Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/bijDKZG5tiCTn1hGEpwvrvhJxIo.roa
File: bijDKZG5tiCTn1hGEpwvrvhJxIo.roa (raw, json)
Hash identifier: LEpNnnN1VSaA+i4yFlpt4C10mor8/VvtoY2XhOkUXCs=
Subject key identifier: 6E:28:C3:29:91:B9:B6:20:93:9F:58:46:12:9C:2F:AE:F8:49:C4:8A
Certificate issuer: /CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Certificate serial: 01856D81AC20D2A92F1F293BBE5CFB028597
Authority key identifier: 66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/bijDKZG5tiCTn1hGEpwvrvhJxIo.roa
Signing time: Sun 01 Jan 2023 13:24:52 +0000
ROA not before: Sun 01 Jan 2023 13:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50266
IP address blocks: 5.132.0.0/17 maxlen: 24
195.191.16.0/23 maxlen: 24
85.146.0.0/17 maxlen: 24
185.180.148.0/22 maxlen: 24
85.146.128.0/18 maxlen: 24
85.144.0.0/15 maxlen: 24
185.35.112.0/22 maxlen: 24
37.143.80.0/21 maxlen: 24
31.201.0.0/16 maxlen: 24
2a02:4240::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ac:20:d2:a9:2f:1f:29:3b:be:5c:fb:02:85:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Validity
Not Before: Jan 1 13:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e28c32991b9b620939f5846129c2faef849c48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:89:c1:a7:4e:a8:f0:80:1c:27:43:86:6d:
98:0f:45:e6:97:64:95:4f:35:97:d4:d5:29:f5:9a:
81:55:bd:69:31:9d:7d:04:00:8e:27:52:6e:59:f3:
c4:98:c6:3e:c6:d5:b5:36:80:1a:95:b3:2d:5a:47:
58:9e:8c:9d:7f:d9:ba:d2:e6:c0:f7:3e:ae:b5:1b:
02:e1:e4:7c:59:0f:3d:63:e6:c4:1b:aa:e5:05:a6:
ea:e2:24:e3:a6:a6:b3:51:9d:7e:97:60:4a:4c:c3:
0b:c2:19:a4:02:1d:10:2b:74:7c:9f:b2:80:88:7a:
b0:61:bf:6d:08:49:40:e2:11:51:72:29:c0:8d:e0:
95:1c:35:52:f0:fc:9f:70:25:44:2a:89:d8:cd:6a:
70:ef:b9:d3:ca:35:0a:b0:25:14:8c:a0:8a:d0:cf:
0d:e7:a5:51:a1:2b:e4:d4:60:97:c1:e7:58:2f:00:
ef:10:20:65:35:a3:f1:3f:f3:81:92:c9:11:4c:fa:
45:19:39:b9:70:04:2e:5f:10:66:1a:77:31:f0:6d:
3c:14:75:f4:cf:29:16:4d:69:57:75:db:4c:09:c3:
64:76:0b:67:37:63:89:70:f3:0f:ad:3c:f6:b3:cb:
cc:ea:36:8f:6d:d5:56:a1:55:9b:f9:d0:70:f4:f3:
d9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:28:C3:29:91:B9:B6:20:93:9F:58:46:12:9C:2F:AE:F8:49:C4:8A
X509v3 Authority Key Identifier:
keyid:66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/bijDKZG5tiCTn1hGEpwvrvhJxIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/Zv8ealzDwGl2KfSvuwsHrnkTPFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.0.0/17
31.201.0.0/16
37.143.80.0/21
85.144.0.0-85.146.191.255
185.35.112.0/22
185.180.148.0/22
195.191.16.0/23
IPv6:
2a02:4240::/32
Signature Algorithm: sha256WithRSAEncryption
0d:b1:a4:05:ae:50:bf:8d:7f:1f:62:81:8c:7d:35:dd:96:69:
de:2c:de:5f:3a:1d:8a:97:f0:a4:d3:12:c7:9c:e8:87:74:ad:
8b:db:66:9c:24:21:7c:fb:0b:a5:92:cc:0a:57:01:9e:d8:f1:
13:cf:83:3a:ac:06:20:f0:12:bc:d5:fc:8a:f6:5d:25:f8:15:
64:53:af:da:3c:ef:95:40:5d:8d:46:93:d2:e4:62:3b:76:5c:
ba:f7:67:69:c6:9b:6b:f6:9f:23:41:94:05:ef:e8:72:9c:27:
bf:d9:a1:3b:1f:b7:3a:a8:40:1f:65:98:a5:41:95:a1:f6:7d:
4f:1d:b1:cf:f1:dc:c1:86:0f:ef:06:de:cd:12:5a:54:20:3d:
42:a7:fc:52:b3:a1:40:1c:5c:62:5d:ec:2c:0f:6f:c8:54:f5:
d0:9c:42:2a:2f:28:ea:b4:3b:94:0e:3d:4c:e6:38:f9:e0:3c:
cc:40:e5:e0:d4:e7:06:f0:f4:a1:c5:2f:65:0b:87:84:1d:6c:
b9:6c:bf:97:68:47:63:cd:62:43:f0:a5:2a:fd:34:c8:e3:a1:
b8:17:21:cf:3c:ee:f4:c9:00:02:13:74:8a:0e:5a:75:b6:28:
6b:3c:20:cd:ad:df:8f:bb:b2:6b:fa:d4:79:ba:dc:3d:89:56:
8f:96:93:af
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVtgawg0qkvHyk7vlz7AoWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmYxZTZhNWNjM2MwNjk3NjI5ZjRhZmJiMGIwN2FlNzkx
MzNjNWMwHhcNMjMwMTAxMTMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI4YzMyOTkxYjliNjIwOTM5ZjU4NDYxMjljMmZhZWY4NDljNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NeJwadOqPCAHCdDhm2YD0Xml2SV
TzWX1NUp9ZqBVb1pMZ19BACOJ1JuWfPEmMY+xtW1NoAalbMtWkdYnoydf9m60ubA
9z6utRsC4eR8WQ89Y+bEG6rlBabq4iTjpqazUZ1+l2BKTMMLwhmkAh0QK3R8n7KA
iHqwYb9tCElA4hFRcinAjeCVHDVS8PyfcCVEKonYzWpw77nTyjUKsCUUjKCK0M8N
56VRoSvk1GCXwedYLwDvECBlNaPxP/OBkskRTPpFGTm5cAQuXxBmGncx8G08FHX0
zykWTWlXddtMCcNkdgtnN2OJcPMPrTz2s8vM6jaPbdVWoVWb+dBw9PPZvQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFG4owymRubYgk59YRhKcL674ScSKMB8GA1UdIwQY
MBaAFGb/Hmpcw8Bpdin0r7sLB655EzxcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY4ZWFsekR3R2wyS2ZTdnV3c0hybmtUUEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wN2Q1ZWItNjIxMS00ZDdhLWE5NmQt
ZWU0Mjc0NWQ4ZmQxLzEvYmlqREtaRzV0aUNUbjFoR0Vwd3ZydmhKeElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8wN2Q1ZWItNjIxMS00ZDdhLWE5NmQtZWU0Mjc0NWQ4ZmQx
LzEvWnY4ZWFsekR3R2wyS2ZTdnV3c0hybmtUUEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQHBYQAAwMA
H8kDBAMlj1AwCwMDBFWQAwQGVZKAAwQCuSNwAwQCubSUAwQBw78QMA0EAgACMAcD
BQAqAkJAMA0GCSqGSIb3DQEBCwUAA4IBAQANsaQFrlC/jX8fYoGMfTXdlmneLN5f
Oh2Kl/Ck0xLHnOiHdK2L22acJCF8+wulkswKVwGe2PETz4M6rAYg8BK81fyK9l0l
+BVkU6/aPO+VQF2NRpPS5GI7dly692dpxptr9p8jQZQF7+hynCe/2aE7H7c6qEAf
ZZilQZWh9n1PHbHP8dzBhg/vBt7NElpUID1Cp/xSs6FAHFxiXewsD2/IVPXQnEIq
LyjqtDuUDj1M5jj54DzMQOXg1OcG8PShxS9lC4eEHWy5bL+XaEdjzWJD8KUq/TTI
46G4FyHPPO70yQACE3SKDlp1tihrPCDNrd+Pu7Jr+tR5utw9iVaPlpOv
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:56 2024 by rpki-client on console.sobornost.net