Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/tB9887n5ir6LxsgMkivauxSGL40.roa
File: tB9887n5ir6LxsgMkivauxSGL40.roa (raw, json)
Hash identifier: UrdPX0xJLQVuVHH2qbrwz6NUp/nuchQEa37PZbAvK9w=
Subject key identifier: B4:1F:7C:F3:B9:F9:8A:BE:8B:C6:C8:0C:92:2B:DA:BB:14:86:2F:8D
Certificate issuer: /CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Certificate serial: 0188FD2CE1FA648BEA3220BFD2BA873A8BC3
Authority key identifier: 29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/tB9887n5ir6LxsgMkivauxSGL40.roa
Signing time: Tue 27 Jun 2023 14:05:57 +0000
ROA not before: Tue 27 Jun 2023 14:05:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63949
IP address blocks: 151.236.216.0/21 maxlen: 24
80.85.84.0/22 maxlen: 24
176.58.96.0/19 maxlen: 24
212.71.232.0/21 maxlen: 24
212.71.244.0/22 maxlen: 24
194.233.160.0/21 maxlen: 24
192.53.112.0/21 maxlen: 24
194.233.168.0/21 maxlen: 24
212.71.248.0/21 maxlen: 24
85.159.208.0/21 maxlen: 24
88.80.184.0/21 maxlen: 24
192.53.124.0/22 maxlen: 24
194.233.176.0/21 maxlen: 24
192.53.120.0/22 maxlen: 24
109.237.24.0/22 maxlen: 24
194.233.184.0/21 maxlen: 24
192.46.208.0/21 maxlen: 24
192.46.216.0/22 maxlen: 24
192.46.222.0/23 maxlen: 24
192.46.220.0/23 maxlen: 24
192.46.224.0/21 maxlen: 24
192.46.232.0/21 maxlen: 24
192.53.160.0/21 maxlen: 24
192.53.168.0/23 maxlen: 24
192.53.172.0/22 maxlen: 24
192.53.170.0/23 maxlen: 24
213.52.128.0/22 maxlen: 24
178.79.128.0/18 maxlen: 24
85.90.244.0/22 maxlen: 24
212.111.40.0/22 maxlen: 24
185.3.92.0/22 maxlen: 24
194.195.112.0/21 maxlen: 24
194.195.120.0/21 maxlen: 24
213.219.36.0/22 maxlen: 24
109.74.192.0/20 maxlen: 24
194.195.208.0/21 maxlen: 24
194.195.216.0/21 maxlen: 24
213.168.248.0/22 maxlen: 24
194.195.240.0/21 maxlen: 24
194.195.248.0/21 maxlen: 24
2a01:7e02::/32 maxlen: 48
2a01:7e01::/32 maxlen: 48
2a01:7e04::/32 maxlen: 48
2a01:7e03::/32 maxlen: 48
2a01:7e00::/31 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:2c:e1:fa:64:8b:ea:32:20:bf:d2:ba:87:3a:8b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Validity
Not Before: Jun 27 14:05:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b41f7cf3b9f98abe8bc6c80c922bdabb14862f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:90:24:17:68:bd:15:f9:8a:d9:9f:a0:fd:de:
ad:9f:94:2f:70:f6:9b:3a:94:52:86:15:27:e7:1e:
9d:4a:1c:71:e3:6d:78:09:ea:ab:6b:72:c3:99:5a:
16:02:3b:fe:87:9a:ab:6c:ab:79:fe:aa:af:e2:48:
58:c4:ba:29:84:33:e8:e8:2f:c7:51:25:8c:e4:93:
42:f6:b5:f8:c6:45:44:78:91:b5:2d:ed:80:54:ba:
4f:0a:2f:36:b9:98:45:e2:17:3c:3d:82:d2:94:a5:
c3:aa:b1:0b:71:a0:f7:f3:71:b1:52:d1:bd:73:97:
af:97:53:95:f5:14:29:84:91:45:df:a5:60:9d:d4:
31:88:be:8e:e3:6a:57:61:1f:3e:fb:b8:c4:68:36:
36:55:85:f9:47:af:1f:21:95:67:19:54:e4:37:00:
78:42:55:8b:9c:2b:55:81:0f:9e:4f:12:18:48:ab:
65:f2:8f:15:fd:b2:69:d4:9a:de:dd:be:f6:42:ca:
b6:ba:72:e9:d0:ce:a0:f7:0c:08:9e:c3:01:fd:59:
cb:43:2e:bb:22:2a:f1:a5:aa:b1:f4:ca:38:69:d7:
09:cd:dd:d4:d9:43:f4:fb:9b:86:e5:41:1e:b4:96:
fd:10:fe:71:e3:ba:85:a5:db:20:70:5b:f6:61:ec:
7a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1F:7C:F3:B9:F9:8A:BE:8B:C6:C8:0C:92:2B:DA:BB:14:86:2F:8D
X509v3 Authority Key Identifier:
keyid:29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/tB9887n5ir6LxsgMkivauxSGL40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.84.0/22
85.90.244.0/22
85.159.208.0/21
88.80.184.0/21
109.74.192.0/20
109.237.24.0/22
151.236.216.0/21
176.58.96.0/19
178.79.128.0/18
185.3.92.0/22
192.46.208.0-192.46.239.255
192.53.112.0/20
192.53.160.0/20
194.195.112.0/20
194.195.208.0/20
194.195.240.0/20
194.233.160.0/19
212.71.232.0/21
212.71.244.0-212.71.255.255
212.111.40.0/22
213.52.128.0/22
213.168.248.0/22
213.219.36.0/22
IPv6:
2a01:7e00::-2a01:7e04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:34:e1:14:30:08:da:3d:10:70:f3:ce:09:d7:d7:9f:89:33:
84:ee:eb:8a:c9:3b:32:47:86:c4:ec:a5:99:ee:65:2e:14:7f:
35:d8:b3:af:6b:3f:db:6c:84:99:f5:48:f1:a0:ef:3b:c8:2e:
b0:59:f9:b2:17:30:de:e2:80:89:60:e2:bf:de:ee:5b:93:fe:
6a:cd:0d:de:35:09:58:78:d3:8b:be:94:55:d3:28:df:8d:26:
b7:4a:72:c7:53:17:f4:36:23:09:40:15:0e:ac:e3:0b:a4:c2:
64:b7:3d:2b:02:5a:38:4c:5a:ea:7c:05:8c:42:a7:c2:c3:b3:
f7:55:e3:ac:e5:be:33:5e:4e:00:40:94:6f:73:ba:74:f0:ae:
ff:49:42:2a:32:f3:90:4d:d5:7a:39:d5:10:18:f2:dd:27:a3:
c9:0e:f9:2b:da:b3:4d:48:fc:4c:9d:ce:bc:7c:c0:72:24:e4:
01:72:a7:f8:13:16:d8:e2:18:18:02:28:64:05:2c:06:66:ec:
40:56:1c:6b:9a:4d:5a:a3:d6:6e:c6:67:98:a3:57:08:3a:7e:
90:d8:d1:e6:38:04:ef:ed:a7:90:33:d3:7a:e3:7a:c6:5f:8f:
db:44:6f:25:a9:9f:89:e8:df:e1:d1:8b:68:6f:a3:ea:e2:29:
21:05:ee:24
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYj9LOH6ZIvqMiC/0rqHOovDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YWQ4YmZlMDdhZDVkMmNjYjQzYjBkMWRiYTZiMTkyY2I1
MWRiZWEwHhcNMjMwNjI3MTQwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFmN2NmM2I5Zjk4YWJlOGJjNmM4MGM5MjJiZGFiYjE0ODYyZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pAkF2i9FfmK2Z+g/d6tn5QvcPab
OpRShhUn5x6dShxx4214Ceqra3LDmVoWAjv+h5qrbKt5/qqv4khYxLophDPo6C/H
USWM5JNC9rX4xkVEeJG1Le2AVLpPCi82uZhF4hc8PYLSlKXDqrELcaD383GxUtG9
c5evl1OV9RQphJFF36VgndQxiL6O42pXYR8++7jEaDY2VYX5R68fIZVnGVTkNwB4
QlWLnCtVgQ+eTxIYSKtl8o8V/bJp1Jre3b72Qsq2unLp0M6g9wwInsMB/VnLQy67
Iirxpaqx9Mo4adcJzd3U2UP0+5uG5UEetJb9EP5x47qFpdsgcFv2Yex6fwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFLQffPO5+Yq+i8bIDJIr2rsUhi+NMB8GA1UdIwQY
MBaAFCmti/4HrV0sy0Ow0dumsZLLUdvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTkt
Mzc4NDk5Mzk4ZjE4LzEvdEI5ODg3bjVpcjZMeHNnTWtpdmF1eFNHTDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTktMzc4NDk5Mzk4ZjE4
LzEvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBoAQCAAEwgZkDBAJQ
VVQDBAJVWvQDBANVn9ADBANYULgDBARtSsADBAJt7RgDBAOX7NgDBAWwOmADBAay
T4ADBAK5A1wwDAMEBMAu0AMEBMAu4AMEBMA1cAMEBMA1oAMEBMLDcAMEBMLD0AME
BMLD8AMEBcLpoAMEA9RH6DALAwQC1Ef0AwMD1EADBALUbygDBALVNIADBALVqPgD
BALV2yQwFQQCAAIwDzANAwQBKgF+AwUAKgF+BDANBgkqhkiG9w0BAQsFAAOCAQEA
EzThFDAI2j0QcPPOCdfXn4kzhO7risk7MkeGxOylme5lLhR/Ndizr2s/22yEmfVI
8aDvO8gusFn5shcw3uKAiWDiv97uW5P+as0N3jUJWHjTi76UVdMo340mt0pyx1MX
9DYjCUAVDqzjC6TCZLc9KwJaOExa6nwFjEKnwsOz91XjrOW+M15OAECUb3O6dPCu
/0lCKjLzkE3VejnVEBjy3SejyQ75K9qzTUj8TJ3OvHzAciTkAXKn+BMW2OIYGAIo
ZAUsBmbsQFYca5pNWqPWbsZnmKNXCDp+kNjR5jgE7+2nkDPTeuN6xl+P20RvJamf
iejf4dGLaG+j6uIpIQXuJA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:26 2023 by rpki-client on console.sobornost.net