Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/1RdSM9kM0J2KwyyW_7f_p25nz2o.roa
File: 1RdSM9kM0J2KwyyW_7f_p25nz2o.roa (raw, json)
Hash identifier: iIazIeVmb6bBM5Bz9qEdOQblpHE7psm2+E7gqpx7JbE=
Subject key identifier: D5:17:52:33:D9:0C:D0:9D:8A:C3:2C:96:FF:B7:FF:A7:6E:67:CF:6A
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A3B38E6C594FD006172238206A93AB62E
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/1RdSM9kM0J2KwyyW_7f_p25nz2o.roa
Signing time: Mon 28 Aug 2023 08:18:19 +0000
ROA not before: Mon 28 Aug 2023 08:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.224.56.0/22 maxlen: 24
185.57.168.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
84.19.128.0/20 maxlen: 24
91.192.252.0/22 maxlen: 24
91.224.36.0/23 maxlen: 24
193.41.118.0/23 maxlen: 24
84.19.144.0/21 maxlen: 24
185.114.104.0/22 maxlen: 24
188.65.152.0/21 maxlen: 24
193.254.192.0/23 maxlen: 24
45.137.208.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:38:e6:c5:94:fd:00:61:72:23:82:06:a9:3a:b6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 28 08:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5175233d90cd09d8ac32c96ffb7ffa76e67cf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7f:56:79:7e:ae:6e:71:e6:0a:e7:cc:35:b4:
0a:89:13:ca:c4:f5:ba:f1:87:1f:a5:2b:ca:c3:0c:
63:0e:11:a1:e0:8f:e6:4b:a6:bb:74:f3:56:73:b5:
fb:38:84:15:73:86:20:8c:95:25:81:33:ca:8d:46:
aa:00:39:06:56:67:f8:57:0c:71:46:62:05:7b:e1:
37:c6:e5:f1:6d:e1:6f:ec:42:b5:39:ac:ad:64:0b:
d9:37:c6:c4:fe:30:dc:f8:1a:a3:94:7c:89:86:aa:
3d:f2:67:4a:9f:6f:0a:8a:d5:91:8a:b1:4f:ae:a7:
ee:41:6b:cd:2b:70:9a:79:72:88:85:e3:c5:18:2b:
cb:52:a7:56:4e:90:f4:ed:33:82:6b:71:7d:0b:0a:
2f:5a:f8:4e:5a:6b:7a:72:c5:ff:4a:9f:e8:98:85:
b7:7d:12:7a:3d:7d:95:af:89:2a:30:b0:e5:4b:9a:
d0:97:e0:dd:9d:0c:09:66:84:90:39:82:99:9b:21:
16:61:3e:07:4f:ac:29:7f:ad:00:ac:f4:e7:22:d5:
be:e3:e1:43:ea:c6:c4:9b:77:a1:b7:b4:aa:68:2f:
20:b6:32:e2:84:c1:c9:ce:86:ae:fd:b0:84:91:b5:
0a:1e:a0:45:6f:8d:71:83:6f:57:82:d5:39:99:e5:
dd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:17:52:33:D9:0C:D0:9D:8A:C3:2C:96:FF:B7:FF:A7:6E:67:CF:6A
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/1RdSM9kM0J2KwyyW_7f_p25nz2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
84.19.128.0-84.19.151.255
91.192.252.0/22
91.224.36.0/23
185.56.212.0/22
185.57.168.0/22
185.114.104.0/22
185.224.56.0/22
188.65.152.0/21
193.41.118.0/23
193.254.192.0/23
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
67:ac:ae:a4:8e:e7:e7:92:6d:2e:26:4a:fb:f4:f6:7c:9c:4e:
75:da:a7:a8:ab:af:c6:2f:25:0e:3f:46:92:18:b0:57:39:23:
f6:97:05:93:45:67:96:4f:bc:51:d0:b4:b7:e5:47:7b:99:8b:
dd:8d:21:e3:71:58:87:11:6e:99:88:69:c5:48:93:f2:c9:4d:
0e:2f:d5:b2:20:fd:ff:88:5c:25:2f:32:ef:14:ce:5e:8c:a3:
1e:eb:39:61:2e:07:77:70:dc:4b:cf:fe:b2:9c:96:0e:41:66:
bb:25:12:50:ed:c5:21:fe:50:ff:e1:62:0f:ce:5e:82:0b:7f:
c0:25:92:5c:f2:7a:3a:fc:20:81:e2:70:ee:d8:fa:5e:12:17:
7b:3a:ef:1f:43:71:8c:41:cb:87:20:f7:29:37:4c:f3:47:39:
e0:2d:63:34:b7:8a:55:29:47:63:c5:8a:32:47:b4:9e:39:00:
0a:76:08:8d:70:fa:05:07:7b:d4:c9:cb:42:05:0d:55:19:ee:
5d:43:d2:2b:ff:b9:67:97:b0:4a:7a:8e:53:7f:99:66:dd:32:
72:11:7b:97:19:2a:64:91:20:b6:d8:dc:0b:6a:52:b6:32:fa:
86:08:5e:1b:03:91:eb:45:0e:bf:3f:72:e4:49:c2:ff:e9:45:
9c:ab:ca:c1
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYo7OObFlP0AYXIjggapOrYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODI4MDgxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTE3NTIzM2Q5MGNkMDlkOGFjMzJjOTZmZmI3ZmZhNzZlNjdjZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH9WeX6ubnHmCufMNbQKiRPKxPW6
8YcfpSvKwwxjDhGh4I/mS6a7dPNWc7X7OIQVc4YgjJUlgTPKjUaqADkGVmf4Vwxx
RmIFe+E3xuXxbeFv7EK1OaytZAvZN8bE/jDc+BqjlHyJhqo98mdKn28KitWRirFP
rqfuQWvNK3CaeXKIhePFGCvLUqdWTpD07TOCa3F9CwovWvhOWmt6csX/Sp/omIW3
fRJ6PX2Vr4kqMLDlS5rQl+DdnQwJZoSQOYKZmyEWYT4HT6wpf60ArPTnItW+4+FD
6sbEm3eht7SqaC8gtjLihMHJzoau/bCEkbUKHqBFb41xg29XgtU5meXdPwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNUXUjPZDNCdisMslv+3/6duZ89qMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvMVJkU005a00wSjJLd3l5V183Zl9wMjVuejJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBWBAIAATBQAwQCLYnQ
AwQEUcnQMAwDBAdUE4ADBANUE5ADBAJbwPwDBAFb4CQDBAK5ONQDBAK5OagDBAK5
cmgDBAK54DgDBAO8QZgDBAHBKXYDBAHB/sAwMgQCAAIwLAMFAyoA6QADBQAqAUQA
AwUAKgJRIDAOAwUHKgv9gAMFACoL/YIDBQAqC/2HMA0GCSqGSIb3DQEBCwUAA4IB
AQBnrK6kjufnkm0uJkr79PZ8nE512qeoq6/GLyUOP0aSGLBXOSP2lwWTRWeWT7xR
0LS35Ud7mYvdjSHjcViHEW6ZiGnFSJPyyU0OL9WyIP3/iFwlLzLvFM5ejKMe6zlh
Lgd3cNxLz/6ynJYOQWa7JRJQ7cUh/lD/4WIPzl6CC3/AJZJc8no6/CCB4nDu2Ppe
Ehd7Ou8fQ3GMQcuHIPcpN0zzRzngLWM0t4pVKUdjxYoyR7SeOQAKdgiNcPoFB3vU
yctCBQ1VGe5dQ9Ir/7lnl7BKeo5Tf5lm3TJyEXuXGSpkkSC22NwLalK2MvqGCF4b
A5HrRQ6/P3LkScL/6UWcq8rB
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:36:33 2024 by rpki-client on console.sobornost.net