Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iS8bwhaoiuC0E79j-QrAzMx2m8A.roa
File: iS8bwhaoiuC0E79j-QrAzMx2m8A.roa (raw, json)
Hash identifier: owcnNZ5tiaQzS2eDhXB5rasf1LVQ24xMrv7UhkskuPQ=
Subject key identifier: 89:2F:1B:C2:16:A8:8A:E0:B4:13:BF:63:F9:0A:C0:CC:CC:76:9B:C0
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C96A367DBC77B707657B85EA7F8FAC6
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iS8bwhaoiuC0E79j-QrAzMx2m8A.roa
Signing time: Mon 28 Aug 2023 14:40:19 +0000
ROA not before: Mon 28 Aug 2023 14:40:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51474
IP address blocks: 31.131.160.0/22 maxlen: 22
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
194.213.6.0/24 maxlen: 24
91.239.164.0/23 maxlen: 23
91.233.193.0/24 maxlen: 24
91.233.194.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
194.107.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:96:a3:67:db:c7:7b:70:76:57:b8:5e:a7:f8:fa:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:40:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=892f1bc216a88ae0b413bf63f90ac0cccc769bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ea:61:cb:f5:2a:dd:5d:c0:30:18:40:be:88:
f6:40:15:e7:3c:58:be:40:b8:cf:b6:04:ce:db:31:
30:2e:79:3c:9b:a6:3b:02:d2:2e:fb:93:35:83:84:
eb:07:0b:bf:05:1c:78:fa:49:fe:ac:74:93:51:39:
28:22:69:7b:f6:08:d5:b2:a1:2a:77:61:44:26:83:
53:03:df:67:6b:71:55:aa:9c:dc:4f:a4:ff:84:98:
cc:e5:c3:95:38:43:e9:e9:e1:c6:6c:e3:b9:9f:ad:
e8:45:85:f9:97:86:1d:3d:97:56:d2:14:44:24:e7:
92:9c:7e:1e:eb:9e:cd:17:b2:67:da:21:52:9a:ad:
75:30:25:a7:c2:bc:a9:49:d4:44:28:4b:4e:ec:1d:
72:03:a5:2c:0a:02:f4:5e:84:86:44:fa:c9:07:8a:
bf:4e:d9:29:f4:b0:e9:3f:26:b3:80:ba:d1:a7:2e:
ff:59:4e:d7:cf:9b:d2:01:97:da:07:14:45:fb:18:
27:ea:46:82:75:e8:a2:f4:52:04:5d:5d:5b:ca:9c:
ed:c3:a5:07:b8:01:9e:a5:fc:36:f2:eb:60:ec:37:
1d:c6:3a:01:3e:da:05:c4:cd:d3:41:0f:25:8b:ec:
d1:59:1e:99:cb:65:cd:e7:26:7f:a7:cb:46:71:40:
ef:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2F:1B:C2:16:A8:8A:E0:B4:13:BF:63:F9:0A:C0:CC:CC:76:9B:C0
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/iS8bwhaoiuC0E79j-QrAzMx2m8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.160.0/22
91.233.193.0-91.233.195.255
91.239.164.0/22
91.242.48.0/22
194.107.122.0/24
194.213.6.0/24
195.54.54.0/23
Signature Algorithm: sha256WithRSAEncryption
10:1a:66:34:c9:dc:f8:a9:c6:c1:f9:24:c1:54:ca:c4:a1:ae:
a0:2d:c1:e0:49:c7:1e:c3:0d:73:3a:83:cc:04:6b:37:3b:f0:
bb:1b:43:a2:24:fe:df:d2:da:f9:ab:d5:20:38:44:f8:4d:58:
e9:9c:0c:0c:5b:2c:22:49:12:c2:66:c0:48:05:4a:88:15:4b:
8f:d9:72:1a:0d:e1:31:79:ad:4a:8b:cf:32:d3:7e:ed:8f:3a:
70:76:a1:1b:44:5e:9b:fc:e5:d6:c8:90:0c:99:08:7e:3c:41:
07:cb:08:ba:16:50:b5:74:ad:5c:ea:ea:91:11:e6:fc:5d:5f:
09:88:7c:15:d0:3c:ce:38:29:32:6a:30:0b:ab:ca:fa:a8:44:
79:a9:d8:46:27:77:97:02:36:40:09:35:74:34:88:e9:ca:7b:
f5:f7:36:f0:a8:15:3a:47:86:3c:00:f1:68:e4:53:d1:33:16:
cb:05:73:11:38:c1:91:25:f0:e4:2b:56:0c:52:5d:9a:20:ca:
2e:d9:25:ef:db:8f:b7:4b:04:82:13:91:48:03:d7:dc:be:39:
92:e1:20:4e:a6:26:cd:28:2c:82:05:9d:cb:4b:59:9f:08:a2:
52:13:e6:2a:b9:48:33:f4:43:57:86:b0:ce:8e:5a:8e:67:12:
30:54:07:5c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYo8lqNn28d7cHZXuF6n+PrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQ0MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTJmMWJjMjE2YTg4YWUwYjQxM2JmNjNmOTBhYzBjY2NjNzY5YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOphy/Uq3V3AMBhAvoj2QBXnPFi+
QLjPtgTO2zEwLnk8m6Y7AtIu+5M1g4TrBwu/BRx4+kn+rHSTUTkoIml79gjVsqEq
d2FEJoNTA99na3FVqpzcT6T/hJjM5cOVOEPp6eHGbOO5n63oRYX5l4YdPZdW0hRE
JOeSnH4e657NF7Jn2iFSmq11MCWnwrypSdREKEtO7B1yA6UsCgL0XoSGRPrJB4q/
Ttkp9LDpPyazgLrRpy7/WU7Xz5vSAZfaBxRF+xgn6kaCdeii9FIEXV1bypztw6UH
uAGepfw28utg7DcdxjoBPtoFxM3TQQ8li+zRWR6Zy2XN5yZ/p8tGcUDvZQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIkvG8IWqIrgtBO/Y/kKwMzMdpvAMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvaVM4YndoYW9pdUMwRTc5ai1RckF6TXgybThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCH4OgMAwD
BABb6cEDBAJb6cADBAJb76QDBAJb8jADBADCa3oDBADC1QYDBAHDNjYwDQYJKoZI
hvcNAQELBQADggEBABAaZjTJ3PipxsH5JMFUysShrqAtweBJxx7DDXM6g8wEazc7
8LsbQ6Ik/t/S2vmr1SA4RPhNWOmcDAxbLCJJEsJmwEgFSogVS4/ZchoN4TF5rUqL
zzLTfu2POnB2oRtEXpv85dbIkAyZCH48QQfLCLoWULV0rVzq6pER5vxdXwmIfBXQ
PM44KTJqMAuryvqoRHmp2EYnd5cCNkAJNXQ0iOnKe/X3NvCoFTpHhjwA8WjkU9Ez
FssFcxE4wZEl8OQrVgxSXZogyi7ZJe/bj7dLBIITkUgD19y+OZLhIE6mJs0oLIIF
nctLWZ8IolIT5iq5SDP0Q1eGsM6OWo5nEjBUB1w=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:51 2023 by rpki-client on console.sobornost.net