Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/oz33JqlDLDA8PyPRGX3DaZg-l2E.roa
File: oz33JqlDLDA8PyPRGX3DaZg-l2E.roa (raw, json)
Hash identifier: zTV6NTq4sTXKLe2B8wHqES2mKgA49poN6xdMh7x3KKk=
Subject key identifier: A3:3D:F7:26:A9:43:2C:30:3C:3F:23:D1:19:7D:C3:69:98:3E:97:61
Certificate issuer: /CN=55fad96dd05af8c2d26192c841131f2f97459fed
Certificate serial: 01856C0A4D902494E5E9555B2C52FA7C0C94
Authority key identifier: 55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/oz33JqlDLDA8PyPRGX3DaZg-l2E.roa
Signing time: Sun 01 Jan 2023 06:34:52 +0000
ROA not before: Sun 01 Jan 2023 06:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43361
IP address blocks: 185.175.94.0/23 maxlen: 23
45.10.89.0/24 maxlen: 24
31.133.98.0/23 maxlen: 23
194.31.244.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:4d:90:24:94:e5:e9:55:5b:2c:52:fa:7c:0c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55fad96dd05af8c2d26192c841131f2f97459fed
Validity
Not Before: Jan 1 06:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a33df726a9432c303c3f23d1197dc369983e9761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ae:3a:52:a0:08:60:64:ca:6f:60:e2:52:52:
d7:bb:67:f4:ed:d9:50:00:8e:15:27:0b:59:0b:65:
34:dc:ca:fe:22:aa:5e:e3:a9:e7:32:56:81:50:65:
5c:b6:35:54:b7:3a:24:81:a5:cc:f2:89:0a:7f:39:
c6:b2:b0:21:25:cd:55:b2:c3:f4:ba:5d:5f:f8:50:
10:b1:6a:2d:b8:f4:5c:7c:52:9c:fe:78:22:5a:fb:
f3:75:2f:7c:35:7e:a1:04:54:0d:78:7f:7e:57:ca:
d3:f7:93:ef:5e:74:54:d4:f1:8a:7c:4a:6e:ca:da:
89:98:a0:d4:74:04:b2:b2:b2:62:90:46:20:0d:4e:
cf:04:72:1e:a7:09:70:b6:99:86:fc:37:81:ed:8a:
c8:09:b2:c4:c0:5f:56:19:16:1a:e7:af:70:52:78:
ac:fc:36:da:1c:4a:76:e0:1d:81:df:c2:14:71:f1:
58:93:7e:f1:79:68:aa:0f:b1:e7:88:0c:fd:eb:d5:
52:d6:50:3d:da:ca:b0:ed:44:68:6d:21:0a:68:00:
9e:22:25:a2:0b:2e:ff:12:ca:a3:60:8d:2b:69:da:
3b:56:16:3e:3e:43:61:70:2d:37:3d:83:55:94:54:
c2:c8:22:c3:5b:b0:d9:ac:ee:32:fa:14:04:35:7b:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3D:F7:26:A9:43:2C:30:3C:3F:23:D1:19:7D:C3:69:98:3E:97:61
X509v3 Authority Key Identifier:
keyid:55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/oz33JqlDLDA8PyPRGX3DaZg-l2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/VfrZbdBa-MLSYZLIQRMfL5dFn-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.98.0/23
45.10.89.0/24
185.175.94.0/23
194.31.244.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0c:2d:3e:75:6c:5b:2e:95:39:4d:a2:52:59:07:62:30:a9:
16:98:24:1e:e7:32:4b:28:69:7d:c7:d3:61:21:6c:fc:c0:d1:
b2:5c:00:7a:84:69:40:ba:15:4c:f8:72:ce:d5:3e:ca:42:7b:
70:89:8c:c9:39:b1:0f:fc:ad:94:0b:ac:3f:96:e5:3c:19:1a:
2e:6d:40:13:80:19:64:b0:6c:89:9e:61:37:e9:92:7c:46:e1:
df:fa:90:64:21:3a:a9:63:40:7c:7c:1f:7a:31:96:43:00:0a:
bb:51:36:41:08:54:e7:ee:7b:c9:42:e4:d9:de:9b:3f:28:06:
1d:83:5b:68:c2:fc:67:e3:f0:4d:90:2a:59:d8:99:4b:44:54:
bd:66:f8:bc:f4:1b:35:56:65:d9:2f:70:10:fc:a5:29:af:75:
98:d7:41:2f:ce:2d:24:06:b4:97:10:87:ae:e6:f9:57:fc:78:
0e:83:52:ad:c0:4b:09:cd:59:3a:0a:9f:86:b6:12:ae:bb:e1:
f3:30:e3:50:d9:d9:e1:d7:91:c6:10:c1:f7:80:d7:0f:fc:d8:
5a:84:9f:d6:e9:be:f7:01:4b:bf:43:c0:77:7c:cf:6b:3e:8c:
eb:49:25:9a:01:4b:13:69:96:83:29:5a:11:e7:be:b5:90:96:
2a:38:37:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsCk2QJJTl6VVbLFL6fAyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZmFkOTZkZDA1YWY4YzJkMjYxOTJjODQxMTMxZjJmOTc0
NTlmZWQwHhcNMjMwMTAxMDYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNkZjcyNmE5NDMyYzMwM2MzZjIzZDExOTdkYzM2OTk4M2U5NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq46UqAIYGTKb2DiUlLXu2f07dlQ
AI4VJwtZC2U03Mr+Iqpe46nnMlaBUGVctjVUtzokgaXM8okKfznGsrAhJc1VssP0
ul1f+FAQsWotuPRcfFKc/ngiWvvzdS98NX6hBFQNeH9+V8rT95PvXnRU1PGKfEpu
ytqJmKDUdASysrJikEYgDU7PBHIepwlwtpmG/DeB7YrICbLEwF9WGRYa569wUnis
/DbaHEp24B2B38IUcfFYk37xeWiqD7HniAz969VS1lA92sqw7URobSEKaACeIiWi
Cy7/EsqjYI0rado7VhY+PkNhcC03PYNVlFTCyCLDW7DZrO4y+hQENXvlCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKM99yapQywwPD8j0Rl9w2mYPpdhMB8GA1UdIwQY
MBaAFFX62W3QWvjC0mGSyEETHy+XRZ/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAt
MzBmZjJjODNmMDAxLzEvb3ozM0pxbERMREE4UHlQUkdYM0RhWmctbDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAtMzBmZjJjODNmMDAx
LzEvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH4ViAwQA
LQpZAwQBua9eAwQAwh/0MA0GCSqGSIb3DQEBCwUAA4IBAQCJDC0+dWxbLpU5TaJS
WQdiMKkWmCQe5zJLKGl9x9NhIWz8wNGyXAB6hGlAuhVM+HLO1T7KQntwiYzJObEP
/K2UC6w/luU8GRoubUATgBlksGyJnmE36ZJ8RuHf+pBkITqpY0B8fB96MZZDAAq7
UTZBCFTn7nvJQuTZ3ps/KAYdg1towvxn4/BNkCpZ2JlLRFS9Zvi89Bs1VmXZL3AQ
/KUpr3WY10Evzi0kBrSXEIeu5vlX/HgOg1KtwEsJzVk6Cp+GthKuu+HzMONQ2dnh
15HGEMH3gNcP/NhahJ/W6b73AUu/Q8B3fM9rPozrSSWaAUsTaZaDKVoR5761kJYq
ODcZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:52 2024 by rpki-client on console.sobornost.net