Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/LS23XR9lF-og-2uA3i2yI2YtP2M.roa
File: LS23XR9lF-og-2uA3i2yI2YtP2M.roa (raw, json)
Hash identifier: UvzA3dK94cn6ekZtzVa6WMIId8+M4sEWWr/z5CsnYKE=
Subject key identifier: 2D:2D:B7:5D:1F:65:17:EA:20:FB:6B:80:DE:2D:B2:23:66:2D:3F:63
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 01865C9E58C356C7BC723D4F60B2204C8A96
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/LS23XR9lF-og-2uA3i2yI2YtP2M.roa
Signing time: Thu 16 Feb 2023 23:45:26 +0000
ROA not before: Thu 16 Feb 2023 23:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 24
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 24
85.204.25.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
81.23.33.0/24 maxlen: 24
81.23.32.0/20 maxlen: 24
89.35.96.0/20 maxlen: 24
185.63.48.0/22 maxlen: 24
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 24
185.2.252.0/22 maxlen: 24
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.200.0/21 maxlen: 24
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5c:9e:58:c3:56:c7:bc:72:3d:4f:60:b2:20:4c:8a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Feb 16 23:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d2db75d1f6517ea20fb6b80de2db223662d3f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4d:c9:6b:ab:d1:7e:ed:47:aa:33:29:98:6c:
b8:2c:3c:ba:78:5d:5c:f9:4c:79:cc:61:3d:16:e1:
2a:73:f4:49:f6:ed:bb:8d:19:ed:53:d4:f6:4a:1f:
18:95:4a:80:7e:d4:ab:01:e1:58:f5:d0:df:14:9b:
a1:54:e6:31:4a:b6:a5:4f:c0:33:96:2f:32:89:5e:
c5:9c:c2:f5:cb:b0:80:95:03:2c:33:32:67:22:c1:
b0:e2:be:75:62:cb:80:2c:b0:3b:97:8a:76:bf:6e:
86:6b:54:65:11:e2:ee:62:f7:3f:22:3f:bb:86:42:
34:71:43:23:88:d5:fc:71:d5:85:d8:d1:95:eb:bb:
d6:ba:f4:70:20:14:ed:bb:7d:66:eb:5e:96:7e:e9:
7e:06:9c:94:a4:02:84:5e:2e:5f:ed:8d:b6:bd:63:
9a:3d:f4:cc:73:3e:91:1e:a6:8d:a6:1d:45:ae:9c:
df:d2:88:7b:97:45:6d:22:5a:fa:fa:7b:db:e7:55:
7f:fb:0e:e1:fd:d7:4c:c8:01:76:cf:3e:0d:60:97:
88:6b:8b:b8:cb:bf:cf:52:27:a9:cf:cb:d0:2f:3f:
ee:b0:eb:bb:82:d8:1a:4d:1f:73:22:fd:12:af:45:
c8:14:76:60:3f:9d:2c:93:a6:ef:fa:52:cd:e2:35:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2D:B7:5D:1F:65:17:EA:20:FB:6B:80:DE:2D:B2:23:66:2D:3F:63
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/LS23XR9lF-og-2uA3i2yI2YtP2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
35:67:eb:88:eb:9c:b7:f1:60:b8:1b:9b:17:ac:02:2f:f6:f3:
b4:f7:5e:94:65:17:58:6c:ec:83:ef:b5:e7:5c:66:e0:b1:c0:
00:ec:ce:f1:8f:cf:08:8b:97:dc:97:a3:16:d3:2d:36:82:62:
de:34:9d:59:e3:41:81:0d:18:d1:3b:b7:53:b2:8d:2a:44:b6:
26:3d:5a:36:61:84:c5:49:94:d9:11:b3:7c:f2:c7:47:cd:89:
67:72:f7:0b:22:de:68:e8:d2:38:8f:0d:06:5d:c7:01:16:5b:
27:79:57:b6:9a:74:7b:48:a7:66:db:14:3a:f5:76:0a:6e:ce:
29:e6:48:a7:b2:53:44:33:eb:42:71:9f:67:57:98:ab:ee:e7:
0d:30:a8:1d:3c:15:4f:1f:2e:13:fc:df:71:32:f1:95:7a:01:
d8:74:61:89:84:a1:1c:da:94:0b:3c:65:4f:66:a3:97:76:16:
b7:47:33:12:25:1f:88:ba:db:64:f1:5f:88:a3:b4:9b:63:01:
fe:ad:e8:a8:9d:0e:b4:b8:ed:e7:80:8b:17:33:ef:e6:e1:60:
72:8b:05:bc:17:7b:e9:83:67:c7:f2:2c:53:4c:8a:e9:11:95:
f5:f5:a2:1b:29:bc:ec:52:8b:0c:59:fb:d8:3a:79:6d:36:6a:
75:77:15:63
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYZcnljDVse8cj1PYLIgTIqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjMwMjE2MjM0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJkYjc1ZDFmNjUxN2VhMjBmYjZiODBkZTJkYjIyMzY2MmQzZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU3Ja6vRfu1HqjMpmGy4LDy6eF1c
+Ux5zGE9FuEqc/RJ9u27jRntU9T2Sh8YlUqAftSrAeFY9dDfFJuhVOYxSralT8Az
li8yiV7FnML1y7CAlQMsMzJnIsGw4r51YsuALLA7l4p2v26Ga1RlEeLuYvc/Ij+7
hkI0cUMjiNX8cdWF2NGV67vWuvRwIBTtu31m616Wful+BpyUpAKEXi5f7Y22vWOa
PfTMcz6RHqaNph1Frpzf0oh7l0VtIlr6+nvb51V/+w7h/ddMyAF2zz4NYJeIa4u4
y7/PUiepz8vQLz/usOu7gtgaTR9zIv0Sr0XIFHZgP50sk6bv+lLN4jXSzwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFC0tt10fZRfqIPtrgN4tsiNmLT9jMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvTFMyM1hSOWxGLW9nLTJ1QTNpMnlJMll0UDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEANWfriOuct/Fg
uBubF6wCL/bztPdelGUXWGzsg++151xm4LHAAOzO8Y/PCIuX3JejFtMtNoJi3jSd
WeNBgQ0Y0Tu3U7KNKkS2Jj1aNmGExUmU2RGzfPLHR82JZ3L3CyLeaOjSOI8NBl3H
ARZbJ3lXtpp0e0inZtsUOvV2Cm7OKeZIp7JTRDPrQnGfZ1eYq+7nDTCoHTwVTx8u
E/zfcTLxlXoB2HRhiYShHNqUCzxlT2ajl3YWt0czEiUfiLrbZPFfiKO0m2MB/q3o
qJ0OtLjt54CLFzPv5uFgcosFvBd76YNnx/IsU0yK6RGV9fWiGym87FKLDFn72Dp5
bTZqdXcVYw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:03 2024 by rpki-client on console.sobornost.net