Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/ac2978-4903-4a87-9015-bf4a38107e99/1/XiQ4DCW-z6F6yqrEciXn1jE2VfQ.roa
File: XiQ4DCW-z6F6yqrEciXn1jE2VfQ.roa (raw, json)
Hash identifier: Rt745+j/h6+ng912HASfIGu4q6IDv6ylbPd5I6BUQhw=
Subject key identifier: 5E:24:38:0C:25:BE:CF:A1:7A:CA:AA:C4:72:25:E7:D6:31:36:55:F4
Certificate issuer: /CN=9adc1290226b8f5b267764fb9565c0bc19833697
Certificate serial: 0185708CB75A0C8BC78D57BD1DF76CAC0951
Authority key identifier: 9A:DC:12:90:22:6B:8F:5B:26:77:64:FB:95:65:C0:BC:19:83:36:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mtwSkCJrj1smd2T7lWXAvBmDNpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/ac2978-4903-4a87-9015-bf4a38107e99/1/XiQ4DCW-z6F6yqrEciXn1jE2VfQ.roa
Signing time: Mon 02 Jan 2023 03:35:48 +0000
ROA not before: Mon 02 Jan 2023 03:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.133.85.0/24 maxlen: 24
185.133.84.0/24 maxlen: 24
185.133.86.0/24 maxlen: 24
185.133.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b7:5a:0c:8b:c7:8d:57:bd:1d:f7:6c:ac:09:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9adc1290226b8f5b267764fb9565c0bc19833697
Validity
Not Before: Jan 2 03:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e24380c25becfa17acaaac47225e7d6313655f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:92:62:12:e5:01:e7:05:fb:4b:e2:78:54:ed:
1c:98:e8:29:29:6b:7c:95:15:2a:3b:b8:da:80:64:
32:92:ae:24:36:50:f3:e0:c1:3e:38:8d:91:69:14:
ee:2e:c7:9d:3f:b9:17:da:86:ed:18:ea:b6:76:d3:
c8:b5:52:4c:3f:ab:83:6e:68:5f:0e:4e:ea:7e:7f:
43:96:b8:99:02:6e:7f:58:93:cf:45:1f:e9:6a:57:
63:7d:67:a1:95:e7:23:97:36:92:b3:d5:2c:73:a2:
b2:53:77:46:4f:56:99:c4:f2:ca:a7:a4:1d:96:30:
07:d4:75:06:02:30:32:d9:e9:bd:1c:2d:33:a9:e0:
57:39:60:2e:b6:dd:9e:f8:4c:1d:1b:81:df:18:e5:
06:86:f7:54:ed:9f:23:ba:c1:d7:d6:6f:9d:f7:61:
7b:a3:99:bc:a9:8b:9a:5a:62:3e:e1:39:3b:19:34:
7b:73:ea:fc:4c:c5:68:4f:0b:49:6c:35:10:36:80:
b6:37:45:53:47:ed:18:cf:bd:09:e2:b7:77:b4:32:
12:1e:b1:02:bf:1e:f7:ca:ce:9d:28:db:2f:d6:d0:
20:32:c7:e5:28:b5:5c:36:ae:23:ce:86:90:d8:6e:
ce:f2:6f:3e:17:4e:c1:28:94:d7:06:ee:92:5a:5f:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:24:38:0C:25:BE:CF:A1:7A:CA:AA:C4:72:25:E7:D6:31:36:55:F4
X509v3 Authority Key Identifier:
keyid:9A:DC:12:90:22:6B:8F:5B:26:77:64:FB:95:65:C0:BC:19:83:36:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtwSkCJrj1smd2T7lWXAvBmDNpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ac2978-4903-4a87-9015-bf4a38107e99/1/XiQ4DCW-z6F6yqrEciXn1jE2VfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ac2978-4903-4a87-9015-bf4a38107e99/1/mtwSkCJrj1smd2T7lWXAvBmDNpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.84.0/22
Signature Algorithm: sha256WithRSAEncryption
48:09:ec:ba:58:8a:51:c0:17:10:26:87:a8:a7:b6:83:f6:ab:
7e:a2:21:1f:00:2f:02:e2:85:c7:ee:b0:47:9d:06:0b:b6:cc:
86:42:62:8b:7a:c7:79:ef:23:b3:c1:81:02:bf:9c:3d:48:50:
59:fd:6e:f7:6f:9f:72:5b:c6:2c:6a:46:53:68:1b:71:89:1a:
51:2c:29:e2:65:95:2d:ff:b1:e3:2f:a5:fc:f1:0f:ad:a7:0c:
41:8b:02:45:d5:02:2a:e8:02:e2:e0:a8:14:1b:df:45:25:7e:
16:b6:74:e5:59:0f:f1:da:d5:05:e4:f2:0e:7f:d6:73:03:06:
bb:ec:77:ab:16:7f:c0:3d:b9:a4:f8:7e:b6:82:23:08:f9:02:
f4:95:b1:ca:60:51:18:ce:fb:aa:e1:55:8f:6e:0c:ed:2d:5b:
f8:7d:67:82:81:e7:89:a2:2d:a3:ea:e4:3c:77:3c:4f:64:00:
0c:8b:58:53:96:92:80:ca:a4:12:24:78:e7:60:53:a7:87:28:
07:cb:82:f0:9b:81:07:96:21:74:e8:32:9b:f3:65:db:74:53:
59:b7:ad:08:ff:ed:e6:46:f6:26:fa:2b:e0:08:22:b9:94:67:
0d:d3:78:22:02:17:79:96:4b:ac:b1:04:cf:12:c1:23:bc:f0:
f7:47:d2:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjLdaDIvHjVe9HfdsrAlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZGMxMjkwMjI2YjhmNWIyNjc3NjRmYjk1NjVjMGJjMTk4
MzM2OTcwHhcNMjMwMTAyMDMzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTI0MzgwYzI1YmVjZmExN2FjYWFhYzQ3MjI1ZTdkNjMxMzY1NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15JiEuUB5wX7S+J4VO0cmOgpKWt8
lRUqO7jagGQykq4kNlDz4ME+OI2RaRTuLsedP7kX2obtGOq2dtPItVJMP6uDbmhf
Dk7qfn9DlriZAm5/WJPPRR/paldjfWehlecjlzaSs9Usc6KyU3dGT1aZxPLKp6Qd
ljAH1HUGAjAy2em9HC0zqeBXOWAutt2e+EwdG4HfGOUGhvdU7Z8jusHX1m+d92F7
o5m8qYuaWmI+4Tk7GTR7c+r8TMVoTwtJbDUQNoC2N0VTR+0Yz70J4rd3tDISHrEC
vx73ys6dKNsv1tAgMsflKLVcNq4jzoaQ2G7O8m8+F07BKJTXBu6SWl/vIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4kOAwlvs+hesqqxHIl59YxNlX0MB8GA1UdIwQY
MBaAFJrcEpAia49bJndk+5VlwLwZgzaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXR3U2tDSnJqMXNtZDJUN2xXWEF2Qm1ETnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hYzI5NzgtNDkwMy00YTg3LTkwMTUt
YmY0YTM4MTA3ZTk5LzEvWGlRNERDVy16NkY2eXFyRWNpWG4xakUyVmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hYzI5NzgtNDkwMy00YTg3LTkwMTUtYmY0YTM4MTA3ZTk5
LzEvbXR3U2tDSnJqMXNtZDJUN2xXWEF2Qm1ETnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYVUMA0G
CSqGSIb3DQEBCwUAA4IBAQBICey6WIpRwBcQJoeop7aD9qt+oiEfAC8C4oXH7rBH
nQYLtsyGQmKLesd57yOzwYECv5w9SFBZ/W73b59yW8YsakZTaBtxiRpRLCniZZUt
/7HjL6X88Q+tpwxBiwJF1QIq6ALi4KgUG99FJX4WtnTlWQ/x2tUF5PIOf9ZzAwa7
7HerFn/APbmk+H62giMI+QL0lbHKYFEYzvuq4VWPbgztLVv4fWeCgeeJoi2j6uQ8
dzxPZAAMi1hTlpKAyqQSJHjnYFOnhygHy4Lwm4EHliF06DKb82XbdFNZt60I/+3m
RvYm+ivgCCK5lGcN03giAhd5lkussQTPEsEjvPD3R9Jt
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:12 2024 by rpki-client on console.sobornost.net