Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/y5c0OKey8iJ3tajciH4y2270i9c.roa
File: y5c0OKey8iJ3tajciH4y2270i9c.roa (raw, json)
Hash identifier: r/TvRdJGfkXMJXPsm8Cwh3bCRNeJkekQSbK+vGAESnI=
Subject key identifier: CB:97:34:38:A7:B2:F2:22:77:B5:A8:DC:88:7E:32:DB:6E:F4:8B:D7
Certificate issuer: /CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Certificate serial: 01856EB8E1FF16EA024153F6DAE358E6152E
Authority key identifier: 04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/y5c0OKey8iJ3tajciH4y2270i9c.roa
Signing time: Sun 01 Jan 2023 19:04:48 +0000
ROA not before: Sun 01 Jan 2023 19:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39104
IP address blocks: 185.234.80.0/22 maxlen: 22
158.255.64.0/21 maxlen: 21
185.8.28.0/22 maxlen: 22
195.60.188.0/23 maxlen: 23
185.189.156.0/22 maxlen: 22
2a0d:700::/29 maxlen: 29
2a03:c580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e1:ff:16:ea:02:41:53:f6:da:e3:58:e6:15:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Validity
Not Before: Jan 1 19:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb973438a7b2f22277b5a8dc887e32db6ef48bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8c:39:70:d5:27:23:57:a1:67:29:18:5d:da:
0d:e1:21:dd:29:54:1b:33:2e:ac:c9:27:25:b9:45:
ac:e9:0d:13:4c:4d:91:9a:66:d6:e5:09:b4:bf:9f:
5c:03:cb:3f:dd:af:d7:b6:27:1f:a6:bb:ba:48:69:
56:bd:7f:f5:ef:ac:57:7c:40:76:41:ae:50:cc:40:
3e:a2:90:e7:19:7b:ad:70:45:51:d6:dc:c4:5a:71:
e3:49:27:b1:ad:39:0f:49:93:94:52:d4:45:04:6b:
d0:d4:fd:64:6d:c2:89:0f:b4:af:d3:fe:31:e2:79:
4e:ab:2a:76:d7:b1:71:6e:88:4b:12:66:26:f3:c6:
1d:84:fb:41:31:13:48:d0:ef:6a:b5:14:e0:bf:5c:
63:54:12:6d:0c:91:91:53:bd:70:78:e0:fc:ff:ab:
7d:69:8f:fd:46:b2:f6:d6:60:87:ab:03:10:e7:57:
2e:e2:9e:14:d7:2b:58:85:e5:b3:a6:8a:c8:f0:4b:
87:e7:1b:c0:51:d3:0b:58:eb:7a:ca:99:49:18:69:
eb:88:38:10:32:a8:5e:e1:19:73:08:d6:05:77:5b:
fd:8f:34:ad:e2:3d:db:0f:78:ce:b8:7c:c6:ad:3b:
08:af:c6:5b:9b:bf:7d:64:3d:c1:22:d9:ae:e9:5d:
03:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:97:34:38:A7:B2:F2:22:77:B5:A8:DC:88:7E:32:DB:6E:F4:8B:D7
X509v3 Authority Key Identifier:
keyid:04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/y5c0OKey8iJ3tajciH4y2270i9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.64.0/21
185.8.28.0/22
185.189.156.0/22
185.234.80.0/22
195.60.188.0/23
IPv6:
2a03:c580::/32
2a0d:700::/29
Signature Algorithm: sha256WithRSAEncryption
f6:72:bb:f7:4c:bb:ae:6c:d1:5c:ae:ca:46:8b:02:1b:23:13:
6a:b6:ef:42:a5:56:ee:39:f6:ca:45:ff:d1:86:82:63:73:97:
3b:0a:a3:87:93:81:a5:5d:db:6e:bb:b4:05:fc:49:e3:b9:ee:
0a:81:43:bc:a6:4a:9c:9c:c0:b0:93:84:fd:92:41:b1:f8:5d:
51:63:b4:29:e0:98:1c:51:67:f5:db:49:f8:fa:ab:25:63:fc:
5c:e1:3b:fa:31:95:70:9e:ca:da:f3:21:98:fb:75:e9:3f:53:
e3:c9:e1:b9:6c:58:78:9c:50:b2:2f:d9:75:5b:96:0d:f5:dc:
59:5b:f3:10:3b:42:65:42:b5:d1:c2:80:4b:09:7b:df:98:2c:
f3:e0:55:6d:9b:0d:5d:0e:67:94:55:af:ab:cc:95:9c:d2:1f:
2b:cc:bb:7a:1a:f9:14:79:a1:c6:4e:eb:04:20:22:98:5c:f4:
3f:10:7e:f6:81:5f:c6:d7:ee:2f:ea:e6:55:c9:ef:72:0e:32:
49:88:ec:31:3b:e6:73:1f:f7:03:9f:13:c5:7c:d2:66:ba:64:
11:c3:4b:03:63:91:c9:4c:d6:0f:0e:0b:0b:d6:08:5c:8c:28:
ff:ce:6f:2d:32:81:fb:da:8c:d5:98:c9:35:53:c5:6f:14:b1:
ba:1e:ae:b8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVuuOH/FuoCQVP22uNY5hUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjRjMTE2NTgxOGE0MzJmNzk3YzhkZGY0YjUzMDdiMWU1
YWVmNzQwHhcNMjMwMTAxMTkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk3MzQzOGE3YjJmMjIyNzdiNWE4ZGM4ODdlMzJkYjZlZjQ4YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4w5cNUnI1ehZykYXdoN4SHdKVQb
My6syScluUWs6Q0TTE2RmmbW5Qm0v59cA8s/3a/Xticfpru6SGlWvX/176xXfEB2
Qa5QzEA+opDnGXutcEVR1tzEWnHjSSexrTkPSZOUUtRFBGvQ1P1kbcKJD7Sv0/4x
4nlOqyp217FxbohLEmYm88YdhPtBMRNI0O9qtRTgv1xjVBJtDJGRU71weOD8/6t9
aY/9RrL21mCHqwMQ51cu4p4U1ytYheWzporI8EuH5xvAUdMLWOt6yplJGGnriDgQ
Mqhe4RlzCNYFd1v9jzSt4j3bD3jOuHzGrTsIr8Zbm799ZD3BItmu6V0DfQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMuXNDinsvIid7Wo3Ih+Mttu9IvXMB8GA1UdIwQY
MBaAFAQkwRZYGKQy95fI3fS1MHseWu90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTkt
YzMzOWNjYWYzYTFlLzEveTVjME9LZXk4aUozdGFqY2lINHkyMjcwaTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTktYzMzOWNjYWYzYTFl
LzEvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDnv9AAwQC
uQgcAwQCub2cAwQCuepQAwQBwzy8MBQEAgACMA4DBQAqA8WAAwUDKg0HADANBgkq
hkiG9w0BAQsFAAOCAQEA9nK790y7rmzRXK7KRosCGyMTarbvQqVW7jn2ykX/0YaC
Y3OXOwqjh5OBpV3bbru0BfxJ47nuCoFDvKZKnJzAsJOE/ZJBsfhdUWO0KeCYHFFn
9dtJ+PqrJWP8XOE7+jGVcJ7K2vMhmPt16T9T48nhuWxYeJxQsi/ZdVuWDfXcWVvz
EDtCZUK10cKASwl735gs8+BVbZsNXQ5nlFWvq8yVnNIfK8y7ehr5FHmhxk7rBCAi
mFz0PxB+9oFfxtfuL+rmVcnvcg4ySYjsMTvmcx/3A58TxXzSZrpkEcNLA2ORyUzW
Dw4LC9YIXIwo/85vLTKB+9qM1ZjJNVPFbxSxuh6uuA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net