Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/j_n1tB9PwWtk5q-GCifuCpfhpCg.roa
File: j_n1tB9PwWtk5q-GCifuCpfhpCg.roa (raw, json)
Hash identifier: oPlqDpX/vyPfF0Uj2ovOUJ3tF+nkJz4cRoKw9Pmu40A=
Subject key identifier: 8F:F9:F5:B4:1F:4F:C1:6B:64:E6:AF:86:0A:27:EE:0A:97:E1:A4:28
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0185707061690FD3D7F4676A98572283EFF0
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/j_n1tB9PwWtk5q-GCifuCpfhpCg.roa
Signing time: Mon 02 Jan 2023 03:04:51 +0000
ROA not before: Mon 02 Jan 2023 03:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196797
IP address blocks: 91.222.28.0/22 maxlen: 32
94.125.88.0/21 maxlen: 32
81.30.48.0/20 maxlen: 32
193.151.24.0/22 maxlen: 32
176.115.88.0/21 maxlen: 32
109.233.168.0/22 maxlen: 32
195.69.236.0/22 maxlen: 32
164.138.32.0/21 maxlen: 32
195.69.168.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:61:69:0f:d3:d7:f4:67:6a:98:57:22:83:ef:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 03:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ff9f5b41f4fc16b64e6af860a27ee0a97e1a428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8a:92:16:32:f2:d0:15:ad:52:cd:02:3b:31:
10:fd:2b:7e:8e:5c:fc:06:5f:78:2b:32:4a:5e:98:
d8:75:b1:64:3a:7b:dc:68:39:03:76:8c:35:b0:5f:
99:e4:5a:0d:2d:1b:6f:ec:87:c3:5d:4b:73:cd:b8:
9b:19:d8:9b:ac:9b:a6:e3:6c:dc:a3:57:0e:b4:a8:
2d:60:67:d7:25:02:1e:23:3a:f7:9c:56:87:83:36:
7f:7e:96:15:e9:34:ab:ef:e8:88:a2:74:b9:f7:6e:
d2:80:b0:85:23:65:0e:cb:29:07:f5:11:5a:2d:6c:
b9:3d:48:ce:3b:95:7a:33:4d:df:33:01:af:49:be:
2a:65:3b:bc:a3:27:01:f5:f6:d5:5c:40:ea:11:4b:
36:f4:7e:48:12:32:f1:df:cb:47:a5:3f:92:c2:8f:
4c:7e:ba:fc:a7:91:fd:9d:71:a3:58:51:d4:0d:8c:
35:aa:41:ee:c3:a6:e3:d4:fc:c5:52:16:6f:f8:4f:
09:7c:4a:5f:04:41:ed:63:12:20:5d:ca:c5:f0:03:
95:27:8e:1e:34:63:1c:5b:fe:05:7f:61:6c:7d:13:
e6:6d:88:c1:58:dc:1b:6d:3a:9a:9c:7a:1c:8f:2a:
3d:91:a8:0a:8b:f7:53:3e:01:01:e0:7f:4b:ec:83:
80:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F9:F5:B4:1F:4F:C1:6B:64:E6:AF:86:0A:27:EE:0A:97:E1:A4:28
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/j_n1tB9PwWtk5q-GCifuCpfhpCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.48.0/20
91.222.28.0/22
94.125.88.0/21
109.233.168.0/22
164.138.32.0/21
176.115.88.0/21
193.151.24.0/22
195.69.168.0/22
195.69.236.0/22
Signature Algorithm: sha256WithRSAEncryption
78:73:19:13:e1:11:4e:2c:1e:f2:63:ed:63:fd:91:f0:e5:2c:
28:7b:05:68:82:d3:50:1f:f0:ae:00:48:61:d9:62:15:0d:57:
53:b8:c0:3c:d5:6b:06:71:fe:9a:81:b1:3a:02:a5:7c:ad:15:
97:c0:cd:2b:21:f1:5a:19:a2:21:3a:60:a4:e0:bd:fa:90:12:
39:de:e9:75:c3:10:53:41:1d:6d:17:df:3f:22:a4:fa:49:b3:
69:83:ca:04:1a:05:85:68:57:7f:f5:4e:c8:77:ee:d8:62:fc:
19:a8:5a:e4:39:41:b5:43:58:00:4f:0e:e0:da:51:34:58:81:
8c:20:47:e9:58:70:4e:77:2d:2f:f3:ae:ca:b8:fd:52:36:63:
59:54:6a:b6:38:71:9a:0a:31:4b:52:17:63:4c:20:31:7b:aa:
5e:f9:3c:58:3b:cb:34:a1:2e:63:0c:f1:c7:b8:aa:f1:1d:5b:
15:ee:55:76:81:8f:e2:d0:c2:02:17:20:68:cf:20:1e:98:42:
da:1c:64:03:63:7f:b9:b3:2c:cc:15:1a:2f:2d:96:9a:0c:b8:
c4:33:23:0e:bb:9c:7e:af:22:39:57:55:f2:0d:b0:9b:fd:f7:
44:38:79:29:7e:68:c7:bb:82:97:dd:12:e3:75:73:b8:bb:66:
a1:0a:9e:02
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVwcGFpD9PX9GdqmFcig+/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjMwMTAyMDMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY5ZjViNDFmNGZjMTZiNjRlNmFmODYwYTI3ZWUwYTk3ZTFhNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4qSFjLy0BWtUs0COzEQ/St+jlz8
Bl94KzJKXpjYdbFkOnvcaDkDdow1sF+Z5FoNLRtv7IfDXUtzzbibGdibrJum42zc
o1cOtKgtYGfXJQIeIzr3nFaHgzZ/fpYV6TSr7+iIonS5927SgLCFI2UOyykH9RFa
LWy5PUjOO5V6M03fMwGvSb4qZTu8oycB9fbVXEDqEUs29H5IEjLx38tHpT+Swo9M
frr8p5H9nXGjWFHUDYw1qkHuw6bj1PzFUhZv+E8JfEpfBEHtYxIgXcrF8AOVJ44e
NGMcW/4Ff2FsfRPmbYjBWNwbbTqanHocjyo9kagKi/dTPgEB4H9L7IOAHwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI/59bQfT8FrZOavhgon7gqX4aQoMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEval9uMXRCOVB3V3RrNXEtR0NpZnVDcGZocENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEUR4wAwQC
W94cAwQDXn1YAwQCbemoAwQDpIogAwQDsHNYAwQCwZcYAwQCw0WoAwQCw0XsMA0G
CSqGSIb3DQEBCwUAA4IBAQB4cxkT4RFOLB7yY+1j/ZHw5SwoewVogtNQH/CuAEhh
2WIVDVdTuMA81WsGcf6agbE6AqV8rRWXwM0rIfFaGaIhOmCk4L36kBI53ul1wxBT
QR1tF98/IqT6SbNpg8oEGgWFaFd/9U7Id+7YYvwZqFrkOUG1Q1gATw7g2lE0WIGM
IEfpWHBOdy0v867KuP1SNmNZVGq2OHGaCjFLUhdjTCAxe6pe+TxYO8s0oS5jDPHH
uKrxHVsV7lV2gY/i0MICFyBozyAemELaHGQDY3+5syzMFRovLZaaDLjEMyMOu5x+
ryI5V1XyDbCb/fdEOHkpfmjHu4KX3RLjdXO4u2ahCp4C
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:13 2024 by rpki-client on console.sobornost.net