Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/RKjaWXJ8xFpmoaURPmMJv9fI4CA.roa
File: RKjaWXJ8xFpmoaURPmMJv9fI4CA.roa (raw, json)
Hash identifier: ombcK0VSwd9MhCzLwCA1HNeBGEWO9RSqWATRaivG61I=
Subject key identifier: 44:A8:DA:59:72:7C:C4:5A:66:A1:A5:11:3E:63:09:BF:D7:C8:E0:20
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 01856C6EE55B1CC78E462AEB2364F622B037
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/RKjaWXJ8xFpmoaURPmMJv9fI4CA.roa
Signing time: Sun 01 Jan 2023 08:24:44 +0000
ROA not before: Sun 01 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 185.161.232.0/22 maxlen: 22
185.161.233.0/24 maxlen: 24
185.161.234.0/24 maxlen: 24
185.161.235.0/24 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.46.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e5:5b:1c:c7:8e:46:2a:eb:23:64:f6:22:b0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44a8da59727cc45a66a1a5113e6309bfd7c8e020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b6:f7:2d:75:66:6e:51:ae:08:b9:44:31:d3:
87:98:a2:4c:f5:38:65:06:08:00:ae:3c:18:e2:53:
55:40:57:cd:60:ee:5c:3f:99:6f:65:69:29:c4:71:
bd:aa:69:53:d4:b0:90:c4:d6:bd:24:d3:c8:43:bf:
ed:65:4c:38:06:9a:73:30:6e:1a:29:78:eb:2a:43:
22:ce:81:08:6e:50:97:fd:d5:40:79:90:8a:4d:4a:
28:b9:3f:0e:c6:5c:4a:ed:8e:8f:95:4e:f0:39:fe:
fc:c9:95:86:2b:c4:33:97:f1:41:42:31:3c:39:4a:
a1:81:cd:00:54:a4:ee:fb:fb:a8:62:b3:ba:35:ad:
55:9e:0e:4f:b9:f9:08:ff:54:ea:ca:15:e3:eb:21:
2d:a3:5b:49:60:fd:ea:ab:e8:01:ff:22:d7:26:35:
cf:8c:09:a5:65:cc:85:d6:24:cb:96:d3:3d:bb:46:
5c:c4:47:81:ea:76:19:87:81:55:21:ec:f3:bb:38:
0b:33:7d:fe:19:72:35:0a:1c:20:5a:74:a4:e4:71:
22:9c:1e:21:ae:40:da:9c:da:29:82:ae:c0:51:06:
39:b5:3c:99:cd:6b:77:50:a5:02:19:8d:33:6b:51:
e7:66:f3:d7:c5:7a:d5:84:87:ad:20:f6:42:a5:9d:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A8:DA:59:72:7C:C4:5A:66:A1:A5:11:3E:63:09:BF:D7:C8:E0:20
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/RKjaWXJ8xFpmoaURPmMJv9fI4CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
41:c3:33:34:d9:3f:83:16:87:7b:a7:1e:2f:b1:a0:73:1e:c3:
b3:b0:b6:aa:cb:1e:53:d3:de:ba:bf:a4:43:06:93:1a:17:20:
47:1b:61:f3:2c:79:35:ef:65:96:86:2f:ce:5a:5c:63:1a:20:
06:2d:88:da:32:f2:15:ea:cb:7f:e4:6a:fb:b2:22:08:f9:ee:
e2:b6:97:94:f2:40:77:cc:70:38:1b:b9:6f:b6:10:18:98:1f:
1e:56:b7:06:be:1f:db:c3:e1:45:cd:5f:37:2e:de:20:5e:64:
08:ab:27:02:97:ec:ee:d8:bc:41:50:bf:af:4c:69:71:b2:be:
05:39:43:af:47:a3:cf:72:96:fe:ec:22:dc:31:e4:bc:20:b7:
b2:b2:fe:74:bb:c7:be:3c:6e:58:2b:91:e5:e7:e1:1c:99:77:
85:3d:98:90:1f:af:23:f2:04:2e:61:82:5a:c2:48:3b:ea:c0:
96:58:68:2a:2b:3f:e9:60:01:c8:e6:a1:b6:50:9f:a0:e1:92:
8c:37:c4:c2:81:1d:4d:d3:56:c9:c3:80:46:40:ee:8d:f3:30:
c1:7c:90:cb:ed:4e:f8:bd:a8:89:00:44:64:f8:06:f1:79:51:
7c:5f:52:cc:5f:97:10:4b:be:4d:e4:4b:00:87:5d:8c:31:f6:
a2:29:1b:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsbuVbHMeORirrI2T2IrA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjMwMTAxMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE4ZGE1OTcyN2NjNDVhNjZhMWE1MTEzZTYzMDliZmQ3YzhlMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rb3LXVmblGuCLlEMdOHmKJM9Thl
BggArjwY4lNVQFfNYO5cP5lvZWkpxHG9qmlT1LCQxNa9JNPIQ7/tZUw4BppzMG4a
KXjrKkMizoEIblCX/dVAeZCKTUoouT8OxlxK7Y6PlU7wOf78yZWGK8Qzl/FBQjE8
OUqhgc0AVKTu+/uoYrO6Na1Vng5PufkI/1TqyhXj6yEto1tJYP3qq+gB/yLXJjXP
jAmlZcyF1iTLltM9u0ZcxEeB6nYZh4FVIezzuzgLM33+GXI1ChwgWnSk5HEinB4h
rkDanNopgq7AUQY5tTyZzWt3UKUCGY0za1HnZvPXxXrVhIetIPZCpZ0x6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFESo2llyfMRaZqGlET5jCb/XyOAgMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvUktqYVdYSjh4RnBtb2FVUlBtTUp2OWZJNENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW84UAwQC
uUQsAwQCuaHoMA0GCSqGSIb3DQEBCwUAA4IBAQBBwzM02T+DFod7px4vsaBzHsOz
sLaqyx5T0966v6RDBpMaFyBHG2HzLHk172WWhi/OWlxjGiAGLYjaMvIV6st/5Gr7
siII+e7itpeU8kB3zHA4G7lvthAYmB8eVrcGvh/bw+FFzV83Lt4gXmQIqycCl+zu
2LxBUL+vTGlxsr4FOUOvR6PPcpb+7CLcMeS8ILeysv50u8e+PG5YK5Hl5+EcmXeF
PZiQH68j8gQuYYJawkg76sCWWGgqKz/pYAHI5qG2UJ+g4ZKMN8TCgR1N01bJw4BG
QO6N8zDBfJDL7U74vaiJAERk+AbxeVF8X1LMX5cQS75N5EsAh12MMfaiKRsB
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:56 2024 by rpki-client on console.sobornost.net