Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/NfyW538Bhe6ec5nf2jEp8L7QthM.roa
File: NfyW538Bhe6ec5nf2jEp8L7QthM.roa (raw, json)
Hash identifier: 2+IT5OqMnzZ+BDTffydPxquO92VLYxxVBfDxhhLfu54=
Subject key identifier: 35:FC:96:E7:7F:01:85:EE:9E:73:99:DF:DA:31:29:F0:BE:D0:B6:13
Certificate issuer: /CN=ed64691c31892cc991ad4e9a9671147759e417ab
Certificate serial: 0189263319E2C43A8E3B8D96F7A51D9AAA49
Authority key identifier: ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/NfyW538Bhe6ec5nf2jEp8L7QthM.roa
Signing time: Wed 05 Jul 2023 13:17:10 +0000
ROA not before: Wed 05 Jul 2023 13:17:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8218
IP address blocks: 185.75.241.0/24 maxlen: 24
2a05:5504:6::/48 maxlen: 48
2a05:5504:11::/48 maxlen: 48
2a05:5504:1::/48 maxlen: 48
2a05:5504:7::/48 maxlen: 48
2a05:5504:2::/48 maxlen: 48
2a05:5504:8::/48 maxlen: 48
2a05:5500::/44 maxlen: 44
2a05:5504:3::/48 maxlen: 48
2a05:5504:9::/48 maxlen: 48
2a05:5504:4::/48 maxlen: 48
2a05:5504:5::/48 maxlen: 48
2a05:5504:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:33:19:e2:c4:3a:8e:3b:8d:96:f7:a5:1d:9a:aa:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed64691c31892cc991ad4e9a9671147759e417ab
Validity
Not Before: Jul 5 13:17:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35fc96e77f0185ee9e7399dfda3129f0bed0b613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:67:90:d4:97:a7:82:5f:1e:cd:37:14:f0:0c:
9f:71:ff:fe:ad:89:a7:ce:e1:e4:db:8c:0c:49:47:
6c:87:6b:10:8e:88:64:fb:e7:4c:c7:e7:5e:64:91:
97:aa:93:2a:f3:a6:7d:e0:42:c5:68:f4:d4:e1:cc:
35:fa:41:8d:b4:19:04:c7:dc:2f:1c:8e:de:9e:b1:
d6:bb:aa:2b:47:b9:08:e9:bd:da:fa:01:da:5b:48:
48:f0:bd:fa:8f:3b:74:5c:f0:68:82:f8:29:13:3c:
55:a7:9f:f2:ec:e0:78:ff:f8:e9:7e:98:1c:b7:4c:
46:01:f5:80:bf:e4:69:5e:15:85:ef:c2:93:24:e9:
c9:e9:c7:b1:de:3f:7c:38:63:f6:4f:27:71:94:01:
97:b4:3b:7a:c2:b0:fe:87:40:03:70:e4:00:c6:47:
53:82:9a:df:12:87:d1:0a:aa:fc:23:eb:03:57:76:
7c:b2:13:10:4c:12:f5:bf:5b:23:e8:64:b7:74:5f:
fa:7b:2d:63:5f:1f:61:10:5b:5b:a9:5b:5a:19:1b:
4b:5a:9b:92:a9:fe:a2:ba:e6:3e:6d:bc:85:16:a9:
cd:55:c2:9c:62:dd:e0:3f:59:5d:e8:73:e0:49:c3:
d2:41:db:3e:83:fa:cd:25:12:7e:52:92:45:c4:51:
34:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FC:96:E7:7F:01:85:EE:9E:73:99:DF:DA:31:29:F0:BE:D0:B6:13
X509v3 Authority Key Identifier:
keyid:ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/NfyW538Bhe6ec5nf2jEp8L7QthM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.241.0/24
IPv6:
2a05:5500::/44
2a05:5504:1::-2a05:5504:9:ffff:ffff:ffff:ffff:ffff
2a05:5504:10::/47
Signature Algorithm: sha256WithRSAEncryption
8a:a2:fd:16:4b:07:98:12:80:71:1a:85:42:b2:e2:9e:50:f4:
d7:51:2d:6c:90:c3:46:60:dd:54:86:ae:a9:fb:e7:25:3b:a6:
0d:6f:94:55:e9:c1:fe:65:4c:77:e6:38:1d:4c:62:e1:bb:5f:
dd:b6:c9:6e:cf:ca:4b:c2:b3:34:e4:55:15:5b:7c:23:b1:81:
cd:46:4a:3d:17:4e:e3:30:bf:5b:e6:ad:09:f9:d2:59:15:62:
10:0d:57:71:f4:c3:86:37:2d:3d:f0:ba:23:72:a7:e1:31:47:
a8:95:aa:42:b9:e1:ea:55:b8:aa:eb:4f:c8:fe:97:f0:26:fe:
da:87:7d:c8:b4:e9:37:67:38:ac:b8:c6:55:e3:a0:05:86:81:
be:21:26:ab:89:8a:b8:0d:8e:77:7f:92:ec:e6:75:20:ef:eb:
2c:78:19:e5:6d:04:41:e8:3b:00:e4:ff:36:ca:85:d2:a0:17:
84:2a:ad:52:8d:4c:45:f6:21:10:4c:ab:14:a7:66:4e:a5:e0:
3e:53:1a:31:e5:1f:c1:e5:1d:35:50:44:81:aa:be:6b:55:c8:
f6:88:75:34:c2:0d:19:be:80:6b:92:14:97:9c:1f:21:50:ac:
e6:59:f3:88:59:ec:21:2a:14:c9:87:e2:40:01:61:b7:cc:7f:
65:24:12:fc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYkmMxnixDqOO42W96UdmqpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjQ2OTFjMzE4OTJjYzk5MWFkNGU5YTk2NzExNDc3NTll
NDE3YWIwHhcNMjMwNzA1MTMxNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZjOTZlNzdmMDE4NWVlOWU3Mzk5ZGZkYTMxMjlmMGJlZDBiNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2eQ1Jengl8ezTcU8Ayfcf/+rYmn
zuHk24wMSUdsh2sQjohk++dMx+deZJGXqpMq86Z94ELFaPTU4cw1+kGNtBkEx9wv
HI7enrHWu6orR7kI6b3a+gHaW0hI8L36jzt0XPBogvgpEzxVp5/y7OB4//jpfpgc
t0xGAfWAv+RpXhWF78KTJOnJ6cex3j98OGP2TydxlAGXtDt6wrD+h0ADcOQAxkdT
gprfEofRCqr8I+sDV3Z8shMQTBL1v1sj6GS3dF/6ey1jXx9hEFtbqVtaGRtLWpuS
qf6iuuY+bbyFFqnNVcKcYt3gP1ld6HPgScPSQds+g/rNJRJ+UpJFxFE05QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDX8lud/AYXunnOZ39oxKfC+0LYTMB8GA1UdIwQY
MBaAFO1kaRwxiSzJka1OmpZxFHdZ5BerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjIt
N2M3ZGIyMTIzMGEzLzEvTmZ5VzUzOEJoZTZlYzVuZjJqRXA4TDdRdGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjItN2M3ZGIyMTIzMGEz
LzEvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQAuUvxMCwE
AgACMCYDBwQqBVUAAAAwEgMHACoFVQQAAQMHASoFVQQACAMHASoFVQQAEDANBgkq
hkiG9w0BAQsFAAOCAQEAiqL9FksHmBKAcRqFQrLinlD011EtbJDDRmDdVIauqfvn
JTumDW+UVenB/mVMd+Y4HUxi4btf3bbJbs/KS8KzNORVFVt8I7GBzUZKPRdO4zC/
W+atCfnSWRViEA1XcfTDhjctPfC6I3Kn4TFHqJWqQrnh6lW4qutPyP6X8Cb+2od9
yLTpN2c4rLjGVeOgBYaBviEmq4mKuA2Od3+S7OZ1IO/rLHgZ5W0EQeg7AOT/NsqF
0qAXhCqtUo1MRfYhEEyrFKdmTqXgPlMaMeUfweUdNVBEgaq+a1XI9oh1NMINGb6A
a5IUl5wfIVCs5lnziFnsISoUyYfiQAFht8x/ZSQS/A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:44 2023 by rpki-client on console.sobornost.net