Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/I7wTtPCPPgW1pjr0Eyseyj52zdw.roa
File: I7wTtPCPPgW1pjr0Eyseyj52zdw.roa (raw, json)
Hash identifier: 1NYi8Xc4DWMqlHUWqtpYh+Xqb5XIKxCrB/DMa2BqGfo=
Subject key identifier: 23:BC:13:B4:F0:8F:3E:05:B5:A6:3A:F4:13:2B:1E:CA:3E:76:CD:DC
Certificate issuer: /CN=aaca4f4a737ec09f335ac40633133328213efc3d
Certificate serial: 01856EC23F9CEBFE046D51DD8249F48EE7EA
Authority key identifier: AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/I7wTtPCPPgW1pjr0Eyseyj52zdw.roa
Signing time: Sun 01 Jan 2023 19:15:02 +0000
ROA not before: Sun 01 Jan 2023 19:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205876
IP address blocks: 194.5.132.0/24 maxlen: 24
194.5.145.0/24 maxlen: 24
45.152.249.0/24 maxlen: 24
45.152.250.0/24 maxlen: 24
31.24.250.0/24 maxlen: 24
2a12:5040:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:3f:9c:eb:fe:04:6d:51:dd:82:49:f4:8e:e7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaca4f4a737ec09f335ac40633133328213efc3d
Validity
Not Before: Jan 1 19:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23bc13b4f08f3e05b5a63af4132b1eca3e76cddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f7:ec:82:63:a5:5e:b8:a8:c0:13:d2:59:14:
71:d9:74:e4:22:fc:8f:af:09:a0:f1:53:54:42:8c:
b4:54:d8:7a:d0:cd:48:b9:a6:65:1f:58:7b:69:21:
45:28:19:62:1e:8c:2a:43:ed:d1:5f:c3:d6:f7:43:
a6:4b:28:99:60:b0:a1:6e:83:d0:a2:96:1f:e1:d5:
d0:2e:33:9e:1b:6d:65:c0:21:6a:fa:06:16:05:b7:
7e:92:b8:be:5e:6c:32:5e:18:4a:ea:3c:54:0a:d1:
2e:1f:0d:50:e0:7f:4a:ba:e5:e6:df:73:c3:e4:9d:
b2:b0:b3:26:f1:53:b7:91:6a:12:e5:7a:e7:54:0e:
fe:22:bc:d3:f2:b4:fb:39:20:3f:aa:fe:77:5e:15:
36:e0:b3:e9:61:e3:3a:b8:9d:35:20:7a:57:6a:6b:
82:f6:b3:74:8c:74:b3:cc:fc:43:d6:5d:e9:01:95:
c2:74:13:a8:82:44:00:49:8c:60:35:2f:f6:e3:3a:
5a:52:80:31:28:29:82:74:21:02:5e:b4:1d:10:c4:
5e:30:e5:68:df:e3:42:73:ed:3c:86:00:b5:12:e8:
26:e5:da:87:7d:bc:3a:35:db:45:f6:4c:1f:59:91:
85:83:a6:a6:82:dd:88:93:98:41:c9:20:0e:82:46:
59:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BC:13:B4:F0:8F:3E:05:B5:A6:3A:F4:13:2B:1E:CA:3E:76:CD:DC
X509v3 Authority Key Identifier:
keyid:AA:CA:4F:4A:73:7E:C0:9F:33:5A:C4:06:33:13:33:28:21:3E:FC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qspPSnN-wJ8zWsQGMxMzKCE-_D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/I7wTtPCPPgW1pjr0Eyseyj52zdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c1876a-fae1-43cc-a2d7-334e6f332180/1/qspPSnN-wJ8zWsQGMxMzKCE-_D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.250.0/24
45.152.249.0-45.152.250.255
194.5.132.0/24
194.5.145.0/24
IPv6:
2a12:5040:1::/48
Signature Algorithm: sha256WithRSAEncryption
60:2e:48:fe:05:ab:83:35:41:0f:7c:f0:4a:de:e7:b6:d8:ed:
b0:0a:59:53:56:04:dc:a9:da:36:bb:6d:09:36:97:84:5e:46:
01:3b:93:9c:0d:f3:de:58:b4:a3:63:9a:4e:3f:a6:54:94:2a:
ee:d2:e7:20:d0:05:55:9c:00:08:62:62:61:1d:03:58:9c:8a:
18:2e:78:99:eb:bc:8a:e8:d4:bc:c3:82:46:b5:07:16:99:48:
81:26:e1:94:d0:6e:72:d9:8a:b1:b8:d6:7b:7d:b3:8e:e4:fa:
36:8a:8e:30:ba:20:a0:0b:72:42:10:1e:c5:e8:b2:df:b4:5c:
89:35:0b:c2:53:07:ea:01:a4:35:29:41:1a:b6:78:43:ce:79:
aa:ce:e5:bd:92:95:16:b3:db:14:ae:f6:9e:71:59:fd:98:f1:
01:74:b9:2b:05:f4:1c:8d:a7:ac:a0:00:d1:0c:b1:d5:62:9e:
3d:c6:29:21:73:99:7d:11:61:91:88:f5:c2:a6:e8:6a:44:08:
a7:00:0b:78:a5:0a:4e:99:bc:de:4a:60:28:32:60:7c:a5:25:
33:d8:bd:32:a2:76:bb:2b:95:ed:91:6d:89:66:c6:25:2c:99:
42:53:f8:88:f6:4c:73:97:a1:79:e6:b6:26:92:2a:b7:25:a5:
53:96:ed:35
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVuwj+c6/4EbVHdgkn0jufqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2E0ZjRhNzM3ZWMwOWYzMzVhYzQwNjMzMTMzMzI4MjEz
ZWZjM2QwHhcNMjMwMTAxMTkxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JjMTNiNGYwOGYzZTA1YjVhNjNhZjQxMzJiMWVjYTNlNzZjZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vfsgmOlXriowBPSWRRx2XTkIvyP
rwmg8VNUQoy0VNh60M1IuaZlH1h7aSFFKBliHowqQ+3RX8PW90OmSyiZYLChboPQ
opYf4dXQLjOeG21lwCFq+gYWBbd+kri+XmwyXhhK6jxUCtEuHw1Q4H9KuuXm33PD
5J2ysLMm8VO3kWoS5XrnVA7+IrzT8rT7OSA/qv53XhU24LPpYeM6uJ01IHpXamuC
9rN0jHSzzPxD1l3pAZXCdBOogkQASYxgNS/24zpaUoAxKCmCdCECXrQdEMReMOVo
3+NCc+08hgC1Eugm5dqHfbw6NdtF9kwfWZGFg6amgt2Ik5hBySAOgkZZRQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCO8E7Twjz4FtaY69BMrHso+ds3cMB8GA1UdIwQY
MBaAFKrKT0pzfsCfM1rEBjMTMyghPvw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNwUFNuTi13Sjh6V3NRR014TXpLQ0UtX0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMTg3NmEtZmFlMS00M2NjLWEyZDct
MzM0ZTZmMzMyMTgwLzEvSTd3VHRQQ1BQZ1cxcGpyMEV5c2V5ajUyemR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMTg3NmEtZmFlMS00M2NjLWEyZDctMzM0ZTZmMzMyMTgw
LzEvcXNwUFNuTi13Sjh6V3NRR014TXpLQ0UtX0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQAHxj6MAwD
BAAtmPkDBAAtmPoDBADCBYQDBADCBZEwDwQCAAIwCQMHACoSUEAAATANBgkqhkiG
9w0BAQsFAAOCAQEAYC5I/gWrgzVBD3zwSt7nttjtsApZU1YE3KnaNrttCTaXhF5G
ATuTnA3z3li0o2OaTj+mVJQq7tLnINAFVZwACGJiYR0DWJyKGC54meu8iujUvMOC
RrUHFplIgSbhlNBuctmKsbjWe32zjuT6NoqOMLogoAtyQhAexeiy37RciTULwlMH
6gGkNSlBGrZ4Q855qs7lvZKVFrPbFK72nnFZ/ZjxAXS5KwX0HI2nrKAA0Qyx1WKe
PcYpIXOZfRFhkYj1wqboakQIpwALeKUKTpm83kpgKDJgfKUlM9i9MqJ2uyuV7ZFt
iWbGJSyZQlP4iPZMc5eheea2JpIqtyWlU5btNQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:45 2024 by rpki-client on console.sobornost.net