Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0SPcWG8yIqIFhC4MseZejmU55GQ.roa
File: 0SPcWG8yIqIFhC4MseZejmU55GQ.roa (raw, json)
Hash identifier: iIbCKGXLRP9aZDH1Dw8cpSsd9JlMVhGlG7hn4xnldXA=
Subject key identifier: D1:23:DC:58:6F:32:22:A2:05:84:2E:0C:B1:E6:5E:8E:65:39:E4:64
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018BE77C3F86CC85C99109CC3A0A087C792E
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0SPcWG8yIqIFhC4MseZejmU55GQ.roa
Signing time: Sun 19 Nov 2023 12:09:21 +0000
ROA not before: Sun 19 Nov 2023 12:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 151.238.144.0/23 maxlen: 23
31.58.238.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
94.182.57.0/24 maxlen: 24
151.247.232.0/22 maxlen: 22
94.182.56.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
94.182.58.0/24 maxlen: 24
94.182.56.0/24 maxlen: 24
151.247.236.0/22 maxlen: 22
151.247.237.0/24 maxlen: 24
94.182.61.0/24 maxlen: 24
94.182.60.0/22 maxlen: 22
94.182.60.0/24 maxlen: 24
151.247.238.0/24 maxlen: 24
94.182.62.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
94.182.59.0/24 maxlen: 24
151.247.236.0/24 maxlen: 24
94.182.63.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.58.254.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e7:7c:3f:86:cc:85:c9:91:09:cc:3a:0a:08:7c:79:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 19 12:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d123dc586f3222a205842e0cb1e65e8e6539e464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:88:bd:c4:44:17:6c:7f:6f:0f:53:e7:2f:
da:94:25:c4:73:19:7e:2c:74:fb:81:a4:27:45:7b:
76:8d:86:d5:77:3a:55:cd:33:de:65:82:80:c7:94:
0a:72:49:44:e4:5e:31:97:f6:ba:ec:8c:7d:3a:88:
66:9b:e0:41:9c:f7:91:be:26:39:f0:5f:dd:4d:2e:
ad:ef:d1:b6:21:6c:8a:dc:b0:b8:cb:2c:14:f5:12:
88:28:1c:f6:f5:6e:1f:2a:42:34:51:2a:ff:47:60:
03:5e:df:ca:92:7c:23:80:e7:97:3e:c8:c9:e2:62:
5a:9d:d0:22:e4:1a:42:1b:7b:64:f8:b7:55:19:df:
40:72:3a:bc:7d:d6:45:df:f3:71:a6:78:ba:a9:88:
47:98:cf:74:d7:21:08:5d:03:c4:9b:8f:cc:8d:33:
fe:03:6b:ed:95:14:4e:cf:af:2d:08:f2:38:74:5b:
b1:c6:52:12:5e:c5:01:98:78:f0:2d:be:32:7e:ba:
4d:b0:c3:2e:23:94:72:01:b2:eb:59:3f:18:83:22:
d8:42:f1:53:5d:d0:e2:64:83:22:5e:6f:bb:eb:e2:
94:f9:db:7b:a0:59:1c:43:91:c2:fd:91:4b:92:9e:
e5:0f:5f:ce:ad:95:c1:8c:9f:55:39:4c:6c:6b:67:
58:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:23:DC:58:6F:32:22:A2:05:84:2E:0C:B1:E6:5E:8E:65:39:E4:64
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/0SPcWG8yIqIFhC4MseZejmU55GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.1.255
31.59.8.0/23
31.59.12.0/22
94.182.56.0/21
151.238.144.0/23
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
5b:28:97:84:20:85:0c:06:cb:19:37:68:e2:6b:02:39:92:b8:
bd:62:4d:58:5a:d1:1a:1d:26:9a:b5:e2:f0:d8:9f:e3:5a:04:
b0:6f:18:0d:ac:6a:22:38:04:0a:07:0f:07:da:6c:68:cb:85:
12:6e:2c:6a:da:1c:5e:34:a6:38:b1:72:ae:41:fa:2d:bf:96:
27:af:9c:d8:b1:55:22:b5:e6:2d:bc:d4:01:9f:c6:25:8f:6e:
f1:22:16:07:62:48:98:c3:e1:d2:12:36:ac:59:05:5e:d7:34:
c8:86:1c:27:cc:22:65:a2:a7:52:e1:38:58:5f:10:d4:9a:77:
05:28:a0:ac:69:b0:9b:eb:bd:65:90:26:86:28:d8:e7:44:84:
fb:81:07:36:0b:6b:dd:a1:b4:16:e7:48:d8:2d:6d:02:62:3a:
1d:73:f0:fe:c0:e6:1c:64:d5:1b:44:d7:70:51:a6:fd:c7:ec:
53:fe:10:73:81:a4:6e:9c:0b:18:de:ff:42:79:fc:ad:40:7b:
71:5d:5f:7b:bc:95:43:10:26:5a:97:ac:4b:01:98:eb:e2:ba:
71:f5:57:9e:39:9c:2f:8a:59:e0:fd:34:64:04:7d:3b:97:8c:
b8:a9:dc:1e:c2:f2:fa:43:17:4c:b6:44:97:ab:a6:79:aa:81:
5a:60:e2:79
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYvnfD+GzIXJkQnMOgoIfHkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMTE5MTIwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTIzZGM1ODZmMzIyMmEyMDU4NDJlMGNiMWU2NWU4ZTY1MzllNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3aIvcREF2x/bw9T5y/alCXEcxl+
LHT7gaQnRXt2jYbVdzpVzTPeZYKAx5QKcklE5F4xl/a67Ix9Oohmm+BBnPeRviY5
8F/dTS6t79G2IWyK3LC4yywU9RKIKBz29W4fKkI0USr/R2ADXt/KknwjgOeXPsjJ
4mJandAi5BpCG3tk+LdVGd9Acjq8fdZF3/Nxpni6qYhHmM901yEIXQPEm4/MjTP+
A2vtlRROz68tCPI4dFuxxlISXsUBmHjwLb4yfrpNsMMuI5RyAbLrWT8YgyLYQvFT
XdDiZIMiXm+76+KU+dt7oFkcQ5HC/ZFLkp7lD1/OrZXBjJ9VOUxsa2dYKQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNEj3FhvMiKiBYQuDLHmXo5lOeRkMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvMFNQY1dHOHlJcUlGaEM0TXNlWmVqbVU1NUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAIfOuwD
BAEfOwADBAEfOwgDBAIfOwwDBANetjgDBAGX7pAwDAMEApf35AMEAZf38DANBgkq
hkiG9w0BAQsFAAOCAQEAWyiXhCCFDAbLGTdo4msCOZK4vWJNWFrRGh0mmrXi8Nif
41oEsG8YDaxqIjgECgcPB9psaMuFEm4satocXjSmOLFyrkH6Lb+WJ6+c2LFVIrXm
LbzUAZ/GJY9u8SIWB2JImMPh0hI2rFkFXtc0yIYcJ8wiZaKnUuE4WF8Q1Jp3BSig
rGmwm+u9ZZAmhijY50SE+4EHNgtr3aG0FudI2C1tAmI6HXPw/sDmHGTVG0TXcFGm
/cfsU/4Qc4GkbpwLGN7/Qnn8rUB7cV1fe7yVQxAmWpesSwGY6+K6cfVXnjmcL4pZ
4P00ZAR9O5eMuKncHsLy+kMXTLZEl6umeaqBWmDieQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net