Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/rsigXMoWsqPBOeVm7sgx0954fnA.roa
File: rsigXMoWsqPBOeVm7sgx0954fnA.roa (raw, json)
Hash identifier: 9bMvbXZcNgOI+iyCwwDhy03DooYM4YNHQSTFRCX3S+s=
Subject key identifier: AE:C8:A0:5C:CA:16:B2:A3:C1:39:E5:66:EE:C8:31:D3:DE:78:7E:70
Certificate issuer: /CN=493289256e3388777d95e4d531567ce3672a149a
Certificate serial: 01856F94C0DFF7822C98451AC9FA4083794C
Authority key identifier: 49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/rsigXMoWsqPBOeVm7sgx0954fnA.roa
Signing time: Sun 01 Jan 2023 23:04:57 +0000
ROA not before: Sun 01 Jan 2023 23:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 194.145.180.0/22 maxlen: 22
185.85.164.0/22 maxlen: 22
2a03:7460::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c0:df:f7:82:2c:98:45:1a:c9:fa:40:83:79:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493289256e3388777d95e4d531567ce3672a149a
Validity
Not Before: Jan 1 23:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec8a05cca16b2a3c139e566eec831d3de787e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a7:f6:95:a1:89:0e:5b:7e:e7:4a:2e:17:70:
e4:23:cc:09:e1:ea:4e:48:c6:4c:08:f8:11:03:38:
d6:58:d1:4e:38:d0:8b:56:4f:b4:5f:97:35:fe:6a:
80:e1:86:a3:d1:cb:4d:ec:ed:41:d4:05:cc:b9:a7:
2d:de:67:3f:eb:df:94:58:30:e9:b2:07:52:60:d3:
cd:b0:95:d5:0f:0e:01:9b:b4:26:49:58:df:c2:b7:
1c:6d:49:f8:3f:99:7f:39:32:f5:8a:d8:57:ae:07:
f6:85:0a:f8:63:a7:35:aa:76:82:d3:cd:97:ec:45:
4a:ce:66:6b:33:23:7a:b2:af:17:be:89:ae:d5:e4:
33:d2:ee:9d:8b:ac:41:44:71:89:2c:34:2d:cd:cf:
05:6f:cb:b4:bc:74:d2:ec:14:0e:12:aa:60:db:64:
26:58:c5:d8:17:b1:9d:34:d8:6b:a4:c1:50:a8:01:
f8:67:88:d5:aa:dd:d7:e3:9a:2c:68:d6:53:30:86:
1a:fc:ef:d4:e1:d8:77:30:af:f5:88:32:2e:3c:1f:
56:fc:f1:a3:e4:2b:37:17:35:a2:a4:6b:29:99:42:
e0:47:7b:e6:12:34:ca:c8:e9:7a:90:12:89:04:16:
ad:06:cc:4c:a1:9b:23:62:3a:fe:db:64:fc:b8:b9:
75:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C8:A0:5C:CA:16:B2:A3:C1:39:E5:66:EE:C8:31:D3:DE:78:7E:70
X509v3 Authority Key Identifier:
keyid:49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/rsigXMoWsqPBOeVm7sgx0954fnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.164.0/22
194.145.180.0/22
IPv6:
2a03:7460::/32
Signature Algorithm: sha256WithRSAEncryption
2e:7a:9b:67:b7:de:30:d4:cf:9a:64:f1:cb:1d:0e:d6:0f:75:
52:1e:c5:21:7b:6b:ba:06:41:79:95:3e:de:79:4b:84:a9:b9:
1d:ce:df:09:50:72:c1:13:c9:6b:7e:a5:d8:63:d0:aa:60:a1:
53:51:0a:0c:aa:b5:b1:c2:82:80:09:49:eb:f7:8a:29:d4:ae:
02:9f:12:22:ec:ad:ed:b3:81:be:d0:55:92:ed:18:f9:c1:a1:
ef:2a:30:52:ca:4f:66:0a:54:2d:3c:cf:7b:6b:ae:34:25:e4:
72:15:61:fd:51:8b:7b:ec:d4:7e:16:e6:29:7a:a0:b3:e3:b0:
9d:4d:5a:69:9e:63:49:60:bf:57:09:65:48:d7:3e:4e:48:5c:
28:d2:ba:ca:e6:3d:50:20:d3:0b:14:18:f9:c6:c5:9a:3d:1e:
08:2a:36:a0:4e:33:f0:a2:f4:42:3a:0a:5b:d1:ec:8b:3c:6f:
7a:05:4b:d3:96:28:66:bf:40:73:b0:93:3c:ad:c1:4e:0d:85:
e6:f3:dd:2f:06:58:78:7a:9a:2d:64:26:47:55:8a:e5:22:40:
00:53:5d:50:03:04:29:f3:53:fa:a5:75:18:50:7a:63:e0:af:
95:a6:f4:65:00:af:65:2e:5f:6a:c7:bb:e8:83:03:cd:a8:9e:
de:d2:a7:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvlMDf94IsmEUayfpAg3lMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzI4OTI1NmUzMzg4Nzc3ZDk1ZTRkNTMxNTY3Y2UzNjcy
YTE0OWEwHhcNMjMwMTAxMjMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM4YTA1Y2NhMTZiMmEzYzEzOWU1NjZlZWM4MzFkM2RlNzg3ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6f2laGJDlt+50ouF3DkI8wJ4epO
SMZMCPgRAzjWWNFOONCLVk+0X5c1/mqA4Yaj0ctN7O1B1AXMuact3mc/69+UWDDp
sgdSYNPNsJXVDw4Bm7QmSVjfwrccbUn4P5l/OTL1ithXrgf2hQr4Y6c1qnaC082X
7EVKzmZrMyN6sq8Xvomu1eQz0u6di6xBRHGJLDQtzc8Fb8u0vHTS7BQOEqpg22Qm
WMXYF7GdNNhrpMFQqAH4Z4jVqt3X45osaNZTMIYa/O/U4dh3MK/1iDIuPB9W/PGj
5Cs3FzWipGspmULgR3vmEjTKyOl6kBKJBBatBsxMoZsjYjr+22T8uLl1BwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK7IoFzKFrKjwTnlZu7IMdPeeH5wMB8GA1UdIwQY
MBaAFEkyiSVuM4h3fZXk1TFWfONnKhSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEt
ZDRkOWEyZTYwZTY0LzEvcnNpZ1hNb1dzcVBCT2VWbTdzZ3gwOTU0Zm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEtZDRkOWEyZTYwZTY0
LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVWkAwQC
wpG0MA0EAgACMAcDBQAqA3RgMA0GCSqGSIb3DQEBCwUAA4IBAQAueptnt94w1M+a
ZPHLHQ7WD3VSHsUhe2u6BkF5lT7eeUuEqbkdzt8JUHLBE8lrfqXYY9CqYKFTUQoM
qrWxwoKACUnr94op1K4CnxIi7K3ts4G+0FWS7Rj5waHvKjBSyk9mClQtPM97a640
JeRyFWH9UYt77NR+FuYpeqCz47CdTVppnmNJYL9XCWVI1z5OSFwo0rrK5j1QINML
FBj5xsWaPR4IKjagTjPwovRCOgpb0eyLPG96BUvTlihmv0BzsJM8rcFODYXm890v
Blh4epotZCZHVYrlIkAAU11QAwQp81P6pXUYUHpj4K+VpvRlAK9lLl9qx7vogwPN
qJ7e0qdu
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:56 2024 by rpki-client on console.sobornost.net