Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/pEJoZ__0p5b51ZrN22doi3oqTWI.roa
File: pEJoZ__0p5b51ZrN22doi3oqTWI.roa (raw, json)
Hash identifier: MlLk5xhNHsmUF37NWW2rn3sPV2fdOW/f0tDLIis3pdI=
Subject key identifier: A4:42:68:67:FF:F4:A7:96:F9:D5:9A:CD:DB:67:68:8B:7A:2A:4D:62
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 018B3D0BF9FCA166989BBB39149079C26B58
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/pEJoZ__0p5b51ZrN22doi3oqTWI.roa
Signing time: Tue 17 Oct 2023 09:51:16 +0000
ROA not before: Tue 17 Oct 2023 09:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48846
IP address blocks: 85.8.180.0/23 maxlen: 24
188.210.216.0/22 maxlen: 24
93.191.136.0/21 maxlen: 24
87.253.224.0/21 maxlen: 24
185.190.108.0/22 maxlen: 24
185.190.111.0/24 maxlen: 24
185.76.212.0/22 maxlen: 24
2a05:5c80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:0b:f9:fc:a1:66:98:9b:bb:39:14:90:79:c2:6b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Oct 17 09:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4426867fff4a796f9d59acddb67688b7a2a4d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:83:36:e4:a8:71:25:ef:75:69:b2:f9:79:
4c:0c:97:34:fe:a2:0e:91:d6:eb:c0:29:cd:6d:cd:
01:05:0b:4a:95:44:29:cb:d6:de:a0:37:ee:dd:c7:
c9:e8:85:a1:4e:a0:35:6a:0e:e2:f6:8d:95:59:3b:
3f:df:ed:7f:53:1e:c1:c0:05:8e:a8:26:8f:a2:de:
39:70:b2:9f:f6:d4:c9:5c:4e:9c:e5:ae:a3:1b:c4:
b3:39:ba:49:25:87:77:cb:d1:3c:8b:a1:78:9c:93:
a1:06:30:68:51:33:de:54:a2:bc:2f:f6:38:b6:c0:
90:0a:67:10:aa:d0:fa:40:3c:1e:65:93:7d:3c:a6:
e7:1b:63:7e:c6:35:47:2f:3c:87:5c:a5:22:ce:91:
71:15:2b:03:58:9e:c6:1d:04:de:b5:62:b0:89:de:
4b:d0:cb:e9:32:4d:f6:d8:71:ed:92:e3:a0:e1:f4:
77:e2:e5:66:a7:4f:38:ea:c3:f7:6d:b2:84:44:41:
5f:76:5f:d7:aa:d9:df:84:f3:e4:6f:a6:c3:7c:2c:
fd:dd:77:7d:50:1e:c5:53:e3:03:b4:a9:f5:49:19:
08:f6:99:7a:d8:fb:28:86:dd:26:15:dc:5e:69:28:
a8:0d:d8:b8:43:4e:fa:ef:8e:64:cd:25:b9:ed:0a:
fe:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:42:68:67:FF:F4:A7:96:F9:D5:9A:CD:DB:67:68:8B:7A:2A:4D:62
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/pEJoZ__0p5b51ZrN22doi3oqTWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.180.0/23
87.253.224.0/21
93.191.136.0/21
185.76.212.0/22
185.190.108.0/22
188.210.216.0/22
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
a3:94:b9:70:8c:df:16:35:48:b0:b7:a9:a3:95:f1:94:f3:1b:
5a:9b:e0:80:f0:fd:1c:65:f3:88:2d:bb:90:a6:8c:30:a6:e6:
81:86:a2:2f:23:da:40:9f:18:48:b8:e7:7d:e0:23:c8:a9:e5:
ea:ec:0a:a0:c4:48:59:06:a4:63:68:a5:95:1a:ec:07:3c:ff:
61:3e:ad:76:25:95:77:da:53:60:ef:91:70:91:2d:88:fd:7c:
e3:3d:5c:7f:f4:19:44:75:65:b9:09:22:db:be:fb:ec:82:84:
be:20:8d:70:70:53:04:4e:5b:c8:45:c4:5c:4c:87:97:b3:bb:
fb:cc:4f:5c:61:7d:83:92:f6:49:2c:98:dc:be:88:dd:24:ac:
e0:78:a0:bc:c7:39:e9:c8:63:a2:bc:4c:a0:1d:1f:d0:0a:f3:
90:fb:a4:b7:20:0b:4d:69:a5:e0:3c:b2:90:ce:b7:d4:6f:d2:
d6:bb:6d:5c:95:94:12:d7:f4:b3:6e:37:45:92:86:cb:86:c7:
28:31:e4:5e:15:3c:1f:25:7f:12:c4:96:3d:18:5a:05:a4:d1:
8b:80:58:4c:65:fa:72:4d:71:11:70:de:bb:e9:0d:0c:3a:30:
59:bc:2a:f5:6b:83:44:6a:b7:ed:82:52:c0:30:9d:9f:8a:d0:
d7:5d:db:55
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYs9C/n8oWaYm7s5FJB5wmtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjMxMDE3MDk1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQyNjg2N2ZmZjRhNzk2ZjlkNTlhY2RkYjY3Njg4YjdhMmE0ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEODNuSocSXvdWmy+XlMDJc0/qIO
kdbrwCnNbc0BBQtKlUQpy9beoDfu3cfJ6IWhTqA1ag7i9o2VWTs/3+1/Ux7BwAWO
qCaPot45cLKf9tTJXE6c5a6jG8SzObpJJYd3y9E8i6F4nJOhBjBoUTPeVKK8L/Y4
tsCQCmcQqtD6QDweZZN9PKbnG2N+xjVHLzyHXKUizpFxFSsDWJ7GHQTetWKwid5L
0MvpMk322HHtkuOg4fR34uVmp0846sP3bbKEREFfdl/XqtnfhPPkb6bDfCz93Xd9
UB7FU+MDtKn1SRkI9pl62Psoht0mFdxeaSioDdi4Q076745kzSW57Qr+4wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKRCaGf/9KeW+dWazdtnaIt6Kk1iMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEvcEVKb1pfXzBwNWI1MVpyTjIyZG9pM29xVFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBVQi0AwQD
V/3gAwQDXb+IAwQCuUzUAwQCub5sAwQCvNLYMA0EAgACMAcDBQMqBVyAMA0GCSqG
SIb3DQEBCwUAA4IBAQCjlLlwjN8WNUiwt6mjlfGU8xtam+CA8P0cZfOILbuQpoww
puaBhqIvI9pAnxhIuOd94CPIqeXq7AqgxEhZBqRjaKWVGuwHPP9hPq12JZV32lNg
75FwkS2I/XzjPVx/9BlEdWW5CSLbvvvsgoS+II1wcFMETlvIRcRcTIeXs7v7zE9c
YX2DkvZJLJjcvojdJKzgeKC8xznpyGOivEygHR/QCvOQ+6S3IAtNaaXgPLKQzrfU
b9LWu21clZQS1/SzbjdFkobLhscoMeReFTwfJX8SxJY9GFoFpNGLgFhMZfpyTXER
cN676Q0MOjBZvCr1a4NEarftglLAMJ2fitDXXdtV
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:45 2023 by rpki-client on console.sobornost.net