Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YIEW9JpXZoa0LT-zJLU8zEZAi90.roa
File: YIEW9JpXZoa0LT-zJLU8zEZAi90.roa (raw, json)
Hash identifier: zPGS0m+pO7GO7JS55YkPM9RQKZ22B5tBOI1vRL/eJFo=
Subject key identifier: 60:81:16:F4:9A:57:66:86:B4:2D:3F:B3:24:B5:3C:CC:46:40:8B:DD
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 01857079BEB0C425BD0450438D45D400990C
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YIEW9JpXZoa0LT-zJLU8zEZAi90.roa
Signing time: Mon 02 Jan 2023 03:15:04 +0000
ROA not before: Mon 02 Jan 2023 03:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43212
IP address blocks: 217.60.192.0/22 maxlen: 22
217.60.188.0/22 maxlen: 22
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
217.60.203.0/24 maxlen: 24
217.60.201.0/24 maxlen: 24
94.182.14.0/24 maxlen: 24
217.60.202.0/24 maxlen: 24
217.60.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:be:b0:c4:25:bd:04:50:43:8d:45:d4:00:99:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 2 03:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=608116f49a576686b42d3fb324b53ccc46408bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e1:9d:bc:39:38:1d:bc:63:dc:70:d5:9b:42:
5d:75:3c:15:8a:df:9a:fd:45:75:36:dc:72:d7:da:
6f:a1:27:3c:88:0e:c1:da:f2:71:70:30:61:6a:4c:
7e:5a:fe:2a:45:47:04:2b:2b:c3:3e:5d:85:22:29:
88:78:25:e6:dc:76:47:4a:a0:d1:7a:9a:b0:a7:26:
5c:c9:db:9d:a7:94:06:e3:4f:bd:a2:50:75:f0:7b:
d8:c8:64:47:c0:47:41:f6:52:3b:ee:48:97:fe:7d:
8b:e3:49:ba:1a:43:e7:7e:0a:af:41:fe:5f:f7:56:
cf:55:30:4d:32:fe:4a:50:93:59:8e:ab:0a:d4:9a:
0a:a5:3c:e5:1b:64:64:2a:56:b8:07:e9:d3:44:b0:
a9:ec:da:c7:4f:53:4e:ad:97:d1:6e:d8:91:a6:b2:
eb:51:cc:56:a4:c0:f4:c1:78:1b:cc:65:69:66:a1:
2c:23:5e:98:6a:0f:a2:49:17:7f:0b:c0:59:17:7a:
e3:96:51:f2:ea:02:36:69:23:69:8c:5e:66:f3:c9:
84:03:40:1f:a5:9a:d5:08:db:89:58:0a:6c:0b:ac:
d0:a9:3e:38:c6:1c:82:8b:01:96:d8:f2:db:e6:2e:
3d:e7:3a:39:4f:f6:96:64:45:28:92:47:c5:53:8b:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:81:16:F4:9A:57:66:86:B4:2D:3F:B3:24:B5:3C:CC:46:40:8B:DD
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YIEW9JpXZoa0LT-zJLU8zEZAi90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.14.0/24
217.60.188.0-217.60.203.255
Signature Algorithm: sha256WithRSAEncryption
1c:79:c3:ff:3e:7d:8e:8a:8d:1d:aa:cb:9c:4d:d1:46:39:d4:
84:90:01:82:3e:b3:e6:a6:9f:07:ea:89:6d:d1:61:00:1e:a1:
6a:17:a5:a1:44:51:b6:4a:ad:97:63:b8:61:e6:5e:ff:a6:09:
a3:fa:ba:2c:fa:5e:12:34:44:03:9f:9c:8c:18:e2:1a:7f:3f:
8b:48:75:35:6e:97:f9:4f:68:6a:5b:38:7a:c2:59:19:78:19:
63:45:ba:ea:3a:a8:51:22:6d:c5:1b:9a:d7:97:38:93:a0:01:
c5:4f:ae:f3:18:5b:19:fa:48:71:46:ac:2f:44:11:bf:ed:29:
27:7a:0d:9e:bd:2d:0c:82:c9:2f:0c:4f:f5:cc:df:65:cc:46:
94:43:15:bf:13:a4:d7:62:2f:66:c5:c0:52:a5:a3:c7:a9:34:
25:4b:a3:7f:4f:9d:90:36:6a:08:e7:48:e3:91:9a:ba:e8:8d:
b0:bd:e2:5c:d8:ba:1f:ef:fb:79:96:f4:3b:92:98:35:d7:e8:
d6:77:b8:81:0a:dd:ec:19:19:5a:0a:6e:da:9d:44:44:3c:ed:
6a:b1:84:3e:d4:29:94:a1:3c:fb:88:cf:bf:af:73:f3:ff:bd:
9f:c3:2b:b9:f1:06:97:a6:bc:4b:1c:67:10:d1:ad:0d:8b:0e:
21:44:a0:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVweb6wxCW9BFBDjUXUAJkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMwMTAyMDMxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgxMTZmNDlhNTc2Njg2YjQyZDNmYjMyNGI1M2NjYzQ2NDA4YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweGdvDk4Hbxj3HDVm0JddTwVit+a
/UV1Ntxy19pvoSc8iA7B2vJxcDBhakx+Wv4qRUcEKyvDPl2FIimIeCXm3HZHSqDR
epqwpyZcydudp5QG40+9olB18HvYyGRHwEdB9lI77kiX/n2L40m6GkPnfgqvQf5f
91bPVTBNMv5KUJNZjqsK1JoKpTzlG2RkKla4B+nTRLCp7NrHT1NOrZfRbtiRprLr
UcxWpMD0wXgbzGVpZqEsI16Yag+iSRd/C8BZF3rjllHy6gI2aSNpjF5m88mEA0Af
pZrVCNuJWApsC6zQqT44xhyCiwGW2PLb5i495zo5T/aWZEUokkfFU4s2SQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGCBFvSaV2aGtC0/syS1PMxGQIvdMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvWUlFVzlKcFhab2EwTFQtekpMVTh6RVpBaTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXrYOMAwD
BALZPLwDBALZPMgwDQYJKoZIhvcNAQELBQADggEBABx5w/8+fY6KjR2qy5xN0UY5
1ISQAYI+s+amnwfqiW3RYQAeoWoXpaFEUbZKrZdjuGHmXv+mCaP6uiz6XhI0RAOf
nIwY4hp/P4tIdTVul/lPaGpbOHrCWRl4GWNFuuo6qFEibcUbmteXOJOgAcVPrvMY
Wxn6SHFGrC9EEb/tKSd6DZ69LQyCyS8MT/XM32XMRpRDFb8TpNdiL2bFwFKlo8ep
NCVLo39PnZA2agjnSOORmrrojbC94lzYuh/v+3mW9DuSmDXX6NZ3uIEK3ewZGVoK
btqdREQ87WqxhD7UKZShPPuIz7+vc/P/vZ/DK7nxBpemvEscZxDRrQ2LDiFEoJA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:01 2024 by rpki-client on console.sobornost.net