Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/mhqcK_CLCjZ6ZkzS2mgYA1xdzRs.roa
File: mhqcK_CLCjZ6ZkzS2mgYA1xdzRs.roa (raw, json)
Hash identifier: B3yyn/TQiypEpVSxbbussvjiew9JsqNKXrZEbTWwUYg=
Subject key identifier: 9A:1A:9C:2B:F0:8B:0A:36:7A:66:4C:D2:DA:68:18:03:5C:5D:CD:1B
Certificate issuer: /CN=969d46361b6af720fb9836acec965b0f52f4b09c
Certificate serial: 018B8FB3A1434CF4F59B90433DD457813D8B
Authority key identifier: 96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/mhqcK_CLCjZ6ZkzS2mgYA1xdzRs.roa
Signing time: Thu 02 Nov 2023 11:03:15 +0000
ROA not before: Thu 02 Nov 2023 11:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29690
IP address blocks: 83.101.128.0/24 maxlen: 24
83.101.129.0/24 maxlen: 24
83.101.138.0/24 maxlen: 24
83.101.139.0/24 maxlen: 24
83.101.141.0/24 maxlen: 24
83.101.143.0/24 maxlen: 24
83.101.140.0/24 maxlen: 24
83.101.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:b3:a1:43:4c:f4:f5:9b:90:43:3d:d4:57:81:3d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969d46361b6af720fb9836acec965b0f52f4b09c
Validity
Not Before: Nov 2 11:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1a9c2bf08b0a367a664cd2da6818035c5dcd1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:5d:f1:d5:7e:69:13:be:d0:77:a1:c8:eb:
7d:e9:72:77:88:04:8a:fc:03:e2:76:43:f9:c3:4b:
de:df:1b:68:ba:3b:1d:eb:a5:3a:22:3c:aa:cd:93:
a7:ec:00:1e:84:f4:06:10:4e:41:a7:50:01:d4:ee:
6a:f4:7d:9b:e1:75:11:8b:78:fe:51:7f:bd:af:86:
5d:5f:f1:bb:76:77:f9:f4:bd:b8:f1:6b:10:f5:38:
a1:b7:da:89:20:7f:da:b4:f2:f4:93:56:71:f4:0c:
31:b1:85:9d:86:ab:14:f5:f7:04:d5:0c:84:47:54:
4b:d8:83:8c:57:18:6a:81:9d:58:70:c2:80:29:be:
23:9d:40:83:61:73:69:c8:ad:6f:22:7c:63:18:ca:
0c:fc:3e:c1:e5:d5:46:74:a9:71:2a:83:ca:4f:9e:
73:63:d3:c5:f6:ab:b9:f2:8b:a4:5c:05:c8:a9:66:
92:45:2a:28:de:01:47:c5:89:75:60:e2:e6:5e:be:
ff:24:23:0c:bd:58:40:83:1b:39:4c:76:18:24:50:
42:11:70:98:37:dc:80:c9:04:7b:28:9d:72:d2:71:
df:29:fe:79:cd:af:68:0c:5a:6d:be:2b:0f:42:09:
5a:c0:e7:6b:31:52:8e:34:1a:9a:6d:a8:6a:c4:a1:
b0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:9C:2B:F0:8B:0A:36:7A:66:4C:D2:DA:68:18:03:5C:5D:CD:1B
X509v3 Authority Key Identifier:
keyid:96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/mhqcK_CLCjZ6ZkzS2mgYA1xdzRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.101.128.0/23
83.101.138.0-83.101.141.255
83.101.143.0/24
83.101.149.0/24
Signature Algorithm: sha256WithRSAEncryption
72:71:f6:8c:2c:7f:83:dd:18:43:9f:7b:d8:32:75:c7:3b:51:
77:9d:05:1a:af:88:c3:d6:ea:eb:f2:43:ff:6c:98:ed:6f:1d:
30:6b:a0:17:60:c2:39:11:bc:0e:24:77:d7:ed:b6:d3:0f:13:
df:b7:c9:30:e0:db:77:08:10:25:89:58:b6:1f:23:26:96:3a:
60:6f:93:6b:07:fd:9d:e6:7e:ae:4e:93:c0:50:ae:7a:2b:5e:
2f:8a:42:af:6b:b6:0f:ac:bd:ca:87:b8:7c:5c:05:1f:11:c2:
fb:63:f5:17:a2:16:4a:c3:bc:d9:89:8a:58:40:c6:4c:3a:fe:
7d:ef:90:a8:0e:d7:60:f0:56:f3:df:2c:b7:de:9a:b0:0b:77:
c9:1f:33:ff:e0:ea:5f:b2:c0:6e:79:73:e7:72:a6:df:e7:7a:
1f:59:07:d2:3e:e6:62:8b:cc:68:b6:91:c6:c5:c7:6f:12:cc:
31:6f:f9:0c:20:f3:73:28:b1:ae:9f:94:a6:81:78:86:21:b3:
69:81:bd:55:a1:4e:b4:d1:60:0f:64:bc:0e:5f:c8:4c:0e:aa:
77:bb:74:b5:74:5d:4f:64:79:93:60:93:ba:95:eb:0b:bf:a1:
21:f0:1c:a1:ab:f7:2e:52:a6:2c:1a:d0:0c:bb:99:df:c8:8e:
99:a6:04:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuPs6FDTPT1m5BDPdRXgT2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWQ0NjM2MWI2YWY3MjBmYjk4MzZhY2VjOTY1YjBmNTJm
NGIwOWMwHhcNMjMxMTAyMTEwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFhOWMyYmYwOGIwYTM2N2E2NjRjZDJkYTY4MTgwMzVjNWRjZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoNd8dV+aRO+0HehyOt96XJ3iASK
/APidkP5w0ve3xtoujsd66U6IjyqzZOn7AAehPQGEE5Bp1AB1O5q9H2b4XURi3j+
UX+9r4ZdX/G7dnf59L248WsQ9Tiht9qJIH/atPL0k1Zx9AwxsYWdhqsU9fcE1QyE
R1RL2IOMVxhqgZ1YcMKAKb4jnUCDYXNpyK1vInxjGMoM/D7B5dVGdKlxKoPKT55z
Y9PF9qu58oukXAXIqWaSRSoo3gFHxYl1YOLmXr7/JCMMvVhAgxs5THYYJFBCEXCY
N9yAyQR7KJ1y0nHfKf55za9oDFptvisPQglawOdrMVKONBqabahqxKGwiwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJoanCvwiwo2emZM0tpoGANcXc0bMB8GA1UdIwQY
MBaAFJadRjYbavcg+5g2rOyWWw9S9LCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEt
NDM2MDAxNzFiOGJkLzEvbWhxY0tfQ0xDalo2Wmt6UzJtZ1lBMXhkelJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEtNDM2MDAxNzFiOGJk
LzEvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBU2WAMAwD
BAFTZYoDBAFTZYwDBABTZY8DBABTZZUwDQYJKoZIhvcNAQELBQADggEBAHJx9ows
f4PdGEOfe9gydcc7UXedBRqviMPW6uvyQ/9smO1vHTBroBdgwjkRvA4kd9ftttMP
E9+3yTDg23cIECWJWLYfIyaWOmBvk2sH/Z3mfq5Ok8BQrnorXi+KQq9rtg+svcqH
uHxcBR8Rwvtj9ReiFkrDvNmJilhAxkw6/n3vkKgO12DwVvPfLLfemrALd8kfM//g
6l+ywG55c+dypt/neh9ZB9I+5mKLzGi2kcbFx28SzDFv+Qwg83Mosa6flKaBeIYh
s2mBvVWhTrTRYA9kvA5fyEwOqne7dLV0XU9keZNgk7qV6wu/oSHwHKGr9y5Spiwa
0Ay7md/IjpmmBDA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net