Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/4C0g9YO21iYJ9wvC6V1_hBO2Cfo.roa
File: 4C0g9YO21iYJ9wvC6V1_hBO2Cfo.roa (raw, json)
Hash identifier: anJ6Jh+UMsjRh3gskdmcA48DuWzltHCl7Wa5jzA7aaQ=
Subject key identifier: E0:2D:20:F5:83:B6:D6:26:09:F7:0B:C2:E9:5D:7F:84:13:B6:09:FA
Certificate issuer: /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial: 01856ED4D70AFEC30FBE900BCB4F66709592
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/4C0g9YO21iYJ9wvC6V1_hBO2Cfo.roa
Signing time: Sun 01 Jan 2023 19:35:20 +0000
ROA not before: Sun 01 Jan 2023 19:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39729
IP address blocks: 195.110.100.0/23 maxlen: 24
195.110.102.0/23 maxlen: 24
195.110.104.0/23 maxlen: 24
195.110.112.0/24 maxlen: 24
195.110.107.0/24 maxlen: 24
195.110.118.0/23 maxlen: 24
195.110.120.0/23 maxlen: 24
195.110.122.0/23 maxlen: 24
195.110.124.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d7:0a:fe:c3:0f:be:90:0b:cb:4f:66:70:95:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Validity
Not Before: Jan 1 19:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02d20f583b6d62609f70bc2e95d7f8413b609fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:21:0f:b6:10:b8:1c:ea:15:b1:43:e4:02:f2:
58:a4:e7:44:78:aa:3b:37:77:3b:b3:8f:05:c7:d0:
3c:15:4f:ef:39:fb:b5:da:c4:a1:2c:84:69:75:10:
49:31:12:48:fd:eb:c7:c7:7c:5a:60:3d:17:22:4b:
ab:30:63:2c:75:cf:07:8d:6d:92:1c:0d:2e:6b:16:
65:ce:13:cf:ef:e8:62:01:e7:e2:fe:1c:f9:7b:22:
a2:53:45:72:ce:f6:d3:50:43:51:d6:45:d1:58:1b:
38:18:4c:42:a3:ec:9b:c7:3a:61:0c:be:b1:df:9b:
5f:5d:56:4d:cd:d8:58:de:5f:dc:c1:9d:40:21:34:
9b:17:c6:5a:71:e0:eb:40:31:cf:e0:1f:14:d0:eb:
ed:dd:07:27:05:af:7b:1a:98:ec:99:4c:ee:58:5e:
03:78:68:d7:9d:6f:bb:d8:43:c8:a8:16:80:33:cc:
3b:af:d3:83:51:5e:c5:48:41:9a:cb:dd:98:b6:08:
43:b3:8f:e1:bb:de:46:d1:4d:cf:01:35:70:b2:fd:
85:0d:9a:b0:7a:f9:34:3f:ce:0a:c9:e9:af:d3:e6:
47:32:7a:26:8f:cd:a5:50:ea:a4:b1:6f:b0:21:77:
15:4d:3f:13:78:70:7b:66:fe:51:9c:66:99:d9:dd:
86:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2D:20:F5:83:B6:D6:26:09:F7:0B:C2:E9:5D:7F:84:13:B6:09:FA
X509v3 Authority Key Identifier:
keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/4C0g9YO21iYJ9wvC6V1_hBO2Cfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.100.0-195.110.105.255
195.110.107.0/24
195.110.112.0/24
195.110.118.0-195.110.127.255
Signature Algorithm: sha256WithRSAEncryption
c1:cc:4b:2f:1d:b2:86:63:58:f9:cc:82:f7:d9:18:12:33:f9:
3a:ec:d5:bd:e0:0d:85:f9:81:3f:08:01:5a:c1:ef:92:f4:96:
bf:cb:4e:67:84:32:67:7a:b7:c7:d2:4f:6e:53:02:4e:05:7c:
58:8e:b0:ff:02:c2:fc:b0:16:72:30:da:1f:7c:44:5d:35:1a:
61:2d:27:33:5d:cb:ce:ea:13:53:28:ad:aa:fd:4f:bc:2a:a4:
8f:f3:99:7e:67:e4:14:af:cb:53:00:9f:c4:50:51:44:d5:ca:
2b:d2:71:43:23:ff:8c:ac:e9:7a:e3:a9:14:40:ba:45:dc:26:
fb:c1:a5:15:57:bd:3a:7b:8a:63:61:30:14:18:41:95:59:46:
ec:2b:44:3c:c6:2f:bd:07:cf:26:2c:93:73:d1:ab:32:a5:7a:
a9:41:6e:73:01:60:a8:e2:0a:34:fb:af:7f:eb:11:65:c4:cc:
3d:14:7b:d7:93:6b:ac:ee:fb:f8:76:4e:e6:e2:ca:bd:09:37:
35:02:53:c6:6f:55:65:b3:43:27:8e:0e:a8:68:e1:ac:9d:0d:
55:4b:63:c5:0b:e2:9d:35:ac:a0:66:a3:a4:78:0c:e5:9c:9f:
d2:8d:2e:77:33:fe:6a:a2:77:5a:02:38:c8:3f:a6:5b:a7:50:
64:1e:09:89
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVu1NcK/sMPvpALy09mcJWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGI3NDdiMjg5NzE3YTA2ODRjZDZhYzgyMzA3YWE2N2Ji
MmQ3YmIwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJkMjBmNTgzYjZkNjI2MDlmNzBiYzJlOTVkN2Y4NDEzYjYwOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiEPthC4HOoVsUPkAvJYpOdEeKo7
N3c7s48Fx9A8FU/vOfu12sShLIRpdRBJMRJI/evHx3xaYD0XIkurMGMsdc8HjW2S
HA0uaxZlzhPP7+hiAefi/hz5eyKiU0VyzvbTUENR1kXRWBs4GExCo+ybxzphDL6x
35tfXVZNzdhY3l/cwZ1AITSbF8ZaceDrQDHP4B8U0Ovt3QcnBa97GpjsmUzuWF4D
eGjXnW+72EPIqBaAM8w7r9ODUV7FSEGay92YtghDs4/hu95G0U3PATVwsv2FDZqw
evk0P84Kyemv0+ZHMnomj82lUOqksW+wIXcVTT8TeHB7Zv5RnGaZ2d2GYQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOAtIPWDttYmCfcLwuldf4QTtgn6MB8GA1UdIwQY
MBaAFITbdHsolxegaEzWrIIweqZ7ste7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQt
OWZlN2VlOWMwMzY4LzEvNEMwZzlZTzIxaVlKOXd2QzZWMV9oQk8yQ2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQtOWZlN2VlOWMwMzY4
LzEvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBALDbmQD
BAHDbmgDBADDbmsDBADDbnAwDAMEAcNudgMEB8NuADANBgkqhkiG9w0BAQsFAAOC
AQEAwcxLLx2yhmNY+cyC99kYEjP5OuzVveANhfmBPwgBWsHvkvSWv8tOZ4QyZ3q3
x9JPblMCTgV8WI6w/wLC/LAWcjDaH3xEXTUaYS0nM13LzuoTUyitqv1PvCqkj/OZ
fmfkFK/LUwCfxFBRRNXKK9JxQyP/jKzpeuOpFEC6Rdwm+8GlFVe9OnuKY2EwFBhB
lVlG7CtEPMYvvQfPJiyTc9GrMqV6qUFucwFgqOIKNPuvf+sRZcTMPRR715NrrO77
+HZO5uLKvQk3NQJTxm9VZbNDJ44OqGjhrJ0NVUtjxQvinTWsoGajpHgM5Zyf0o0u
dzP+aqJ3WgI4yD+mW6dQZB4JiQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:00 2024 by rpki-client on console.sobornost.net