Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/gAhomEESA2ijjthWA0PXgP3J30k.roa
File: gAhomEESA2ijjthWA0PXgP3J30k.roa (raw, json)
Hash identifier: x8gugSEKfSKVEuPAgNrdXm1O2++TukKQ71qVps75kVo=
Subject key identifier: 80:08:68:98:41:12:03:68:A3:8E:D8:56:03:43:D7:80:FD:C9:DF:49
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 01856B00A58CE0DE959E2910A8689E3887B4
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/gAhomEESA2ijjthWA0PXgP3J30k.roa
Signing time: Sun 01 Jan 2023 01:44:42 +0000
ROA not before: Sun 01 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210990
IP address blocks: 192.145.120.0/22 maxlen: 24
176.106.44.0/24 maxlen: 24
176.106.43.0/24 maxlen: 24
176.106.42.0/24 maxlen: 24
176.106.41.0/24 maxlen: 24
176.106.40.0/24 maxlen: 24
176.106.47.0/24 maxlen: 24
176.106.46.0/24 maxlen: 24
176.106.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:a5:8c:e0:de:95:9e:29:10:a8:68:9e:38:87:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Jan 1 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8008689841120368a38ed8560343d780fdc9df49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:fd:51:34:b6:b6:3d:ab:f8:34:3b:4b:d2:
7c:2d:79:b6:f9:04:16:05:f1:4c:b6:76:56:bd:89:
a6:91:6c:b7:4a:1c:b4:d1:9f:af:97:f5:30:80:89:
fe:f9:74:31:c9:5a:1c:a4:fa:01:88:c9:ad:e5:02:
63:77:62:49:41:07:55:f2:fd:de:d5:bc:1e:a4:84:
44:5a:a0:62:ef:ff:5c:58:c7:a4:fd:ac:12:4c:b3:
23:af:66:8a:e9:4f:5a:b5:29:a7:9a:71:6a:8c:c2:
b2:eb:a9:3a:90:44:1c:b7:35:8d:87:4d:8e:4b:18:
24:d2:eb:06:67:41:dd:0e:86:c9:b0:36:0d:7c:8c:
90:e0:31:8d:4d:aa:25:22:ff:8a:8a:6a:4b:09:ef:
73:35:74:8e:3f:dd:57:ea:d6:30:2c:48:a6:27:c8:
67:25:2b:bc:c5:29:ee:6b:61:58:0a:da:22:9e:76:
51:47:a5:7b:00:e9:f4:12:f5:7e:24:66:22:80:f6:
bc:01:1b:05:38:20:70:01:e0:d7:14:f4:a0:72:85:
9b:b3:1e:81:c7:32:4b:0d:df:14:b2:f0:3a:2b:f1:
76:9a:a5:62:81:77:9d:d9:bd:90:31:ca:74:ed:01:
af:91:22:d2:82:40:be:75:4d:68:11:ca:be:d5:3a:
e0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:08:68:98:41:12:03:68:A3:8E:D8:56:03:43:D7:80:FD:C9:DF:49
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/gAhomEESA2ijjthWA0PXgP3J30k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.40.0/21
192.145.120.0/22
Signature Algorithm: sha256WithRSAEncryption
54:46:e1:89:75:04:c7:97:64:3d:b5:46:87:36:88:c3:61:38:
4b:61:64:45:c0:11:58:16:b9:39:44:01:51:7b:90:06:97:c2:
af:e3:ef:7f:d8:df:23:e3:21:40:90:ea:71:b6:81:ea:0f:8b:
9d:d9:6e:b3:b7:75:4f:40:16:13:34:d5:aa:bc:ed:3f:e7:66:
0b:ab:50:42:0d:15:f7:57:78:1b:61:ad:11:06:38:26:e4:2a:
91:7f:8d:46:a2:9f:01:73:b4:2b:aa:b1:c9:4b:ea:f1:23:ec:
58:59:40:bc:f7:7b:88:84:34:74:f0:ae:a5:98:29:53:43:1b:
0e:68:8e:01:60:99:99:4b:fa:57:f1:d2:7c:b2:87:b3:15:e9:
2c:ae:43:9e:80:ef:c3:99:2a:4e:45:1d:f1:ab:77:e7:e4:4c:
c0:85:07:5b:19:4b:90:7f:2f:6b:94:38:24:53:df:c3:2f:25:
a8:65:a9:1c:89:e1:aa:ef:49:b8:1e:ae:74:0a:f2:29:9d:03:
99:2e:fa:90:e2:75:76:b0:3d:b8:1a:a2:39:86:3e:a1:d1:10:
dd:d5:8d:7d:e3:25:8d:ca:03:98:f1:8d:b7:63:a8:5a:14:2b:
fe:c3:e3:13:c3:1b:31:c2:71:6b:e6:16:47:c0:38:43:a8:24:
e4:97:84:8d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrAKWM4N6VnikQqGieOIe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTZjN2U2NjBiMWM3NGUzYjAzMThiMTQzMzhjM2YwMGRk
N2JjNzIwHhcNMjMwMTAxMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDA4Njg5ODQxMTIwMzY4YTM4ZWQ4NTYwMzQzZDc4MGZkYzlkZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPr9UTS2tj2r+DQ7S9J8LXm2+QQW
BfFMtnZWvYmmkWy3Shy00Z+vl/UwgIn++XQxyVocpPoBiMmt5QJjd2JJQQdV8v3e
1bwepIREWqBi7/9cWMek/awSTLMjr2aK6U9atSmnmnFqjMKy66k6kEQctzWNh02O
Sxgk0usGZ0HdDobJsDYNfIyQ4DGNTaolIv+KimpLCe9zNXSOP91X6tYwLEimJ8hn
JSu8xSnua2FYCtoinnZRR6V7AOn0EvV+JGYigPa8ARsFOCBwAeDXFPSgcoWbsx6B
xzJLDd8UsvA6K/F2mqVigXed2b2QMcp07QGvkSLSgkC+dU1oEcq+1TrgbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIAIaJhBEgNoo47YVgND14D9yd9JMB8GA1UdIwQY
MBaAFPpWx+ZgscdOOwMYsUM4w/AN17xyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sYkg1bUN4eDA0N0F4aXhRempEOEEzWHZISS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlm
LThiZjRmZTRjNzczMi8xL2dBaG9tRUVTQTJpamp0aFdBMFBYZ1AzSjMway5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlmLThiZjRmZTRjNzcz
Mi8xLzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAOwaigD
BALAkXgwDQYJKoZIhvcNAQELBQADggEBAFRG4Yl1BMeXZD21Roc2iMNhOEthZEXA
EVgWuTlEAVF7kAaXwq/j73/Y3yPjIUCQ6nG2geoPi53ZbrO3dU9AFhM01aq87T/n
ZgurUEINFfdXeBthrREGOCbkKpF/jUainwFztCuqsclL6vEj7FhZQLz3e4iENHTw
rqWYKVNDGw5ojgFgmZlL+lfx0nyyh7MV6SyuQ56A78OZKk5FHfGrd+fkTMCFB1sZ
S5B/L2uUOCRT38MvJahlqRyJ4arvSbgernQK8imdA5ku+pDidXawPbgaojmGPqHR
EN3VjX3jJY3KA5jxjbdjqFoUK/7D4xPDGzHCcWvmFkfAOEOoJOSXhI0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:17:14 2024 by rpki-client on console.sobornost.net