Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VzfOjFFiffT2A8G7OUhNCMBOyig.roa
File: VzfOjFFiffT2A8G7OUhNCMBOyig.roa (raw, json)
Hash identifier: 1SzDEABXvCNrlDPeogS3EJmJDRYFstUSBg0ZDIbdVwM=
Subject key identifier: 57:37:CE:8C:51:62:7D:F4:F6:03:C1:BB:39:48:4D:08:C0:4E:CA:28
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01860C48F28913CA9C2E4947CB53A3600751
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VzfOjFFiffT2A8G7OUhNCMBOyig.roa
Signing time: Wed 01 Feb 2023 09:22:32 +0000
ROA not before: Wed 01 Feb 2023 09:22:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202723
IP address blocks: 185.112.59.0/24 maxlen: 24
185.177.237.0/24 maxlen: 24
185.76.240.0/24 maxlen: 24
185.76.241.0/24 maxlen: 24
185.76.242.0/24 maxlen: 24
185.79.138.0/24 maxlen: 24
185.24.109.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.95.230.0/24 maxlen: 24
185.105.47.0/24 maxlen: 24
185.75.135.0/24 maxlen: 24
185.75.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:48:f2:89:13:ca:9c:2e:49:47:cb:53:a3:60:07:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 1 09:22:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5737ce8c51627df4f603c1bb39484d08c04eca28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:ce:d1:b5:00:2a:59:48:7f:39:63:19:20:
ba:86:ba:ce:91:5b:c3:c5:42:d5:04:fd:6a:81:61:
d9:d4:9b:e1:69:2d:c0:17:47:93:ce:74:6c:9d:02:
17:05:94:6a:88:93:91:02:2a:b0:21:65:88:87:26:
dd:ad:36:9f:19:98:6b:06:86:b1:32:c4:81:21:cd:
f7:cd:5c:69:71:55:ba:47:45:ea:2a:c2:92:8f:f7:
6e:8d:0f:2e:ec:ea:72:f2:89:86:9a:fb:3b:22:63:
a1:01:9b:4a:71:14:1a:36:f5:4a:03:23:cc:74:2d:
a0:76:bf:29:ea:dc:7f:bd:2d:8e:63:ce:3e:b3:ac:
2d:49:e8:04:e5:b0:66:07:4b:8a:92:19:a6:14:6b:
d1:f3:9a:59:9d:f4:49:e8:96:64:43:17:66:ec:c9:
23:aa:8a:86:6a:ed:d4:c2:4b:49:9d:a8:2a:f3:03:
56:13:42:75:ff:be:1c:4e:0c:75:46:14:42:e5:78:
35:69:94:83:67:f5:dd:02:28:33:11:38:89:5d:f5:
6c:37:73:3b:79:68:df:f0:c6:e5:36:bc:30:61:f0:
b4:b5:41:45:15:d6:f2:d6:4f:33:63:ea:ed:da:81:
2a:8b:b7:dc:d4:d2:23:6f:83:33:19:8a:f8:50:43:
27:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:37:CE:8C:51:62:7D:F4:F6:03:C1:BB:39:48:4D:08:C0:4E:CA:28
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VzfOjFFiffT2A8G7OUhNCMBOyig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.109.0/24
185.75.134.0/23
185.76.240.0-185.76.242.255
185.77.138.0/23
185.79.138.0/24
185.95.230.0/24
185.105.47.0/24
185.112.59.0/24
185.177.237.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:1a:98:03:00:4b:5c:94:9f:36:c7:b8:31:7f:28:a1:9f:21:
25:83:84:58:0f:5b:09:b8:04:55:63:40:02:c4:38:6b:8b:d5:
c5:a8:f7:ca:fc:fa:56:df:a4:3e:70:f7:83:11:9c:96:42:6e:
44:ff:a5:54:21:39:83:c1:4b:62:cf:b8:15:90:f7:e0:4a:68:
6b:b1:36:6f:b7:d4:25:86:cc:55:3e:1d:f9:0d:26:cc:58:37:
e7:ad:6a:9a:68:50:8a:2c:bf:10:b5:7d:7f:e3:f7:09:59:aa:
8b:c3:08:b4:2c:c2:28:b6:59:ac:f1:29:a5:ae:98:46:46:5d:
af:44:fc:7a:71:07:b8:ec:d2:56:09:04:c9:80:18:9e:be:ee:
a8:88:94:76:4b:60:e8:9e:d9:a8:eb:c9:9e:69:9a:bd:4d:25:
19:ea:60:cc:c8:b7:66:d8:8d:15:09:6d:64:4d:ab:e9:6f:10:
19:4a:b7:46:50:59:d3:2c:90:a9:0e:26:8b:d1:30:42:56:7a:
a6:7e:d8:11:aa:79:7f:d6:2c:be:66:ad:c4:a0:aa:76:79:66:
12:43:bb:04:e9:7b:82:c6:36:8e:64:44:5d:24:43:9f:7c:ce:
5c:08:42:7d:c0:b9:f9:7f:c2:05:d4:51:ed:e6:2e:eb:6a:32:
b7:89:09:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYYMSPKJE8qcLklHy1OjYAdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjAxMDkyMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM3Y2U4YzUxNjI3ZGY0ZjYwM2MxYmIzOTQ4NGQwOGMwNGVjYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGjO0bUAKllIfzljGSC6hrrOkVvD
xULVBP1qgWHZ1JvhaS3AF0eTznRsnQIXBZRqiJORAiqwIWWIhybdrTafGZhrBoax
MsSBIc33zVxpcVW6R0XqKsKSj/dujQ8u7Opy8omGmvs7ImOhAZtKcRQaNvVKAyPM
dC2gdr8p6tx/vS2OY84+s6wtSegE5bBmB0uKkhmmFGvR85pZnfRJ6JZkQxdm7Mkj
qoqGau3UwktJnagq8wNWE0J1/74cTgx1RhRC5Xg1aZSDZ/XdAigzETiJXfVsN3M7
eWjf8MblNrwwYfC0tUFFFdby1k8zY+rt2oEqi7fc1NIjb4MzGYr4UEMnxQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFc3zoxRYn309gPBuzlITQjATsooMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvVnpmT2pGRmlmZlQyQThHN09VaE5DTUJPeWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAuRhtAwQB
uUuGMAwDBAS5TPADBAC5TPIDBAG5TYoDBAC5T4oDBAC5X+YDBAC5aS8DBAC5cDsD
BAC5se0wDQYJKoZIhvcNAQELBQADggEBAIwamAMAS1yUnzbHuDF/KKGfISWDhFgP
Wwm4BFVjQALEOGuL1cWo98r8+lbfpD5w94MRnJZCbkT/pVQhOYPBS2LPuBWQ9+BK
aGuxNm+31CWGzFU+HfkNJsxYN+etappoUIosvxC1fX/j9wlZqovDCLQswii2Wazx
KaWumEZGXa9E/HpxB7js0lYJBMmAGJ6+7qiIlHZLYOie2ajryZ5pmr1NJRnqYMzI
t2bYjRUJbWRNq+lvEBlKt0ZQWdMskKkOJovRMEJWeqZ+2BGqeX/WLL5mrcSgqnZ5
ZhJDuwTpe4LGNo5kRF0kQ598zlwIQn3Aufl/wgXUUe3mLutqMreJCd0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:45 2023 by rpki-client on console.sobornost.net