Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/79np9WIO8XGl6hnR9-1ZNfmAJAs.roa
File: 79np9WIO8XGl6hnR9-1ZNfmAJAs.roa (raw, json)
Hash identifier: 7GH23jhCYURA5mCZDpH/y/2hM1lLaAAoRV7qaDIKRJk=
Subject key identifier: EF:D9:E9:F5:62:0E:F1:71:A5:EA:19:D1:F7:ED:59:35:F9:80:24:0B
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 018B3D0CE333BC1CE6FDCC0A5CC81AABF1FB
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/79np9WIO8XGl6hnR9-1ZNfmAJAs.roa
Signing time: Tue 17 Oct 2023 09:52:16 +0000
ROA not before: Tue 17 Oct 2023 09:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48846
IP address blocks: 85.8.180.0/23 maxlen: 24
188.210.216.0/22 maxlen: 24
93.191.136.0/21 maxlen: 24
87.253.224.0/21 maxlen: 24
185.190.108.0/22 maxlen: 24
185.76.212.0/22 maxlen: 24
2a05:5c80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:0c:e3:33:bc:1c:e6:fd:cc:0a:5c:c8:1a:ab:f1:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Oct 17 09:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efd9e9f5620ef171a5ea19d1f7ed5935f980240b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1c:f4:52:40:6a:11:52:20:18:2b:7c:db:4f:
72:f2:cb:ec:95:54:84:2c:02:f3:d3:6f:f8:21:c9:
bd:0d:36:23:c2:e3:02:08:3d:de:85:82:36:2e:f7:
28:21:7a:2d:79:be:ac:45:6f:4c:ca:57:dd:0a:3c:
70:77:54:b1:dd:cc:80:2d:69:9a:52:46:c0:13:82:
61:c2:d9:28:f7:45:52:e8:91:19:c8:6c:a3:b9:c3:
bf:a2:89:22:92:22:18:ae:5d:17:2c:68:78:ad:20:
8a:76:9b:05:fa:e1:00:97:56:e7:10:85:44:79:42:
c0:92:96:8f:f2:d1:ee:49:c2:50:e1:47:1b:4c:ad:
bd:40:ee:68:ce:15:66:ff:58:88:8f:01:f5:8c:55:
1a:4d:26:51:6f:c5:de:3b:4e:09:97:14:60:e8:7f:
b2:b4:84:52:d7:1d:b4:3b:13:7d:74:bc:70:25:af:
d6:ee:af:5f:1c:d6:67:e7:57:36:5d:bd:78:67:67:
ae:90:95:87:54:2a:4f:c8:7e:e5:a0:d1:33:b3:70:
37:95:a4:a7:a4:58:35:38:07:e8:ea:43:f0:5d:3b:
5e:c2:51:9a:03:cc:be:0d:69:d1:eb:8b:e8:b1:ea:
07:8f:33:c1:c6:88:96:9b:77:06:6f:ea:76:78:30:
ee:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D9:E9:F5:62:0E:F1:71:A5:EA:19:D1:F7:ED:59:35:F9:80:24:0B
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/79np9WIO8XGl6hnR9-1ZNfmAJAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.180.0/23
87.253.224.0/21
93.191.136.0/21
185.76.212.0/22
185.190.108.0/22
188.210.216.0/22
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:21:1c:a9:bd:02:45:c4:ca:a4:ae:9a:f1:ce:15:c6:d4:13:
57:0d:a3:73:4a:e3:fa:d6:94:e1:17:dd:32:e0:c4:c2:45:49:
3d:70:1c:83:34:d8:b3:89:3e:3c:07:97:e4:1d:08:07:c0:ae:
04:40:b1:26:20:5f:1c:a0:7f:67:a0:12:5e:30:ee:7a:5a:8a:
e4:a5:c8:fc:bd:db:e1:e7:48:bd:40:2a:86:38:dd:38:fd:b7:
19:84:c7:f4:f8:66:aa:70:f2:d7:fa:a1:3d:6f:0c:cf:04:74:
da:32:7f:0c:72:53:1f:4d:69:0a:9c:0f:fe:a6:9b:b0:b3:fa:
2a:6d:c1:d0:72:3f:1a:71:46:60:80:bd:da:44:7f:82:2a:78:
87:70:c9:5c:42:d9:46:47:73:3d:b8:40:af:e9:31:05:c6:0e:
11:f7:92:ae:27:e9:63:2b:e4:e2:73:a0:11:88:ae:0f:23:65:
d6:fd:7e:a2:63:b9:e1:52:08:5e:4f:2b:ad:ee:6c:52:06:81:
54:63:c2:af:8c:81:39:7e:66:03:d4:00:90:45:88:f1:78:de:
1e:af:b6:7e:89:2c:bb:ea:e5:7a:f2:2d:2e:70:ff:e3:67:e2:
a5:3f:78:9f:d9:2d:90:f5:ae:7c:49:79:ca:e3:a2:7b:ee:59:
00:d0:a1:b1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYs9DOMzvBzm/cwKXMgaq/H7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjMxMDE3MDk1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ5ZTlmNTYyMGVmMTcxYTVlYTE5ZDFmN2VkNTkzNWY5ODAyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hz0UkBqEVIgGCt8209y8svslVSE
LALz02/4Icm9DTYjwuMCCD3ehYI2LvcoIXoteb6sRW9MylfdCjxwd1Sx3cyALWma
UkbAE4Jhwtko90VS6JEZyGyjucO/ookikiIYrl0XLGh4rSCKdpsF+uEAl1bnEIVE
eULAkpaP8tHuScJQ4UcbTK29QO5ozhVm/1iIjwH1jFUaTSZRb8XeO04JlxRg6H+y
tIRS1x20OxN9dLxwJa/W7q9fHNZn51c2Xb14Z2eukJWHVCpPyH7loNEzs3A3laSn
pFg1OAfo6kPwXTtewlGaA8y+DWnR64voseoHjzPBxoiWm3cGb+p2eDDuywIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO/Z6fViDvFxpeoZ0fftWTX5gCQLMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEvNzlucDlXSU84WEdsNmhuUjktMVpOZm1BSkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBVQi0AwQD
V/3gAwQDXb+IAwQCuUzUAwQCub5sAwQCvNLYMA0EAgACMAcDBQMqBVyAMA0GCSqG
SIb3DQEBCwUAA4IBAQBqIRypvQJFxMqkrprxzhXG1BNXDaNzSuP61pThF90y4MTC
RUk9cByDNNiziT48B5fkHQgHwK4EQLEmIF8coH9noBJeMO56Workpcj8vdvh50i9
QCqGON04/bcZhMf0+GaqcPLX+qE9bwzPBHTaMn8MclMfTWkKnA/+ppuws/oqbcHQ
cj8acUZggL3aRH+CKniHcMlcQtlGR3M9uECv6TEFxg4R95KuJ+ljK+Tic6ARiK4P
I2XW/X6iY7nhUgheTyut7mxSBoFUY8KvjIE5fmYD1ACQRYjxeN4er7Z+iSy76uV6
8i0ucP/jZ+KlP3if2S2Q9a58SXnK46J77lkA0KGx
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:43 2024 by rpki-client on console.sobornost.net