:ca:33:52:17:24:45:81:3a:30:
4d:2e:a9:61:cc:1b:ad:10:bc:5e:39:b6:c4:fc:f2:b6:d3:aa:
83:81:10:7b:c3:a1:7d:2c:f0:c9:14:18:92:ff:12:ca:cc:a1:
00:22:0a:04
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvOTGgN18cznMhkDE9bZV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTFjN2VkYmYxZDNjYzRmYjA3NTM4MWEzN2Y3NjI1NmI4
NzI4NWQwHhcNMjMwMTAxMjEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY0NmE0NzlhODczNzNiYjQ3NmNjZGIxOTY4MzI4NmQzMGFkYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEyD4XHBp8dN4Z33BfpNDsyJf+fJ
D1E04PboQeFuAVQ4QepBXoRUajncUrrG1LSPcKDddhNwT/HDJXUc8Aukl9STi6DH
2VS5GMr4tPSruWdW6KSB/OtebDU0ACDuqH86qW/QDNK2n9IlHr/IBFG6hGdoF0rj
67jqOrco76Z+zW6eq0b2b8P+zHdSaGqfImvOpocMbUnq9GjKXeKarOIG3d6t9N6p
d7Jml+WvBEahynB4noPAoXZAlOU3/iXX+YSfgfPPm2HKlaojJSGAL18/t2sDH8dk
LmaNChJz0ooX4Ty2QfumtaD+ezAOQ5VhkL65pO8G0SwcUmMNzvT2NrGH1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK/0akeahzc7tHbM2xloMobTCts+MB8GA1UdIwQY
MBaAFLkRx+2/HTzE+wdTgaN/diVrhyhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJISDdiOGRQTVQ3QjFPQm8zOTJKV3VIS0YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yM2IxNDgtZTBkZC00ZmE2LWFmNDQt
NjEzMDE3ODg2ZThiLzEvcl9ScVI1cUhOenUwZHN6YkdXZ3lodE1LMno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yM2IxNDgtZTBkZC00ZmE2LWFmNDQtNjEzMDE3ODg2ZThi
LzEvdVJISDdiOGRQTVQ3QjFPQm8zOTJKV3VIS0YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAdQQIAD
BAJQQIgDBART2NADBAK5iNQwDQYJKoZIhvcNAQELBQADggEBAIl+//unTsoANiV8
UoAb0EdNi9ITBnHFyBmZNBpmAYQ68JpYzCu5jXU9Kolz9Zta1L5wgy8zS6xd4QWE
BvK+wPIq4iObK4LvBHO02qlhedI2FkTQEgucPWIxODcVoeVbUvyHFe4wm83GNunF
DeYyXVNrcseFxqybHAhJEq0fREeCDOKRLFXB7jdSRUZ4kjRtGHAlGfS7noj8kQMS
FJ7TtODp1oI4pL/6GbbQZ6JZzgNDbwZmCTGZ57tBzru3F2IX3UEc9vfY5SlpBkWs
BLw6QMozUhckRYE6ME0uqWHMG60QvF45tsT88rbTqoOBEHvDoX0s8MkUGJL/EsrM
oQAiCgQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:14 2024 by rpki-client on console.sobornost.net