Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/jRMeQNIiPhQSWCH3i50h863g71o.roa
File: jRMeQNIiPhQSWCH3i50h863g71o.roa (raw, json)
Hash identifier: nTp9psUaYc0alRwCn1x22ckUASY5VdGrmNquPuKIZ7s=
Subject key identifier: 8D:13:1E:40:D2:22:3E:14:12:58:21:F7:8B:9D:21:F3:AD:E0:EF:5A
Certificate issuer: /CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Certificate serial: 01856F5DE0DD40F86553E53F4179DBEF3260
Authority key identifier: E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/jRMeQNIiPhQSWCH3i50h863g71o.roa
Signing time: Sun 01 Jan 2023 22:05:01 +0000
ROA not before: Sun 01 Jan 2023 22:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207594
IP address blocks: 85.116.152.0/22 maxlen: 22
85.116.152.0/21 maxlen: 21
85.116.148.0/22 maxlen: 22
85.116.158.0/24 maxlen: 24
85.116.159.0/24 maxlen: 24
85.116.156.0/23 maxlen: 23
185.30.80.0/22 maxlen: 22
185.68.192.0/22 maxlen: 22
2a05:10c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e0:dd:40:f8:65:53:e5:3f:41:79:db:ef:32:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Validity
Not Before: Jan 1 22:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d131e40d2223e14125821f78b9d21f3ade0ef5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f4:15:8d:15:36:93:78:38:c1:fa:9b:d9:4c:
72:0e:bd:27:07:c3:41:1c:c4:3d:41:83:b2:63:8b:
eb:bf:6b:bb:de:35:59:59:b4:94:91:e4:6f:18:99:
11:36:71:8c:18:53:b4:ad:bd:69:b6:38:c0:2f:c1:
cc:0c:78:5e:36:5f:84:3a:a8:26:50:ea:04:a7:52:
76:82:73:87:71:76:95:d7:87:ed:45:6e:a6:e9:24:
1f:a3:49:14:66:63:6e:f9:a4:2c:18:89:5e:96:d9:
f7:10:e3:d5:ca:b4:c3:df:5d:39:24:96:a4:ec:65:
ec:39:ff:b5:a0:ba:44:2b:92:5e:f6:0f:1f:19:f0:
bb:da:78:7e:b3:1b:87:60:b6:62:fa:7b:bf:ac:9d:
48:db:0a:03:9c:12:88:38:1f:8b:4e:2f:57:66:f8:
d7:7c:c5:4a:62:6a:cb:08:15:c7:33:de:3a:99:32:
99:49:31:53:b6:24:b8:64:52:0c:8c:5e:86:d5:22:
59:38:72:e9:46:82:27:ee:ff:f1:0f:e2:7c:e6:ea:
f5:7f:30:b2:23:09:e0:45:50:f8:3d:f2:a4:66:d2:
91:ab:48:a0:a5:ca:92:07:73:c7:93:b7:c8:84:af:
81:4a:a0:4c:32:09:4f:f7:43:0f:cc:ed:e9:0d:a9:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:13:1E:40:D2:22:3E:14:12:58:21:F7:8B:9D:21:F3:AD:E0:EF:5A
X509v3 Authority Key Identifier:
keyid:E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/jRMeQNIiPhQSWCH3i50h863g71o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.148.0-85.116.159.255
185.30.80.0/22
185.68.192.0/22
IPv6:
2a05:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
95:31:b5:85:04:dd:ce:4e:39:08:b6:d5:e3:ed:0a:3f:b5:53:
ce:82:90:38:43:41:a3:5e:a9:81:d2:e7:87:7c:23:59:c7:f6:
fe:f3:96:c6:23:e1:28:d8:5c:91:36:78:a9:bb:8c:1a:2c:95:
82:cc:cf:bb:70:ad:9d:f3:f8:75:1a:5e:14:74:6a:3a:3d:79:
4d:2d:55:6f:36:6f:c5:22:de:3f:a8:7a:6e:90:a0:43:1e:f6:
94:7f:b6:6a:0e:17:e8:fe:64:b4:d7:6a:3b:9e:f0:65:07:bb:
34:b8:79:7c:94:7d:25:ee:08:bc:33:c8:d0:2a:8e:bf:4f:55:
b2:16:0d:90:52:f8:59:14:a6:42:54:f2:a8:d7:32:4a:4d:49:
47:3a:b6:a1:f3:d4:94:8e:09:0e:d7:f8:bc:89:b2:ec:0b:82:
00:43:5a:03:9e:cf:88:9b:45:41:4b:b9:a7:56:12:4e:49:ef:
5c:6e:67:10:23:a1:f4:64:44:de:58:c2:c3:be:3b:6c:49:7c:
8f:78:0f:bd:3f:d1:6b:c7:92:d1:17:05:1b:b7:27:cd:1b:d5:
37:42:e8:42:01:81:6f:68:48:a9:76:9c:41:8d:33:71:61:af:
ed:2d:0e:64:48:c5:a1:06:49:e7:e4:18:a7:75:1d:1a:83:00:
36:53:0a:27
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvXeDdQPhlU+U/QXnb7zJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGYyNjRmYTRhNGM5MGRjYjRhOTljY2NlYzUwYzU1MDhm
NDQ0OTgwHhcNMjMwMTAxMjIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDEzMWU0MGQyMjIzZTE0MTI1ODIxZjc4YjlkMjFmM2FkZTBlZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/QVjRU2k3g4wfqb2UxyDr0nB8NB
HMQ9QYOyY4vrv2u73jVZWbSUkeRvGJkRNnGMGFO0rb1ptjjAL8HMDHheNl+EOqgm
UOoEp1J2gnOHcXaV14ftRW6m6SQfo0kUZmNu+aQsGIleltn3EOPVyrTD3105JJak
7GXsOf+1oLpEK5Je9g8fGfC72nh+sxuHYLZi+nu/rJ1I2woDnBKIOB+LTi9XZvjX
fMVKYmrLCBXHM946mTKZSTFTtiS4ZFIMjF6G1SJZOHLpRoIn7v/xD+J85ur1fzCy
IwngRVD4PfKkZtKRq0igpcqSB3PHk7fIhK+BSqBMMglP90MPzO3pDan3vQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFI0THkDSIj4UElgh94udIfOt4O9aMB8GA1UdIwQY
MBaAFOFPJk+kpMkNy0qZzM7FDFUI9ESYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1Mjct
MTM5MDQzNzQ5YzQ4LzEvalJNZVFOSWlQaFFTV0NIM2k1MGg4NjNnNzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1MjctMTM5MDQzNzQ5YzQ4
LzEvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAJVdJQD
BAVVdIADBAK5HlADBAK5RMAwDQQCAAIwBwMFAyoFEMAwDQYJKoZIhvcNAQELBQAD
ggEBAJUxtYUE3c5OOQi21ePtCj+1U86CkDhDQaNeqYHS54d8I1nH9v7zlsYj4SjY
XJE2eKm7jBoslYLMz7twrZ3z+HUaXhR0ajo9eU0tVW82b8Ui3j+oem6QoEMe9pR/
tmoOF+j+ZLTXajue8GUHuzS4eXyUfSXuCLwzyNAqjr9PVbIWDZBS+FkUpkJU8qjX
MkpNSUc6tqHz1JSOCQ7X+LyJsuwLggBDWgOez4ibRUFLuadWEk5J71xuZxAjofRk
RN5YwsO+O2xJfI94D70/0WvHktEXBRu3J80b1TdC6EIBgW9oSKl2nEGNM3Fhr+0t
DmRIxaEGSefkGKd1HRqDADZTCic=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:40 2023 by rpki-client on console.sobornost.net