Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/JImwXgtn1UgC_UiI6q0cAVUU3So.roa
File: JImwXgtn1UgC_UiI6q0cAVUU3So.roa (raw, json)
Hash identifier: bNkXlXzqDy7ebkJhc6ShvimGari36tFsa7WKPv9j01s=
Subject key identifier: 24:89:B0:5E:0B:67:D5:48:02:FD:48:88:EA:AD:1C:01:55:14:DD:2A
Certificate issuer: /CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
Certificate serial: 018996EAF56DA0A9C595911C037131CDD891
Authority key identifier: D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/JImwXgtn1UgC_UiI6q0cAVUU3So.roa
Signing time: Thu 27 Jul 2023 10:35:27 +0000
ROA not before: Thu 27 Jul 2023 10:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 185.235.28.0/24 maxlen: 24
185.235.28.0/22 maxlen: 24
185.235.31.0/24 maxlen: 24
185.235.30.0/24 maxlen: 24
185.235.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:ea:f5:6d:a0:a9:c5:95:91:1c:03:71:31:cd:d8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
Validity
Not Before: Jul 27 10:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2489b05e0b67d54802fd4888eaad1c015514dd2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:50:b5:ee:fe:49:9e:20:49:b3:99:c5:c2:
0d:a8:2e:f5:95:0d:97:4a:82:96:28:c8:46:18:e4:
c0:ee:78:29:55:24:77:dc:a4:89:f9:78:4c:ee:06:
57:f5:af:72:bd:5b:c7:74:83:a8:86:c8:3c:ee:4d:
c5:92:19:f8:ee:4e:6c:98:4f:a6:90:4d:0e:fd:77:
e6:5e:5c:0e:ec:1f:77:96:85:22:fd:35:69:17:14:
2f:c8:f0:c0:98:cc:84:69:42:bd:eb:97:75:3d:54:
8c:b5:db:bc:98:6c:c0:81:e8:90:8e:0e:bd:72:a8:
f3:8f:ee:85:ac:1f:c8:10:ab:2d:95:48:a5:01:8e:
54:a0:ea:78:31:ab:ad:f7:6d:3a:c8:f7:5d:e3:9a:
19:04:e5:21:8b:45:02:b9:9c:51:8b:af:95:b8:40:
25:3a:29:ba:54:54:92:8a:b7:80:2e:8f:e0:88:09:
bb:1b:2f:50:bf:eb:97:64:55:3a:da:d4:71:3a:8e:
29:0a:2b:e4:2a:6d:2e:18:96:09:62:57:e6:4c:c9:
49:24:4f:c7:8e:20:1b:d7:38:98:5f:c5:09:2d:44:
02:ca:65:b7:0f:03:f3:1a:a7:c5:bf:3e:19:00:b9:
85:03:e5:02:92:e2:f9:b2:10:ef:0b:7b:c0:51:05:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:89:B0:5E:0B:67:D5:48:02:FD:48:88:EA:AD:1C:01:55:14:DD:2A
X509v3 Authority Key Identifier:
keyid:D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/JImwXgtn1UgC_UiI6q0cAVUU3So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/0u9GpBNBlOckI9VyobZtSp0uTBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.28.0/22
Signature Algorithm: sha256WithRSAEncryption
96:71:f9:44:7e:0d:0e:84:64:36:f4:33:bc:45:45:bd:16:64:
95:c2:ec:48:69:36:8f:87:a5:eb:ea:24:33:7e:cf:80:e8:0a:
57:7d:46:2e:d5:0a:d2:79:b8:6a:00:31:4a:a9:1d:3d:cf:de:
d1:0e:fe:60:4a:4b:60:7f:64:54:56:8c:47:1b:8b:0e:29:e4:
e3:1e:d3:4f:a1:aa:40:12:43:87:00:aa:be:62:cb:bd:c0:8c:
1a:37:cf:6a:15:d2:5f:be:4c:a0:f2:0e:37:ff:a0:e9:2e:cf:
18:fc:7e:03:0f:94:ac:41:81:da:bd:f4:54:8f:25:2f:28:ca:
ad:70:07:27:05:99:10:dd:93:c7:56:93:9e:92:e3:ef:67:17:
9c:2d:97:4e:f0:6e:c4:32:6b:79:a3:a1:80:31:88:36:af:7e:
5a:02:02:5c:3f:1e:4a:1a:a0:cf:55:47:3b:e5:b0:a6:c0:f3:
98:da:83:03:73:fd:36:9f:15:11:60:7d:2a:84:c1:83:b8:9b:
8b:b1:e6:e8:d2:bc:5a:fa:f0:ff:30:04:02:13:50:17:c9:11:
18:df:b2:ed:14:47:15:2f:7c:0a:b7:dc:f0:ea:b8:04:74:29:
6b:b7:7d:6c:e8:be:9a:d8:3f:b7:de:bd:35:e5:7d:4a:ba:3e:
c6:b2:b9:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmW6vVtoKnFlZEcA3ExzdiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWY0NmE0MTM0MTk0ZTcyNDIzZDU3MmExYjY2ZDRhOWQy
ZTRjMTMwHhcNMjMwNzI3MTAzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg5YjA1ZTBiNjdkNTQ4MDJmZDQ4ODhlYWFkMWMwMTU1MTRkZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqRQte7+SZ4gSbOZxcINqC71lQ2X
SoKWKMhGGOTA7ngpVSR33KSJ+XhM7gZX9a9yvVvHdIOohsg87k3Fkhn47k5smE+m
kE0O/XfmXlwO7B93loUi/TVpFxQvyPDAmMyEaUK965d1PVSMtdu8mGzAgeiQjg69
cqjzj+6FrB/IEKstlUilAY5UoOp4Maut9206yPdd45oZBOUhi0UCuZxRi6+VuEAl
Oim6VFSSireALo/giAm7Gy9Qv+uXZFU62tRxOo4pCivkKm0uGJYJYlfmTMlJJE/H
jiAb1ziYX8UJLUQCymW3DwPzGqfFvz4ZALmFA+UCkuL5shDvC3vAUQWqWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSJsF4LZ9VIAv1IiOqtHAFVFN0qMB8GA1UdIwQY
MBaAFNLvRqQTQZTnJCPVcqG2bUqdLkwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMt
YTg4YmI3ODA1YjA5LzEvSkltd1hndG4xVWdDX1VpSTZxMGNBVlVVM1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMtYTg4YmI3ODA1YjA5
LzEvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuescMA0G
CSqGSIb3DQEBCwUAA4IBAQCWcflEfg0OhGQ29DO8RUW9FmSVwuxIaTaPh6Xr6iQz
fs+A6ApXfUYu1QrSebhqADFKqR09z97RDv5gSktgf2RUVoxHG4sOKeTjHtNPoapA
EkOHAKq+Ysu9wIwaN89qFdJfvkyg8g43/6DpLs8Y/H4DD5SsQYHavfRUjyUvKMqt
cAcnBZkQ3ZPHVpOekuPvZxecLZdO8G7EMmt5o6GAMYg2r35aAgJcPx5KGqDPVUc7
5bCmwPOY2oMDc/02nxURYH0qhMGDuJuLsebo0rxa+vD/MAQCE1AXyREY37LtFEcV
L3wKt9zw6rgEdClrt31s6L6a2D+33r015X1Kuj7GsrnQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:02 2024 by rpki-client on console.sobornost.net