Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/qyemvBw1uqVsKVVvCtMZg1EkixM.roa
File: qyemvBw1uqVsKVVvCtMZg1EkixM.roa (raw, json)
Hash identifier: NCNkt2LAv11YEf4xD76fcFqDFAigbn2XCduLNWJTBR8=
Subject key identifier: AB:27:A6:BC:1C:35:BA:A5:6C:29:55:6F:0A:D3:19:83:51:24:8B:13
Certificate issuer: /CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56
Certificate serial: 01856F94993CCDB7F249085831F7E91D9D39
Authority key identifier: C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/qyemvBw1uqVsKVVvCtMZg1EkixM.roa
Signing time: Sun 01 Jan 2023 23:04:47 +0000
ROA not before: Sun 01 Jan 2023 23:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43809
IP address blocks: 185.215.8.0/22 maxlen: 24
185.8.80.0/22 maxlen: 24
185.184.92.0/22 maxlen: 24
95.128.112.0/21 maxlen: 24
83.171.228.0/22 maxlen: 22
2a0a:9c40::/29 maxlen: 29
2a02:d900::/29 maxlen: 29
2a0f:10c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:99:3c:cd:b7:f2:49:08:58:31:f7:e9:1d:9d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8593923257b20eda4aa4bc3c4a0c30d8490ea56
Validity
Not Before: Jan 1 23:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab27a6bc1c35baa56c29556f0ad3198351248b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:fd:9b:aa:f2:8f:e0:a8:8e:ee:f8:cf:42:
20:88:06:a3:ca:3e:ba:93:43:44:62:f8:6c:8c:f9:
ea:1c:d2:b4:aa:3a:42:7e:de:96:5f:58:76:54:9b:
f0:9e:7f:58:1d:1f:9d:e5:28:4b:40:31:23:c8:4c:
0b:04:f4:b9:81:7f:db:84:ac:d8:f6:0d:f6:73:bb:
43:7c:34:b7:f5:3e:d9:74:fb:06:56:5e:1b:f8:87:
91:d1:44:f3:6c:79:57:18:58:52:2a:0a:3a:ff:ae:
c8:8b:f7:21:2c:6e:22:4a:3a:0f:53:ad:42:73:55:
0a:57:23:4f:1d:09:76:84:6d:ee:b0:0e:8c:ed:47:
73:27:ed:00:8a:0d:dc:a0:02:9f:03:57:33:e2:6b:
6a:4c:19:03:c8:8a:00:11:4e:ac:97:c6:f3:8f:de:
99:57:90:1a:08:17:3c:4d:da:ac:01:59:b9:bf:e4:
60:6a:df:2e:b0:7a:c5:fa:6c:3b:d7:7e:df:89:3c:
db:95:50:60:5d:bb:e8:e3:ae:29:e3:64:3a:ce:52:
38:d4:a3:c3:94:d0:b8:af:dc:c7:9b:60:cb:02:96:
d5:2a:8c:8a:24:af:bc:89:42:d9:67:c9:77:c6:24:
a9:9d:8a:1b:2f:02:bc:4b:39:a6:34:12:f7:e2:55:
a1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:27:A6:BC:1C:35:BA:A5:6C:29:55:6F:0A:D3:19:83:51:24:8B:13
X509v3 Authority Key Identifier:
keyid:C8:59:39:23:25:7B:20:ED:A4:AA:4B:C3:C4:A0:C3:0D:84:90:EA:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/qyemvBw1uqVsKVVvCtMZg1EkixM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a04956-7462-49eb-a9db-dc6be8ce5fb2/1/yFk5IyV7IO2kqkvDxKDDDYSQ6lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.228.0/22
95.128.112.0/21
185.8.80.0/22
185.184.92.0/22
185.215.8.0/22
IPv6:
2a02:d900::/29
2a0a:9c40::/29
2a0f:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:21:9b:6b:e1:f4:e9:33:4f:57:0c:80:c5:d7:b2:ee:d0:03:
59:6c:5e:30:26:20:74:02:be:c4:e1:e7:de:70:0f:9d:fe:fc:
80:ec:9b:e7:7f:3c:5d:93:17:a2:f4:d0:96:3d:c1:3e:bb:6c:
c1:4f:45:c6:c1:d0:de:c2:4d:47:54:c1:9c:cd:10:07:44:ed:
49:38:76:b7:55:6d:0a:bc:49:4f:3a:36:db:56:a4:66:ab:84:
4b:49:e0:08:d5:e2:6d:52:71:a2:8f:1a:90:35:c0:f2:4e:24:
89:1e:de:55:6a:c8:e3:b8:c1:8a:a8:9b:f2:78:18:a4:75:69:
34:bc:f3:13:2c:f3:fa:50:d6:d2:a5:c5:9a:d3:d7:d0:1d:94:
b5:bd:51:3e:4c:bb:75:40:e3:bf:5e:8d:95:fa:3e:04:78:d7:
c0:11:3c:3a:72:a2:bc:ce:b0:4a:70:ec:8d:7b:90:f5:1a:e1:
24:2b:df:4c:8c:9a:4d:93:97:db:16:f0:86:09:09:2d:c7:a0:
4a:c7:e4:36:96:15:91:14:b5:58:a4:42:1c:d0:8f:cb:46:27:
c2:08:43:d8:d6:9e:7a:b9:99:bf:e7:97:5d:a5:61:7d:4e:7a:
ee:e3:a3:f0:0c:a8:ab:34:25:be:b8:ca:f0:46:2c:04:01:12:
44:7a:fa:c4
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVvlJk8zbfySQhYMffpHZ05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTkzOTIzMjU3YjIwZWRhNGFhNGJjM2M0YTBjMzBkODQ5
MGVhNTYwHhcNMjMwMTAxMjMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjI3YTZiYzFjMzViYWE1NmMyOTU1NmYwYWQzMTk4MzUxMjQ4YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiL9m6ryj+Coju74z0IgiAajyj66
k0NEYvhsjPnqHNK0qjpCft6WX1h2VJvwnn9YHR+d5ShLQDEjyEwLBPS5gX/bhKzY
9g32c7tDfDS39T7ZdPsGVl4b+IeR0UTzbHlXGFhSKgo6/67Ii/chLG4iSjoPU61C
c1UKVyNPHQl2hG3usA6M7UdzJ+0Aig3coAKfA1cz4mtqTBkDyIoAEU6sl8bzj96Z
V5AaCBc8TdqsAVm5v+Rgat8usHrF+mw7137fiTzblVBgXbvo464p42Q6zlI41KPD
lNC4r9zHm2DLApbVKoyKJK+8iULZZ8l3xiSpnYobLwK8SzmmNBL34lWhrwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKsnprwcNbqlbClVbwrTGYNRJIsTMB8GA1UdIwQY
MBaAFMhZOSMleyDtpKpLw8Sgww2EkOpWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZrNUl5VjdJTzJrcWt2RHhLREREWVNRNmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hMDQ5NTYtNzQ2Mi00OWViLWE5ZGIt
ZGM2YmU4Y2U1ZmIyLzEvcXllbXZCdzF1cVZzS1ZWdkN0TVpnMUVraXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hMDQ5NTYtNzQ2Mi00OWViLWE5ZGItZGM2YmU4Y2U1ZmIy
LzEveUZrNUl5VjdJTzJrcWt2RHhLREREWVNRNmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCU6vkAwQD
X4BwAwQCuQhQAwQCubhcAwQCudcIMBsEAgACMBUDBQMqAtkAAwUDKgqcQAMFAyoP
EMAwDQYJKoZIhvcNAQELBQADggEBAIchm2vh9OkzT1cMgMXXsu7QA1lsXjAmIHQC
vsTh595wD53+/IDsm+d/PF2TF6L00JY9wT67bMFPRcbB0N7CTUdUwZzNEAdE7Uk4
drdVbQq8SU86NttWpGarhEtJ4AjV4m1ScaKPGpA1wPJOJIke3lVqyOO4wYqom/J4
GKR1aTS88xMs8/pQ1tKlxZrT19AdlLW9UT5Mu3VA479ejZX6PgR418ARPDpyorzO
sEpw7I17kPUa4SQr30yMmk2Tl9sW8IYJCS3HoErH5DaWFZEUtVikQhzQj8tGJ8II
Q9jWnnq5mb/nl12lYX1Oeu7jo/AMqKs0Jb64yvBGLAQBEkR6+sQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net