Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/23de06-fc9a-43d3-ac95-37e64c07cc86/1/po3a8RKfCo7wq7M_y1kOQOiG4s4.roa
File: po3a8RKfCo7wq7M_y1kOQOiG4s4.roa (raw, json)
Hash identifier: WFwpL7rHYKFO/m/VjKmYCAAwhDSLzGEXPSP5E92ngik=
Subject key identifier: A6:8D:DA:F1:12:9F:0A:8E:F0:AB:B3:3F:CB:59:0E:40:E8:86:E2:CE
Certificate issuer: /CN=3d1cc402349e191392d1ec7469c1bc8243634439
Certificate serial: 018571C2FCF1083D5A7D9B92EE291015C191
Authority key identifier: 3D:1C:C4:02:34:9E:19:13:92:D1:EC:74:69:C1:BC:82:43:63:44:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PRzEAjSeGROS0ex0acG8gkNjRDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/23de06-fc9a-43d3-ac95-37e64c07cc86/1/po3a8RKfCo7wq7M_y1kOQOiG4s4.roa
Signing time: Mon 02 Jan 2023 09:14:42 +0000
ROA not before: Mon 02 Jan 2023 09:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205400
IP address blocks: 185.219.164.0/22 maxlen: 22
85.132.136.0/22 maxlen: 22
2a0b:e7c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c2:fc:f1:08:3d:5a:7d:9b:92:ee:29:10:15:c1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d1cc402349e191392d1ec7469c1bc8243634439
Validity
Not Before: Jan 2 09:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a68ddaf1129f0a8ef0abb33fcb590e40e886e2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:31:d8:a9:42:a9:bc:7a:87:20:41:ce:46:5b:
e6:9b:ae:6d:07:b6:65:4b:b2:21:0b:06:dd:64:f3:
2f:76:a0:5c:86:1a:0d:74:9b:a8:c1:77:3c:4c:a3:
59:db:36:c5:09:e5:fb:ad:22:8e:43:b6:c6:45:ed:
95:66:1c:02:cd:db:27:77:08:d3:d5:87:96:fd:68:
9a:7d:43:d7:8e:3d:58:70:8e:5d:7a:fa:ca:18:51:
15:67:49:1b:b5:ff:0e:a6:ec:58:96:b7:12:d2:16:
94:63:64:c8:69:6d:f9:44:7f:c7:37:a2:19:bd:44:
1a:8f:0d:05:a7:79:a2:29:fc:c4:81:25:34:1d:cf:
49:28:c5:8e:94:0e:a4:f1:fc:28:4c:2c:13:e4:65:
94:0f:ec:4a:a5:4a:b1:6b:7c:2a:cd:5d:a5:63:e0:
d2:27:37:ba:5c:b1:f9:9b:93:02:1f:e4:f6:b8:13:
3c:96:f7:02:51:90:ed:92:9a:98:fc:7c:f1:ca:19:
68:f0:48:6f:f2:2f:df:5c:3f:de:c6:1a:c6:e4:43:
05:22:ac:a9:2f:e9:9e:bd:2e:f4:02:27:8c:e9:3d:
ca:1d:99:2d:5f:11:d9:2a:a2:b0:67:f0:09:36:bb:
87:91:fd:8f:dc:6a:09:ac:84:3f:6c:58:f7:ad:72:
bd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:DA:F1:12:9F:0A:8E:F0:AB:B3:3F:CB:59:0E:40:E8:86:E2:CE
X509v3 Authority Key Identifier:
keyid:3D:1C:C4:02:34:9E:19:13:92:D1:EC:74:69:C1:BC:82:43:63:44:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRzEAjSeGROS0ex0acG8gkNjRDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/23de06-fc9a-43d3-ac95-37e64c07cc86/1/po3a8RKfCo7wq7M_y1kOQOiG4s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/23de06-fc9a-43d3-ac95-37e64c07cc86/1/PRzEAjSeGROS0ex0acG8gkNjRDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.136.0/22
185.219.164.0/22
IPv6:
2a0b:e7c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:f6:b2:7f:28:ed:f9:a3:a5:ed:88:27:04:ba:5f:72:0d:3a:
71:c1:a1:d7:43:f6:06:9b:a3:7d:d7:33:ea:5e:27:27:ee:dc:
0b:f7:5d:a2:80:75:5b:70:40:22:89:7c:ac:4f:57:1d:86:5f:
17:b6:ac:28:44:d0:61:14:1a:ae:5f:e9:37:0f:a7:53:89:9e:
37:73:20:d1:20:54:95:5e:29:97:a2:fe:c6:83:a0:89:df:51:
a8:22:9b:55:93:ef:0c:18:58:f0:85:fb:1a:87:f3:82:40:62:
5d:bf:37:3a:aa:46:5e:cc:05:2f:74:d8:49:55:3d:dd:4d:20:
cb:f6:e4:80:2a:85:9e:68:c6:68:0c:28:59:4c:e2:86:d9:c5:
95:04:56:23:fe:e6:92:cf:d8:de:98:3d:90:5b:3f:a2:b9:10:
ae:77:e1:62:85:fa:04:bd:d3:fd:b2:f7:9a:31:d3:0b:a7:60:
0f:dc:b1:23:14:5b:76:1f:b7:22:ee:7b:29:c4:3b:18:11:7d:
a3:8e:29:33:ac:47:bf:00:11:3e:03:68:48:3f:21:d8:80:6c:
7b:e6:71:2a:b4:3c:27:2c:1c:ef:e6:60:70:c2:f1:9a:22:1d:
da:1e:ab:dc:6b:4f:40:38:45:d1:94:ba:1e:b0:d2:07:bb:4c:
b1:d2:06:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxwvzxCD1afZuS7ikQFcGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWNjNDAyMzQ5ZTE5MTM5MmQxZWM3NDY5YzFiYzgyNDM2
MzQ0MzkwHhcNMjMwMTAyMDkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhkZGFmMTEyOWYwYThlZjBhYmIzM2ZjYjU5MGU0MGU4ODZlMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzHYqUKpvHqHIEHORlvmm65tB7Zl
S7IhCwbdZPMvdqBchhoNdJuowXc8TKNZ2zbFCeX7rSKOQ7bGRe2VZhwCzdsndwjT
1YeW/WiafUPXjj1YcI5devrKGFEVZ0kbtf8OpuxYlrcS0haUY2TIaW35RH/HN6IZ
vUQajw0Fp3miKfzEgSU0Hc9JKMWOlA6k8fwoTCwT5GWUD+xKpUqxa3wqzV2lY+DS
Jze6XLH5m5MCH+T2uBM8lvcCUZDtkpqY/Hzxyhlo8Ehv8i/fXD/exhrG5EMFIqyp
L+mevS70AieM6T3KHZktXxHZKqKwZ/AJNruHkf2P3GoJrIQ/bFj3rXK9CQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKaN2vESnwqO8KuzP8tZDkDohuLOMB8GA1UdIwQY
MBaAFD0cxAI0nhkTktHsdGnBvIJDY0Q5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ6RUFqU2VHUk9TMGV4MGFjRzhna05qUkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yM2RlMDYtZmM5YS00M2QzLWFjOTUt
MzdlNjRjMDdjYzg2LzEvcG8zYThSS2ZDbzd3cTdNX3kxa09RT2lHNHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yM2RlMDYtZmM5YS00M2QzLWFjOTUtMzdlNjRjMDdjYzg2
LzEvUFJ6RUFqU2VHUk9TMGV4MGFjRzhna05qUkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVYSIAwQC
udukMA0EAgACMAcDBQMqC+fAMA0GCSqGSIb3DQEBCwUAA4IBAQAO9rJ/KO35o6Xt
iCcEul9yDTpxwaHXQ/YGm6N91zPqXicn7twL912igHVbcEAiiXysT1cdhl8Xtqwo
RNBhFBquX+k3D6dTiZ43cyDRIFSVXimXov7Gg6CJ31GoIptVk+8MGFjwhfsah/OC
QGJdvzc6qkZezAUvdNhJVT3dTSDL9uSAKoWeaMZoDChZTOKG2cWVBFYj/uaSz9je
mD2QWz+iuRCud+FihfoEvdP9sveaMdMLp2AP3LEjFFt2H7ci7nspxDsYEX2jjikz
rEe/ABE+A2hIPyHYgGx75nEqtDwnLBzv5mBwwvGaIh3aHqvca09AOEXRlLoesNIH
u0yx0gZ3
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:36:27 2024 by rpki-client on console.sobornost.net