Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/ImLh4g_brhCBMcmkH0H3w5CCr9g.roa
File: ImLh4g_brhCBMcmkH0H3w5CCr9g.roa (raw, json)
Hash identifier: 2DgotxDcTiKVTJQh1NyIZJH1jucUmdt1B4b9OFV/lhg=
Subject key identifier: 22:62:E1:E2:0F:DB:AE:10:81:31:C9:A4:1F:41:F7:C3:90:82:AF:D8
Certificate issuer: /CN=07c40d70160f308642129a1b72ae5ae52db883c4
Certificate serial: 0185710C1C3DC830278380CE5ADA1C970178
Authority key identifier: 07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/ImLh4g_brhCBMcmkH0H3w5CCr9g.roa
Signing time: Mon 02 Jan 2023 05:54:57 +0000
ROA not before: Mon 02 Jan 2023 05:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48166
IP address blocks: 91.210.84.0/22 maxlen: 22
178.213.192.0/21 maxlen: 21
185.61.92.0/22 maxlen: 22
91.133.0.0/19 maxlen: 19
5.250.232.0/21 maxlen: 21
89.22.16.0/20 maxlen: 20
194.9.224.0/20 maxlen: 20
2a02:7760::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1c:3d:c8:30:27:83:80:ce:5a:da:1c:97:01:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07c40d70160f308642129a1b72ae5ae52db883c4
Validity
Not Before: Jan 2 05:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2262e1e20fdbae108131c9a41f41f7c39082afd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6e:2e:06:ed:89:79:e9:ac:88:ab:8c:51:96:
16:b5:e2:7f:78:f3:f2:8a:da:27:38:4f:2b:bf:14:
85:ea:32:0e:0b:41:52:58:c3:d5:44:42:40:ff:b8:
60:a3:90:0d:3e:ea:0b:ac:89:7d:e1:52:e7:88:f4:
69:e0:72:07:4d:65:d4:ce:27:45:7d:cd:67:0a:42:
74:99:a4:f8:8d:c5:b7:c0:6a:bf:98:5d:15:d0:cb:
6d:96:b0:6c:09:b2:ac:d2:cd:47:34:75:86:2c:a5:
d3:4d:c6:f3:b7:3f:97:fe:0f:50:bb:d7:76:c3:fe:
1e:91:7e:1f:55:fb:be:a0:35:98:74:a0:d0:bc:bd:
d8:2f:33:cf:cf:f9:c9:fc:cf:f8:14:c1:e0:ed:ff:
15:a1:da:1f:7c:a8:9f:e2:a4:5f:84:58:f0:a8:ed:
ff:87:a0:50:fc:84:e1:b2:c2:5c:ed:9f:5d:b9:8c:
17:84:54:45:ff:42:09:82:2b:04:1c:0b:bf:0d:ae:
00:48:4d:37:93:65:80:ba:fb:6d:3a:e4:bc:c7:3b:
90:f3:fc:b0:24:97:44:1b:35:57:6a:10:d2:28:ed:
94:e8:72:11:aa:eb:ee:e5:02:b9:42:73:59:8d:b7:
df:64:be:8f:ad:a4:9d:d8:36:4e:3c:35:2f:80:0e:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:62:E1:E2:0F:DB:AE:10:81:31:C9:A4:1F:41:F7:C3:90:82:AF:D8
X509v3 Authority Key Identifier:
keyid:07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/ImLh4g_brhCBMcmkH0H3w5CCr9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.232.0/21
89.22.16.0/20
91.133.0.0/19
91.210.84.0/22
178.213.192.0/21
185.61.92.0/22
194.9.224.0/20
IPv6:
2a02:7760::/32
Signature Algorithm: sha256WithRSAEncryption
86:54:6f:93:cf:9c:3e:1c:b9:51:1e:15:c9:61:95:d4:87:2f:
f6:bf:79:04:b4:5a:c4:1a:1e:9c:73:e3:b0:7e:e4:64:4f:ee:
1e:94:db:c9:e9:fc:40:d0:26:32:82:d2:40:1f:68:c4:0f:79:
6e:55:92:a2:17:4d:97:83:46:9b:76:d2:bd:f9:fd:ee:8e:5c:
d4:e6:cf:63:db:61:0d:52:dd:d6:8a:1f:b6:e2:07:a1:bf:10:
60:ed:ee:92:51:a4:e8:96:b6:de:6d:af:3a:57:40:c8:2f:fd:
f9:d7:1f:62:b5:69:d9:bf:fc:0f:46:b8:f9:48:15:df:e2:ef:
ef:8d:14:34:73:8e:61:6d:c7:33:7e:3c:f3:58:fc:15:90:10:
4d:61:91:ce:92:e5:df:0e:02:63:71:55:f3:72:c6:31:c7:9b:
9d:07:ee:34:df:fe:4e:59:e9:95:a9:fc:4f:23:28:cb:69:c0:
97:03:ac:5a:73:40:6a:ec:1c:4a:7d:b8:69:4d:8d:bc:79:2b:
f9:e7:08:65:da:7f:2e:e1:33:c8:5e:08:81:82:f4:93:a6:a3:
e3:bd:ea:de:50:ec:15:84:5b:0a:36:b3:fc:d3:5b:8a:dd:fa:
99:e7:d7:72:a6:3c:68:9b:01:b3:53:b5:d5:6d:45:ac:e0:54:
61:ea:22:c5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVxDBw9yDAng4DOWtoclwF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YzQwZDcwMTYwZjMwODY0MjEyOWExYjcyYWU1YWU1MmRi
ODgzYzQwHhcNMjMwMTAyMDU1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjYyZTFlMjBmZGJhZTEwODEzMWM5YTQxZjQxZjdjMzkwODJhZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm4uBu2JeemsiKuMUZYWteJ/ePPy
itonOE8rvxSF6jIOC0FSWMPVREJA/7hgo5ANPuoLrIl94VLniPRp4HIHTWXUzidF
fc1nCkJ0maT4jcW3wGq/mF0V0MttlrBsCbKs0s1HNHWGLKXTTcbztz+X/g9Qu9d2
w/4ekX4fVfu+oDWYdKDQvL3YLzPPz/nJ/M/4FMHg7f8VodoffKif4qRfhFjwqO3/
h6BQ/IThssJc7Z9duYwXhFRF/0IJgisEHAu/Da4ASE03k2WAuvttOuS8xzuQ8/yw
JJdEGzVXahDSKO2U6HIRquvu5QK5QnNZjbffZL6PraSd2DZOPDUvgA7ZFwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCJi4eIP264QgTHJpB9B98OQgq/YMB8GA1UdIwQY
MBaAFAfEDXAWDzCGQhKaG3KuWuUtuIPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUt
OTdkY2JiMDA4NmUzLzEvSW1MaDRnX2JyaENCTWNta0gwSDN3NUNDcjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUz
LzEvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBfroAwQE
WRYQAwQFW4UAAwQCW9JUAwQDstXAAwQCuT1cAwQEwgngMA0EAgACMAcDBQAqAndg
MA0GCSqGSIb3DQEBCwUAA4IBAQCGVG+Tz5w+HLlRHhXJYZXUhy/2v3kEtFrEGh6c
c+OwfuRkT+4elNvJ6fxA0CYygtJAH2jED3luVZKiF02Xg0abdtK9+f3ujlzU5s9j
22ENUt3Wih+24gehvxBg7e6SUaTolrbeba86V0DIL/351x9itWnZv/wPRrj5SBXf
4u/vjRQ0c45hbcczfjzzWPwVkBBNYZHOkuXfDgJjcVXzcsYxx5udB+403/5OWemV
qfxPIyjLacCXA6xac0Bq7BxKfbhpTY28eSv55whl2n8u4TPIXgiBgvSTpqPjvere
UOwVhFsKNrP801uK3fqZ59dypjxomwGzU7XVbUWs4FRh6iLF
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net