Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/uK3FCS6cZnS75t2iHt2fIMcBd1s.roa
File: uK3FCS6cZnS75t2iHt2fIMcBd1s.roa (raw, json)
Hash identifier: W8YjWsYrywloPV/QMRcbWNoTWjKqaQ9fCxRA9nMnZcA=
Subject key identifier: B8:AD:C5:09:2E:9C:66:74:BB:E6:DD:A2:1E:DD:9F:20:C7:01:77:5B
Certificate issuer: /CN=3a3c63cbd934825e55bbe359cb7306869ed451cd
Certificate serial: 01856FD508820315B892ECFB17CA94C72543
Authority key identifier: 3A:3C:63:CB:D9:34:82:5E:55:BB:E3:59:CB:73:06:86:9E:D4:51:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/uK3FCS6cZnS75t2iHt2fIMcBd1s.roa
Signing time: Mon 02 Jan 2023 00:15:10 +0000
ROA not before: Mon 02 Jan 2023 00:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25264
IP address blocks: 109.206.253.0/24 maxlen: 24
109.206.252.0/24 maxlen: 24
109.206.252.0/22 maxlen: 22
109.206.255.0/24 maxlen: 24
109.206.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:08:82:03:15:b8:92:ec:fb:17:ca:94:c7:25:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3c63cbd934825e55bbe359cb7306869ed451cd
Validity
Not Before: Jan 2 00:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8adc5092e9c6674bbe6dda21edd9f20c701775b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a6:54:bc:23:2a:4d:03:90:31:c2:97:f0:83:
a4:5f:86:2a:1c:a4:71:38:1a:12:0d:66:16:a1:71:
6a:6f:87:ff:4e:78:74:8f:c8:91:e5:87:31:de:f9:
64:05:e9:49:29:e1:7d:de:85:a0:e5:89:25:8e:2f:
32:a2:62:26:ab:09:43:4a:2d:ab:06:c1:cd:80:7b:
68:35:37:f6:dc:64:cc:5e:a0:e2:12:24:25:b4:f1:
72:e7:6d:32:06:1b:ec:d9:4a:ac:3c:73:c4:2c:12:
80:5c:4a:23:3b:a7:33:a8:09:7e:9c:90:67:bd:74:
f1:3b:ac:f9:4d:2b:96:40:98:59:8a:f1:c7:ce:4d:
bb:19:3b:6b:4f:73:01:bb:e3:9a:09:55:17:54:5e:
49:26:e5:1c:4e:5a:d7:d4:48:5c:71:6f:0b:be:06:
a0:3f:b8:71:dd:e5:23:cb:ef:11:42:79:7c:de:0c:
e2:f4:b0:c6:b6:d7:9e:12:d1:a4:16:e9:bc:fe:9d:
9a:78:fa:85:90:19:b8:a4:32:3d:d4:0e:a5:9b:1a:
30:ea:61:c8:b5:ab:f3:37:a2:59:93:16:14:a1:b9:
6f:3c:ec:db:19:8c:80:d6:61:77:65:32:e8:23:3d:
e0:e1:e6:56:e4:4e:88:fd:4e:70:21:7c:40:e6:64:
b7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AD:C5:09:2E:9C:66:74:BB:E6:DD:A2:1E:DD:9F:20:C7:01:77:5B
X509v3 Authority Key Identifier:
keyid:3A:3C:63:CB:D9:34:82:5E:55:BB:E3:59:CB:73:06:86:9E:D4:51:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/uK3FCS6cZnS75t2iHt2fIMcBd1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.252.0/22
Signature Algorithm: sha256WithRSAEncryption
66:fd:1f:2f:c0:e6:67:03:36:25:94:f6:85:32:64:3e:91:58:
6a:11:63:4d:ab:6e:c0:05:3b:7c:af:3d:89:c0:7f:80:9b:33:
7a:f5:eb:70:df:4f:11:04:66:f9:0e:5c:a7:0d:55:93:1d:c1:
96:7e:63:4f:35:d0:17:39:d7:44:da:fd:0c:07:cd:46:d4:91:
81:21:63:60:0c:ea:a1:e7:f4:01:09:2b:bf:c9:1c:37:66:7b:
b4:48:29:92:30:40:c1:af:ed:b3:ed:46:80:0e:99:b6:d5:b2:
25:05:bc:df:74:fa:e3:b0:47:e0:48:55:0f:53:bf:c4:f5:00:
d4:2d:57:c9:a2:3c:11:79:8e:66:2a:a1:0b:eb:67:a7:a3:88:
d9:e7:72:84:0c:80:65:89:74:a8:ba:a1:3c:49:c8:ea:21:96:
e4:db:3e:a4:44:20:50:25:b2:56:54:45:9f:38:0c:4a:c7:e4:
61:04:09:d9:d4:3b:86:43:c4:fe:c6:35:6e:df:29:fb:b0:dd:
d8:f0:ff:5e:84:5e:21:24:10:00:f2:a0:33:fa:7b:5b:11:92:
98:fd:98:be:5c:07:9f:d0:84:1c:70:06:77:b0:ae:8e:76:89:
7e:50:d0:be:6c:1a:66:8a:4d:ef:a3:d1:04:50:f1:c2:27:62:
6c:2d:b4:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1QiCAxW4kuz7F8qUxyVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhM2M2M2NiZDkzNDgyNWU1NWJiZTM1OWNiNzMwNjg2OWVk
NDUxY2QwHhcNMjMwMTAyMDAxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFkYzUwOTJlOWM2Njc0YmJlNmRkYTIxZWRkOWYyMGM3MDE3NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKZUvCMqTQOQMcKX8IOkX4YqHKRx
OBoSDWYWoXFqb4f/Tnh0j8iR5Ycx3vlkBelJKeF93oWg5Yklji8yomImqwlDSi2r
BsHNgHtoNTf23GTMXqDiEiQltPFy520yBhvs2UqsPHPELBKAXEojO6czqAl+nJBn
vXTxO6z5TSuWQJhZivHHzk27GTtrT3MBu+OaCVUXVF5JJuUcTlrX1EhccW8Lvgag
P7hx3eUjy+8RQnl83gzi9LDGtteeEtGkFum8/p2aePqFkBm4pDI91A6lmxow6mHI
tavzN6JZkxYUoblvPOzbGYyA1mF3ZTLoIz3g4eZW5E6I/U5wIXxA5mS3hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLitxQkunGZ0u+bdoh7dnyDHAXdbMB8GA1UdIwQY
MBaAFDo8Y8vZNIJeVbvjWctzBoae1FHNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2p4ank5azBnbDVWdS1OWnkzTUdocDdVVWMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zNzcwZjgtNjJmZS00MGE1LTk0YjUt
NTQ4ZTdlNGIxMDJiLzEvdUszRkNTNmNablM3NXQyaUh0MmZJTWNCZDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zNzcwZjgtNjJmZS00MGE1LTk0YjUtNTQ4ZTdlNGIxMDJi
LzEvT2p4ank5azBnbDVWdS1OWnkzTUdocDdVVWMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbc78MA0G
CSqGSIb3DQEBCwUAA4IBAQBm/R8vwOZnAzYllPaFMmQ+kVhqEWNNq27ABTt8rz2J
wH+AmzN69etw308RBGb5DlynDVWTHcGWfmNPNdAXOddE2v0MB81G1JGBIWNgDOqh
5/QBCSu/yRw3Znu0SCmSMEDBr+2z7UaADpm21bIlBbzfdPrjsEfgSFUPU7/E9QDU
LVfJojwReY5mKqEL62eno4jZ53KEDIBliXSouqE8ScjqIZbk2z6kRCBQJbJWVEWf
OAxKx+RhBAnZ1DuGQ8T+xjVu3yn7sN3Y8P9ehF4hJBAA8qAz+ntbEZKY/Zi+XAef
0IQccAZ3sK6Odol+UNC+bBpmik3vo9EEUPHCJ2JsLbQp
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:29 2024 by rpki-client on console.sobornost.net