Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/9Ga1lYuCIdX00l1pYEGp__poXs0.roa
File: 9Ga1lYuCIdX00l1pYEGp__poXs0.roa (raw, json)
Hash identifier: ypF1eOIDRw7thAr1kY16a+4LNS/vqnUohorrFRqDV1E=
Subject key identifier: F4:66:B5:95:8B:82:21:D5:F4:D2:5D:69:60:41:A9:FF:FA:68:5E:CD
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 018B3C26EF2BE9D1C4BCCD2502C1C04B7AA0
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/9Ga1lYuCIdX00l1pYEGp__poXs0.roa
Signing time: Tue 17 Oct 2023 05:41:06 +0000
ROA not before: Tue 17 Oct 2023 05:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48846
IP address blocks: 85.8.180.0/23 maxlen: 24
93.191.136.0/21 maxlen: 24
87.253.224.0/21 maxlen: 24
185.190.111.0/24 maxlen: 24
2a05:5c80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:26:ef:2b:e9:d1:c4:bc:cd:25:02:c1:c0:4b:7a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Oct 17 05:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f466b5958b8221d5f4d25d696041a9fffa685ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:93:88:49:8f:0d:7d:b0:2c:74:35:a6:99:
7c:3d:3e:bf:1e:95:37:15:8c:ba:5f:76:07:f2:2b:
5b:91:2b:b2:20:fc:6e:74:8b:a1:30:6a:1c:3d:98:
2d:5e:9d:45:42:49:f5:1e:e6:4d:ce:e0:02:a6:b1:
d3:55:76:94:64:69:3e:72:47:4a:60:ca:56:2e:31:
20:d0:9d:e7:4d:6f:00:97:ec:85:c1:c4:2f:4f:86:
63:aa:de:60:9f:dc:fb:6c:9f:43:06:cd:c9:a0:23:
0c:c2:c7:80:a9:49:dd:a3:73:69:f1:8f:0f:c0:81:
c7:c1:ce:64:91:77:78:1e:74:c8:d6:8f:bc:68:b2:
bd:b5:da:9f:ca:6d:ce:97:e4:dd:99:37:f6:bc:0f:
cf:a4:a0:f8:f1:80:9d:a7:b6:85:65:9e:a4:a5:e5:
d3:8a:33:4d:c8:c0:da:a3:1d:62:28:79:ad:2f:f8:
23:71:cf:99:70:42:7c:22:60:07:bd:09:9f:36:cf:
e9:eb:0b:70:7f:4c:b6:ea:cf:7e:5e:3e:30:48:93:
bb:01:70:00:a3:f5:7c:25:14:b2:0e:a3:84:0b:31:
2d:6f:5d:fb:60:ec:56:75:d3:b3:66:72:f6:e1:f3:
e6:50:48:8f:bd:74:2c:cb:bc:0f:3e:bc:23:07:f7:
64:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:66:B5:95:8B:82:21:D5:F4:D2:5D:69:60:41:A9:FF:FA:68:5E:CD
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/9Ga1lYuCIdX00l1pYEGp__poXs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.180.0/23
87.253.224.0/21
93.191.136.0/21
185.190.111.0/24
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
1c:85:04:cd:e9:ef:57:30:d1:79:ca:40:d6:a6:3e:10:12:4b:
f9:4b:36:c4:13:5c:4f:f5:97:8c:f1:85:c3:f8:ec:34:57:9c:
f2:bd:86:dc:51:f3:e0:99:6d:9d:24:75:ec:43:52:41:2f:d3:
bb:95:60:ff:63:98:ef:1f:73:f0:bd:69:02:a7:a4:a1:06:0f:
7e:ab:d6:fb:b0:41:66:d6:56:62:82:6b:cf:37:a3:09:a5:3d:
00:16:d9:f3:29:cb:1d:83:fb:bc:9b:e1:d8:35:65:be:e0:0a:
c7:91:55:3d:2a:0e:8e:c9:d2:ff:d1:d5:a2:8b:92:80:a4:bb:
5c:3e:50:4f:be:73:37:3c:9a:f5:c8:9b:22:c3:40:58:a3:ee:
2f:67:7a:da:51:26:0c:c1:34:ae:47:fa:e0:d0:54:ee:ff:bf:
3d:46:5c:24:4e:7c:23:d1:2a:37:1f:fd:08:86:06:e6:0e:76:
c2:1b:65:f0:86:bf:25:84:ae:27:5f:7f:f1:39:0c:e9:a8:5c:
07:08:ea:73:2c:85:0d:fe:93:15:d7:ec:eb:47:62:50:90:53:
93:d1:c4:fa:de:13:5c:99:05:24:b4:43:a1:ca:e5:46:f8:2b:
fa:b3:8e:ad:fd:b0:2b:5f:ce:d7:8e:0c:b4:ad:a6:8d:2b:8f:
13:7a:ae:9b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYs8Ju8r6dHEvM0lAsHAS3qgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjMxMDE3MDU0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY2YjU5NThiODIyMWQ1ZjRkMjVkNjk2MDQxYTlmZmZhNjg1ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxKTiEmPDX2wLHQ1ppl8PT6/HpU3
FYy6X3YH8itbkSuyIPxudIuhMGocPZgtXp1FQkn1HuZNzuACprHTVXaUZGk+ckdK
YMpWLjEg0J3nTW8Al+yFwcQvT4Zjqt5gn9z7bJ9DBs3JoCMMwseAqUndo3Np8Y8P
wIHHwc5kkXd4HnTI1o+8aLK9tdqfym3Ol+TdmTf2vA/PpKD48YCdp7aFZZ6kpeXT
ijNNyMDaox1iKHmtL/gjcc+ZcEJ8ImAHvQmfNs/p6wtwf0y26s9+Xj4wSJO7AXAA
o/V8JRSyDqOECzEtb137YOxWddOzZnL24fPmUEiPvXQsy7wPPrwjB/dkUQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPRmtZWLgiHV9NJdaWBBqf/6aF7NMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEvOUdhMWxZdUNJZFgwMGwxcFlFR3BfX3BvWHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVQi0AwQD
V/3gAwQDXb+IAwQAub5vMA0EAgACMAcDBQMqBVyAMA0GCSqGSIb3DQEBCwUAA4IB
AQAchQTN6e9XMNF5ykDWpj4QEkv5SzbEE1xP9ZeM8YXD+Ow0V5zyvYbcUfPgmW2d
JHXsQ1JBL9O7lWD/Y5jvH3PwvWkCp6ShBg9+q9b7sEFm1lZigmvPN6MJpT0AFtnz
Kcsdg/u8m+HYNWW+4ArHkVU9Kg6OydL/0dWii5KApLtcPlBPvnM3PJr1yJsiw0BY
o+4vZ3raUSYMwTSuR/rg0FTu/789RlwkTnwj0So3H/0IhgbmDnbCG2Xwhr8lhK4n
X3/xOQzpqFwHCOpzLIUN/pMV1+zrR2JQkFOT0cT63hNcmQUktEOhyuVG+Cv6s46t
/bArX87Xjgy0raaNK48Teq6b
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:45 2023 by rpki-client on console.sobornost.net