Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AHWm1ZkdBiVndPr1V2BZ0JHr5V8.roa
File: AHWm1ZkdBiVndPr1V2BZ0JHr5V8.roa (raw, json)
Hash identifier: SqSCVsPvlFTb7s4X1/SUOOKqaj1RWuZIZTC/NnB3uN8=
Subject key identifier: 00:75:A6:D5:99:1D:06:25:67:74:FA:F5:57:60:59:D0:91:EB:E5:5F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01890142BA888A132B78CCA312640188A604
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AHWm1ZkdBiVndPr1V2BZ0JHr5V8.roa
Signing time: Wed 28 Jun 2023 09:08:17 +0000
ROA not before: Wed 28 Jun 2023 09:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 89.37.194.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:42:ba:88:8a:13:2b:78:cc:a3:12:64:01:88:a6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 28 09:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0075a6d5991d06256774faf5576059d091ebe55f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:da:53:02:3a:18:51:b0:6b:05:29:d7:ca:01:
80:49:61:41:20:c1:5f:a6:12:26:4d:c5:76:da:5a:
9f:d4:b4:55:72:f4:1e:be:5d:1b:0e:29:81:64:c8:
b1:34:a8:72:c3:4d:bc:c7:15:d6:67:71:bf:72:c4:
35:0a:8f:c2:ab:5c:60:bf:ed:e6:04:2d:b8:67:03:
a9:da:0e:d2:ae:79:72:e9:83:a9:82:11:ee:a0:3b:
a1:cb:bc:d2:e8:d5:8b:94:f6:c5:d8:17:89:4a:45:
ea:a3:b1:a7:a1:b0:25:99:4d:6a:e3:f2:e0:df:88:
6f:76:62:04:3f:42:20:f8:fc:26:af:97:4c:56:d0:
c2:60:48:3f:7a:d5:a1:a9:7b:87:fc:42:f2:11:63:
f2:d9:29:5c:b6:fb:9b:c6:3c:6b:d1:1f:e7:ef:bb:
73:8b:be:32:ef:9e:80:e9:5f:48:8e:e2:a2:89:23:
c8:73:5c:b3:74:22:48:e3:a2:13:62:9a:61:a3:4a:
40:9c:18:7e:9a:d2:04:70:74:61:3e:e5:25:9b:eb:
72:ed:2a:b5:87:01:65:fe:a5:75:40:0e:ff:f8:97:
b9:eb:9e:12:85:d4:ac:06:e2:5a:08:ac:7b:1f:45:
da:0a:db:36:cf:f0:fd:dd:3d:69:68:8e:58:ab:02:
cc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:75:A6:D5:99:1D:06:25:67:74:FA:F5:57:60:59:D0:91:EB:E5:5F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AHWm1ZkdBiVndPr1V2BZ0JHr5V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.219.0/24
89.37.194.0/24
94.198.171.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:a0:4f:41:3e:b6:e8:df:32:61:c9:34:a3:b2:ae:97:23:c0:
a9:d1:79:8e:0d:0e:a6:84:c4:93:b8:51:43:fb:45:1d:1f:c7:
93:e8:00:eb:a5:92:7a:09:15:1a:f2:9c:1c:c9:22:c1:a7:4b:
30:f4:85:7b:c2:7e:e9:d0:14:bc:88:85:b0:cb:ff:df:6f:3b:
9e:c4:12:8b:ef:a6:35:62:7a:4d:c4:45:33:4e:43:63:93:17:
55:a2:a9:12:81:49:47:1d:ce:6b:6f:f3:a2:ae:a0:59:3e:5c:
8d:69:63:c3:18:45:e0:a9:a8:db:46:21:8f:9c:90:09:66:09:
8d:c5:17:2a:9a:e4:de:bc:ac:bf:58:e3:aa:29:28:75:c6:94:
e7:da:22:39:2f:4d:00:7f:16:e8:0c:7b:ae:0c:61:ed:a0:c3:
bb:7d:06:6d:97:81:07:b7:71:20:53:70:0a:c3:88:43:3e:bf:
48:b2:9e:74:19:6b:e0:8d:17:f9:95:ed:7d:f2:37:72:a4:0e:
83:4b:b8:66:36:9e:11:ff:29:ad:43:13:81:f5:6d:ac:c8:05:
8a:76:d0:03:ab:31:92:01:7f:21:34:1f:b4:b3:b0:5d:d1:1b:
ea:c1:5f:b8:e4:d5:03:06:89:d6:a9:fa:c4:46:99:10:be:41:
62:40:1b:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkBQrqIihMreMyjEmQBiKYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjI4MDkwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc1YTZkNTk5MWQwNjI1Njc3NGZhZjU1NzYwNTlkMDkxZWJlNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtpTAjoYUbBrBSnXygGASWFBIMFf
phImTcV22lqf1LRVcvQevl0bDimBZMixNKhyw028xxXWZ3G/csQ1Co/Cq1xgv+3m
BC24ZwOp2g7Srnly6YOpghHuoDuhy7zS6NWLlPbF2BeJSkXqo7GnobAlmU1q4/Lg
34hvdmIEP0Ig+Pwmr5dMVtDCYEg/etWhqXuH/ELyEWPy2Slctvubxjxr0R/n77tz
i74y756A6V9IjuKiiSPIc1yzdCJI46ITYppho0pAnBh+mtIEcHRhPuUlm+ty7Sq1
hwFl/qV1QA7/+Je5654ShdSsBuJaCKx7H0XaCts2z/D93T1paI5YqwLMBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAB1ptWZHQYlZ3T69VdgWdCR6+VfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQUhXbTFaa2RCaVZuZFByMVYyQlowSkhyNVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSLbAwQA
WSXCAwQAXsarMA0GCSqGSIb3DQEBCwUAA4IBAQAboE9BPrbo3zJhyTSjsq6XI8Cp
0XmODQ6mhMSTuFFD+0UdH8eT6ADrpZJ6CRUa8pwcySLBp0sw9IV7wn7p0BS8iIWw
y//fbzuexBKL76Y1YnpNxEUzTkNjkxdVoqkSgUlHHc5rb/OirqBZPlyNaWPDGEXg
qajbRiGPnJAJZgmNxRcqmuTevKy/WOOqKSh1xpTn2iI5L00AfxboDHuuDGHtoMO7
fQZtl4EHt3EgU3AKw4hDPr9Isp50GWvgjRf5le198jdypA6DS7hmNp4R/ymtQxOB
9W2syAWKdtADqzGSAX8hNB+0s7Bd0RvqwV+45NUDBonWqfrERpkQvkFiQBtK
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net