Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/CVd5OgCooK_s95ghFcC5296ouuw.roa
File: CVd5OgCooK_s95ghFcC5296ouuw.roa (raw, json)
Hash identifier: j9ffw6xfuf6bTlbsX7ki5CR9VqiMvWUIs9vIACMjQgo=
Subject key identifier: 09:57:79:3A:00:A8:A0:AF:EC:F7:98:21:15:C0:B9:DB:DE:A8:BA:EC
Certificate issuer: /CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Certificate serial: 01856BD382598A78296CC8AC05610A4542B2
Authority key identifier: B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/CVd5OgCooK_s95ghFcC5296ouuw.roa
Signing time: Sun 01 Jan 2023 05:35:01 +0000
ROA not before: Sun 01 Jan 2023 05:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59914
IP address blocks: 185.66.225.0/24 maxlen: 24
185.66.224.0/24 maxlen: 24
185.66.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:82:59:8a:78:29:6c:c8:ac:05:61:0a:45:42:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Validity
Not Before: Jan 1 05:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0957793a00a8a0afecf7982115c0b9dbdea8baec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:71:0e:47:35:47:23:9a:6d:76:10:5b:71:98:
47:16:06:1b:12:e0:09:38:fe:fa:b3:a8:65:15:9f:
b9:c1:dc:53:74:4a:0b:b9:1d:4a:1a:a9:2e:cc:81:
0d:21:f7:c1:c1:49:0a:98:6e:3e:a2:ce:78:19:23:
01:42:8a:78:0f:81:21:d7:6b:35:26:c9:de:a5:fb:
30:3c:bd:78:35:4c:9e:53:ec:be:bc:a5:e5:8a:70:
ea:cb:d8:b6:37:0d:70:41:7d:9a:e7:d5:94:09:d3:
ee:0d:ac:31:72:ba:ab:8a:88:bb:64:ec:6f:94:97:
06:1b:3c:7d:b3:69:e4:de:82:fd:da:24:66:1f:22:
0d:37:09:54:59:88:75:e9:09:3e:29:eb:87:6c:2b:
c0:ff:29:db:46:3a:a8:1a:b0:0d:0b:cf:38:54:0a:
74:8b:ed:c1:57:e1:3e:5d:32:4f:f6:b7:42:14:88:
c4:e5:2c:eb:51:56:ca:a4:9c:c9:eb:ba:44:4b:6e:
34:ef:e2:af:f5:5c:ee:2e:17:ee:04:d5:1e:5f:32:
db:82:16:a0:43:04:77:77:f6:94:75:50:d9:b9:5b:
1d:f9:f6:30:5f:f5:57:29:cf:ef:23:84:41:7d:de:
40:85:86:ff:2c:17:e7:f5:2c:6f:3c:76:14:a7:19:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:57:79:3A:00:A8:A0:AF:EC:F7:98:21:15:C0:B9:DB:DE:A8:BA:EC
X509v3 Authority Key Identifier:
keyid:B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/CVd5OgCooK_s95ghFcC5296ouuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/t6Zw5RyWQZ_FICixLkVlXvkU3bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.224.0/23
185.66.227.0/24
Signature Algorithm: sha256WithRSAEncryption
57:8e:fd:b6:a9:72:85:83:cf:31:76:16:37:2a:be:0f:d9:99:
5d:06:07:e2:98:e4:c2:f2:26:15:83:c0:0c:69:0e:04:96:54:
b3:be:34:29:f6:c3:0e:5c:5d:0c:3b:26:2d:82:6c:a4:86:90:
1a:9f:e3:bf:04:76:b2:47:9c:cb:bf:62:3d:94:12:ff:db:3b:
5c:a5:d9:9b:66:27:4d:ec:0e:c0:45:3b:6e:6c:d6:b5:e5:42:
79:19:62:86:f7:92:28:05:4c:28:8c:76:e3:ad:88:31:ed:75:
38:1f:03:a7:d9:5d:3f:9d:ac:95:01:98:66:66:9a:42:b0:f2:
60:43:1b:cb:5b:fc:d8:30:b5:fa:eb:2e:44:38:b1:25:b9:f3:
3a:47:5f:7b:9d:15:ef:f3:e8:2c:73:20:23:46:40:26:9b:5e:
2f:a7:28:b4:7d:e4:0d:2a:ee:c0:39:51:e7:c3:b2:7b:cc:be:
f7:80:14:30:e3:52:6a:b1:5c:27:b4:55:e7:22:64:27:34:a1:
15:71:63:7c:02:68:32:75:6e:c4:db:34:47:d9:39:8a:47:80:
68:9a:28:d4:10:02:a9:60:31:cb:cc:b1:e8:03:5e:66:03:1a:
7e:85:74:fa:94:b0:20:67:b5:00:02:6b:3a:05:42:33:3c:30:
d1:7d:12:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr04JZingpbMisBWEKRUKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTY3MGU1MWM5NjQxOWZjNTIwMjhiMTJlNDU2NTVlZjkx
NGRkYmIwHhcNMjMwMTAxMDUzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU3NzkzYTAwYThhMGFmZWNmNzk4MjExNWMwYjlkYmRlYThiYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3EORzVHI5ptdhBbcZhHFgYbEuAJ
OP76s6hlFZ+5wdxTdEoLuR1KGqkuzIENIffBwUkKmG4+os54GSMBQop4D4Eh12s1
JsnepfswPL14NUyeU+y+vKXlinDqy9i2Nw1wQX2a59WUCdPuDawxcrqrioi7ZOxv
lJcGGzx9s2nk3oL92iRmHyINNwlUWYh16Qk+KeuHbCvA/ynbRjqoGrANC884VAp0
i+3BV+E+XTJP9rdCFIjE5SzrUVbKpJzJ67pES2407+Kv9VzuLhfuBNUeXzLbghag
QwR3d/aUdVDZuVsd+fYwX/VXKc/vI4RBfd5AhYb/LBfn9SxvPHYUpxknfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAlXeToAqKCv7PeYIRXAudveqLrsMB8GA1UdIwQY
MBaAFLemcOUclkGfxSAosS5FZV75FN27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWIt
MTMyOTM3ZDM5Y2VhLzEvQ1ZkNU9nQ29vS19zOTVnaEZjQzUyOTZvdXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWItMTMyOTM3ZDM5Y2Vh
LzEvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULgAwQA
uULjMA0GCSqGSIb3DQEBCwUAA4IBAQBXjv22qXKFg88xdhY3Kr4P2ZldBgfimOTC
8iYVg8AMaQ4EllSzvjQp9sMOXF0MOyYtgmykhpAan+O/BHayR5zLv2I9lBL/2ztc
pdmbZidN7A7ARTtubNa15UJ5GWKG95IoBUwojHbjrYgx7XU4HwOn2V0/nayVAZhm
ZppCsPJgQxvLW/zYMLX66y5EOLElufM6R197nRXv8+gscyAjRkAmm14vpyi0feQN
Ku7AOVHnw7J7zL73gBQw41JqsVwntFXnImQnNKEVcWN8AmgydW7E2zRH2TmKR4Bo
mijUEAKpYDHLzLHoA15mAxp+hXT6lLAgZ7UAAms6BUIzPDDRfRJR
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:45 2024 by rpki-client on console.sobornost.net