Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/0C6eSaAfkGDdmG1d-lNEt8XRgXc.roa
File: 0C6eSaAfkGDdmG1d-lNEt8XRgXc.roa (raw, json)
Hash identifier: 0dSsrgUJTBaPhKsMrWQV2HaMzUixgyG75N7D0c7E++w=
Subject key identifier: D0:2E:9E:49:A0:1F:90:60:DD:98:6D:5D:FA:53:44:B7:C5:D1:81:77
Certificate issuer: /CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
Certificate serial: 01856F9DBBFEFBFDE7BB93B5F084C37E1970
Authority key identifier: 61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/0C6eSaAfkGDdmG1d-lNEt8XRgXc.roa
Signing time: Sun 01 Jan 2023 23:14:46 +0000
ROA not before: Sun 01 Jan 2023 23:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43567
IP address blocks: 188.164.136.0/21 maxlen: 21
188.164.160.0/19 maxlen: 19
37.157.24.0/22 maxlen: 22
37.157.28.0/23 maxlen: 23
37.157.30.0/24 maxlen: 24
77.73.88.0/22 maxlen: 22
77.73.92.0/24 maxlen: 24
31.25.200.0/21 maxlen: 21
77.73.94.0/24 maxlen: 24
77.73.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:bb:fe:fb:fd:e7:bb:93:b5:f0:84:c3:7e:19:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
Validity
Not Before: Jan 1 23:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d02e9e49a01f9060dd986d5dfa5344b7c5d18177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:a0:b7:52:25:ed:9a:dc:93:f7:25:47:d7:
be:7c:5a:a1:2f:bd:1d:c5:6b:9e:98:ae:93:df:6c:
e3:18:b8:07:1e:3e:47:c1:fc:2d:84:00:b1:b7:1c:
f6:d4:d4:90:50:c7:c7:c5:b6:d3:72:34:cc:a2:16:
7b:22:de:03:8d:98:c0:21:5d:3d:e9:a4:7f:4d:11:
d2:c9:69:51:5b:34:a8:c1:58:68:29:48:91:8a:a3:
4d:a7:a1:03:ae:18:77:72:8f:15:35:ef:6f:bf:70:
10:a5:09:52:ed:f0:d9:b3:4f:bc:60:a2:12:fe:bf:
0a:c7:2e:7c:d7:e9:f0:c7:6d:5b:e3:f3:35:d4:77:
59:e1:86:f4:61:17:3c:3b:4f:32:36:a9:59:c8:20:
d9:82:49:dc:fe:a5:f9:ab:99:d3:b1:b8:c7:bb:6d:
9b:42:fd:52:ae:54:2c:9c:4e:f7:2b:e2:87:52:67:
f8:03:36:e1:09:5c:fb:0e:e3:f7:95:45:49:44:b1:
7d:b4:4c:47:9c:03:e6:3c:9e:ff:15:6f:c9:a3:f2:
df:4f:ea:d1:26:df:57:e9:d1:80:9c:02:10:16:2d:
1e:03:0c:e3:68:25:33:b6:02:79:f2:5b:17:c1:e5:
ad:c7:0e:b8:0a:24:3f:61:6e:dc:a4:4c:e1:fd:5d:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2E:9E:49:A0:1F:90:60:DD:98:6D:5D:FA:53:44:B7:C5:D1:81:77
X509v3 Authority Key Identifier:
keyid:61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/0C6eSaAfkGDdmG1d-lNEt8XRgXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/YU4ZoidYFqKOXoDI-aKMxaHZwNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.200.0/21
37.157.24.0-37.157.30.255
77.73.88.0-77.73.94.255
188.164.136.0/21
188.164.160.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:b6:3a:13:8e:61:94:ce:c7:9d:a0:8f:79:5e:f1:e4:cd:62:
25:08:f8:21:43:6c:b5:84:a3:61:f6:41:b1:56:2e:77:e6:a5:
46:ca:e7:c8:e2:0a:b1:cb:f6:7f:b9:0a:3c:d4:20:72:cb:c8:
1a:f5:06:74:09:b7:91:84:f7:b4:7a:60:38:e2:09:7c:f9:de:
0c:4a:8c:e6:d6:fa:03:f5:59:75:f9:0b:b5:68:d1:6d:f5:ff:
93:92:c8:58:a6:ad:88:96:f5:2e:bc:59:af:36:be:3b:42:bc:
9b:b1:6f:cf:0d:9e:b9:d1:f5:5f:60:24:8d:80:dc:fc:3d:b3:
5d:6a:7f:65:01:32:f1:65:a2:45:b0:70:7f:45:7c:37:47:67:
63:02:77:47:25:05:32:95:57:d6:a1:62:3d:41:87:e1:4e:a0:
96:6c:38:94:9f:f3:95:f0:f6:a9:b1:6a:31:86:73:4a:13:a4:
8b:18:42:71:f3:c6:49:82:9e:04:c6:04:0d:4c:71:d3:03:77:
5f:fd:6c:33:44:5e:22:9f:6d:6e:2e:5b:78:11:ca:e4:91:a9:
85:c0:7e:b2:e4:cb:76:57:2e:31:d2:0b:67:4b:aa:10:d2:a1:
7d:5b:f0:3d:14:37:87:01:68:02:84:6b:bc:ec:8a:db:ff:67:
ff:10:a9:2e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvnbv++/3nu5O18ITDfhlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGUxOWEyMjc1ODE2YTI4ZTVlODBjOGY5YTI4Y2M1YTFk
OWMwZDUwHhcNMjMwMTAxMjMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDJlOWU0OWEwMWY5MDYwZGQ5ODZkNWRmYTUzNDRiN2M1ZDE4MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH6gt1Il7Zrck/clR9e+fFqhL70d
xWuemK6T32zjGLgHHj5HwfwthACxtxz21NSQUMfHxbbTcjTMohZ7It4DjZjAIV09
6aR/TRHSyWlRWzSowVhoKUiRiqNNp6EDrhh3co8VNe9vv3AQpQlS7fDZs0+8YKIS
/r8Kxy581+nwx21b4/M11HdZ4Yb0YRc8O08yNqlZyCDZgknc/qX5q5nTsbjHu22b
Qv1SrlQsnE73K+KHUmf4AzbhCVz7DuP3lUVJRLF9tExHnAPmPJ7/FW/Jo/LfT+rR
Jt9X6dGAnAIQFi0eAwzjaCUztgJ58lsXweWtxw64CiQ/YW7cpEzh/V1+nwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNAunkmgH5Bg3ZhtXfpTRLfF0YF3MB8GA1UdIwQY
MBaAFGFOGaInWBaijl6AyPmijMWh2cDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAt
ODcwNTQ0Y2FhZmFiLzEvMEM2ZVNhQWZrR0RkbUcxZC1sTkV0OFhSZ1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAtODcwNTQ0Y2FhZmFi
LzEvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQDHxnIMAwD
BAMlnRgDBAAlnR4wDAMEA01JWAMEAE1JXgMEA7ykiAMEBbykoDANBgkqhkiG9w0B
AQsFAAOCAQEApLY6E45hlM7HnaCPeV7x5M1iJQj4IUNstYSjYfZBsVYud+alRsrn
yOIKscv2f7kKPNQgcsvIGvUGdAm3kYT3tHpgOOIJfPneDEqM5tb6A/VZdfkLtWjR
bfX/k5LIWKatiJb1LrxZrza+O0K8m7Fvzw2eudH1X2AkjYDc/D2zXWp/ZQEy8WWi
RbBwf0V8N0dnYwJ3RyUFMpVX1qFiPUGH4U6glmw4lJ/zlfD2qbFqMYZzShOkixhC
cfPGSYKeBMYEDUxx0wN3X/1sM0ReIp9tbi5beBHK5JGphcB+suTLdlcuMdILZ0uq
ENKhfVvwPRQ3hwFoAoRrvOyK2/9n/xCpLg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:18 2024 by rpki-client on console.sobornost.net