Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/pzBseIcQeLD-jOYNeA7yOqgYyUk.roa
File: pzBseIcQeLD-jOYNeA7yOqgYyUk.roa (raw, json)
Hash identifier: kGeA6/6V0Bg8pwctzNpbDaJ3+srEklI4TJ5jF0zzg4k=
Subject key identifier: A7:30:6C:78:87:10:78:B0:FE:8C:E6:0D:78:0E:F2:3A:A8:18:C9:49
Certificate issuer: /CN=7f2ba86df787888f6f8592a806a6ffea3046c07a
Certificate serial: 01857246AB8BFBB71B02486877D927DC4A3A
Authority key identifier: 7F:2B:A8:6D:F7:87:88:8F:6F:85:92:A8:06:A6:FF:EA:30:46:C0:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyuobfeHiI9vhZKoBqb_6jBGwHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/pzBseIcQeLD-jOYNeA7yOqgYyUk.roa
Signing time: Mon 02 Jan 2023 11:38:32 +0000
ROA not before: Mon 02 Jan 2023 11:38:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35311
IP address blocks: 88.132.128.0/19 maxlen: 19
87.242.0.0/18 maxlen: 18
88.132.64.0/21 maxlen: 21
88.132.72.0/21 maxlen: 21
185.145.204.0/22 maxlen: 22
88.132.80.0/21 maxlen: 21
88.132.88.0/21 maxlen: 21
88.132.96.0/19 maxlen: 19
88.132.0.0/19 maxlen: 19
88.132.32.0/19 maxlen: 19
88.132.160.0/19 maxlen: 19
88.132.192.0/20 maxlen: 20
2a02:808::/29 maxlen: 29
2a02:808::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ab:8b:fb:b7:1b:02:48:68:77:d9:27:dc:4a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f2ba86df787888f6f8592a806a6ffea3046c07a
Validity
Not Before: Jan 2 11:38:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7306c78871078b0fe8ce60d780ef23aa818c949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:2c:64:a2:d2:fb:32:2a:86:aa:06:53:5e:da:
05:b7:d6:d7:63:eb:38:94:ba:0b:16:78:c1:e6:1d:
cd:21:f8:5c:0a:fe:43:31:87:73:64:5e:cd:33:79:
7c:16:1b:cd:d2:91:ab:d4:93:6d:05:7a:c6:3e:44:
93:f2:d9:b1:39:ec:15:5b:2c:85:9e:ec:e3:79:97:
5c:a6:b9:d5:c4:99:3d:0d:44:33:32:f1:1b:16:25:
90:12:60:06:e1:65:c7:01:a1:8a:d8:3b:39:ad:79:
0d:1a:68:87:4d:89:e7:9e:ec:bd:18:e3:ba:47:ba:
2f:f4:7b:80:0d:a1:66:a3:f8:ef:99:3c:6f:73:f6:
08:e1:09:75:51:a0:e6:15:84:a2:2a:7e:ef:c7:76:
57:e6:97:d8:47:88:7c:79:be:06:c7:c7:1a:93:83:
b1:91:40:93:bc:2a:a4:40:7b:68:36:8f:d4:4d:fd:
dc:44:ab:38:6b:dc:95:b8:35:12:ac:3f:66:91:dd:
22:81:94:67:60:f2:ac:de:ed:fd:a5:62:4a:08:87:
a3:1c:2c:0b:63:fe:f1:00:cf:c1:76:60:86:77:9f:
80:97:2b:8c:e6:ab:bd:8e:b5:23:68:43:04:32:6a:
0b:15:14:8a:44:3b:79:e4:f2:ba:e6:d8:3f:f5:96:
fa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:30:6C:78:87:10:78:B0:FE:8C:E6:0D:78:0E:F2:3A:A8:18:C9:49
X509v3 Authority Key Identifier:
keyid:7F:2B:A8:6D:F7:87:88:8F:6F:85:92:A8:06:A6:FF:EA:30:46:C0:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyuobfeHiI9vhZKoBqb_6jBGwHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/pzBseIcQeLD-jOYNeA7yOqgYyUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/fyuobfeHiI9vhZKoBqb_6jBGwHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.242.0.0/18
88.132.0.0-88.132.207.255
185.145.204.0/22
IPv6:
2a02:808::/29
Signature Algorithm: sha256WithRSAEncryption
c3:d9:a4:1c:43:aa:73:7b:5b:5b:41:a1:88:9d:29:0d:10:3e:
a6:ae:97:ce:c7:ba:45:40:26:f3:cb:fc:63:f1:cd:0b:77:1f:
b2:2e:d9:26:86:8c:f7:22:3d:61:c8:80:5a:e4:aa:fa:41:f7:
b2:32:6c:ab:0d:da:5e:bd:cb:32:70:6f:68:b0:96:04:e0:a8:
ac:fb:25:d0:66:43:9b:45:8e:58:74:a4:63:23:de:0c:39:2a:
c7:1a:cc:8c:9e:52:d7:cf:9d:19:e0:e5:02:03:6a:51:aa:d9:
28:55:67:9f:65:09:96:50:cd:90:02:41:e3:6f:11:ff:45:7f:
2a:da:90:08:93:4f:f3:87:17:05:eb:23:90:7c:5c:14:92:c0:
df:fb:50:05:b9:51:2f:36:9b:07:8c:2a:3f:1d:8f:54:a3:85:
e3:1f:1d:68:45:59:24:29:85:c0:b4:70:e9:45:21:24:2e:e8:
26:e2:df:e2:06:f6:d9:6c:d9:53:06:d9:d4:f9:f0:5e:f1:f5:
ae:c4:0f:ab:3e:19:17:01:77:98:60:e8:44:84:60:68:18:84:
40:6f:20:b9:a9:5c:ed:93:fb:ce:8b:74:dc:63:28:a3:2e:5b:
e7:5c:a3:75:fc:ad:98:6a:c7:61:01:d6:12:83:97:9d:1b:70:
2c:4c:b6:fc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVyRquL+7cbAkhod9kn3Eo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMmJhODZkZjc4Nzg4OGY2Zjg1OTJhODA2YTZmZmVhMzA0
NmMwN2EwHhcNMjMwMTAyMTEzODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzMwNmM3ODg3MTA3OGIwZmU4Y2U2MGQ3ODBlZjIzYWE4MThjOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CxkotL7MiqGqgZTXtoFt9bXY+s4
lLoLFnjB5h3NIfhcCv5DMYdzZF7NM3l8FhvN0pGr1JNtBXrGPkST8tmxOewVWyyF
nuzjeZdcprnVxJk9DUQzMvEbFiWQEmAG4WXHAaGK2Ds5rXkNGmiHTYnnnuy9GOO6
R7ov9HuADaFmo/jvmTxvc/YI4Ql1UaDmFYSiKn7vx3ZX5pfYR4h8eb4Gx8cak4Ox
kUCTvCqkQHtoNo/UTf3cRKs4a9yVuDUSrD9mkd0igZRnYPKs3u39pWJKCIejHCwL
Y/7xAM/BdmCGd5+AlyuM5qu9jrUjaEMEMmoLFRSKRDt55PK65tg/9Zb63wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKcwbHiHEHiw/ozmDXgO8jqoGMlJMB8GA1UdIwQY
MBaAFH8rqG33h4iPb4WSqAam/+owRsB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnl1b2JmZUhpSTl2aFpLb0JxYl82akJHd0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC81ZTY3ODYtNjM3Ny00MjI0LWJhMDYt
ZGM0NzY5ZWZmMWY1LzEvcHpCc2VJY1FlTEQtak9ZTmVBN3lPcWdZeVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC81ZTY3ODYtNjM3Ny00MjI0LWJhMDYtZGM0NzY5ZWZmMWY1
LzEvZnl1b2JmZUhpSTl2aFpLb0JxYl82akJHd0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQGV/IAMAsD
AwJYhAMEBFiEwAMEArmRzDANBAIAAjAHAwUDKgIICDANBgkqhkiG9w0BAQsFAAOC
AQEAw9mkHEOqc3tbW0GhiJ0pDRA+pq6Xzse6RUAm88v8Y/HNC3cfsi7ZJoaM9yI9
YciAWuSq+kH3sjJsqw3aXr3LMnBvaLCWBOCorPsl0GZDm0WOWHSkYyPeDDkqxxrM
jJ5S18+dGeDlAgNqUarZKFVnn2UJllDNkAJB428R/0V/KtqQCJNP84cXBesjkHxc
FJLA3/tQBblRLzabB4wqPx2PVKOF4x8daEVZJCmFwLRw6UUhJC7oJuLf4gb22WzZ
UwbZ1PnwXvH1rsQPqz4ZFwF3mGDoRIRgaBiEQG8gualc7ZP7zot03GMooy5b51yj
dfytmGrHYQHWEoOXnRtwLEy2/A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:23 2024 by rpki-client on console.sobornost.net