Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/iQw5xos2KSpifolOqm2wQtgHthk.roa
File: iQw5xos2KSpifolOqm2wQtgHthk.roa (raw, json)
Hash identifier: 9WCaeZk/djPwHPti7CnJjG9g68HgmdbcXHUqVP3rzkg=
Subject key identifier: 89:0C:39:C6:8B:36:29:2A:62:7E:89:4E:AA:6D:B0:42:D8:07:B6:19
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 0185708CE0343664015DE9CE4870A34B9E57
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/iQw5xos2KSpifolOqm2wQtgHthk.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 23
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 23
85.204.25.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
81.23.32.0/20 maxlen: 20
89.35.96.0/20 maxlen: 20
185.63.48.0/22 maxlen: 22
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 21
185.2.252.0/22 maxlen: 22
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.200.0/21 maxlen: 21
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e0:34:36:64:01:5d:e9:ce:48:70:a3:4b:9e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=890c39c68b36292a627e894eaa6db042d807b619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:28:22:2a:39:f2:e8:c4:1c:69:51:8e:be:4d:
cb:f4:08:20:f6:27:cc:be:45:ce:77:07:3b:52:82:
12:ed:4a:11:1f:41:25:33:15:2b:39:0c:b5:6d:e7:
b7:68:2c:f8:b1:aa:00:17:2f:11:a3:5e:76:b4:ce:
1b:aa:1a:ad:5c:c4:ce:d8:87:92:03:a0:56:31:c5:
56:a4:a3:c9:a1:12:15:b1:25:4b:96:04:c5:4e:99:
dd:f3:43:d8:a9:ca:39:ba:f6:9b:29:16:de:47:02:
63:ff:24:da:44:9c:76:e2:b7:30:ac:5c:00:d5:b3:
d6:d0:2d:9a:a1:4c:fa:02:1c:58:11:1e:1d:3a:d8:
db:ea:c1:6b:76:63:b5:35:ae:1c:54:6f:b3:9c:a3:
49:f8:86:c2:8f:a1:b6:99:03:98:dd:52:ed:0c:24:
50:75:49:fd:a7:3b:dd:44:eb:d6:a8:0c:d9:60:0d:
cf:41:3d:d8:8b:e5:54:77:ce:c2:82:a5:db:d2:89:
8e:2d:ca:d2:d1:d5:c9:ee:32:17:3b:58:f3:a5:f4:
b8:c4:11:b6:c9:b1:7d:9c:0b:a5:bb:ee:ad:ba:c9:
5d:38:d0:f3:b5:cf:97:3f:df:c8:15:7a:b9:ed:45:
a9:2b:82:74:69:ea:2b:49:4b:13:7d:c8:4f:5e:8f:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0C:39:C6:8B:36:29:2A:62:7E:89:4E:AA:6D:B0:42:D8:07:B6:19
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/iQw5xos2KSpifolOqm2wQtgHthk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
4f:5c:42:69:b8:84:19:55:bf:3c:df:71:c6:6a:7f:ca:71:a4:
af:94:ac:0a:52:34:6a:b5:8f:23:55:62:fd:0a:4c:c8:d2:e9:
d4:6d:1c:a9:5a:27:11:31:3e:2b:34:83:de:1b:e3:85:9b:26:
01:a3:c1:26:6f:12:b8:c4:ff:64:46:7b:eb:56:88:2b:d5:51:
72:79:21:60:22:59:f3:0d:37:4d:db:30:b9:cb:2d:ed:a8:27:
d5:5f:80:0a:a7:1e:01:3f:91:3e:9c:6b:b5:ca:36:70:d8:a2:
56:c6:35:bb:c2:90:fc:15:b1:12:72:a1:75:c7:de:e0:72:73:
25:d7:c3:63:4f:42:9a:9f:0e:8d:33:2e:0d:db:67:81:eb:e1:
c5:56:0d:fc:af:d4:e0:1a:56:67:d8:02:ff:ea:23:58:ad:66:
de:f5:7d:e2:20:65:63:54:1a:4b:82:7f:3b:e3:99:eb:1a:ca:
4a:92:c8:80:8d:39:07:44:4c:4c:6c:14:6d:8b:f9:78:6c:1f:
fd:b1:14:6a:7d:a9:b3:c4:c4:86:ad:8b:4d:46:0f:87:17:83:
00:98:1d:55:ed:5e:fc:24:46:15:20:80:cc:cf:e3:1a:9c:a8:
b9:9b:8a:78:54:96:ce:0b:a5:49:5f:3a:fd:6c:19:b1:d8:0d:
96:cb:23:82
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVwjOA0NmQBXenOSHCjS55XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBjMzljNjhiMzYyOTJhNjI3ZTg5NGVhYTZkYjA0MmQ4MDdiNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySgiKjny6MQcaVGOvk3L9Agg9ifM
vkXOdwc7UoIS7UoRH0ElMxUrOQy1bee3aCz4saoAFy8Ro152tM4bqhqtXMTO2IeS
A6BWMcVWpKPJoRIVsSVLlgTFTpnd80PYqco5uvabKRbeRwJj/yTaRJx24rcwrFwA
1bPW0C2aoUz6AhxYER4dOtjb6sFrdmO1Na4cVG+znKNJ+IbCj6G2mQOY3VLtDCRQ
dUn9pzvdROvWqAzZYA3PQT3Yi+VUd87CgqXb0omOLcrS0dXJ7jIXO1jzpfS4xBG2
ybF9nAulu+6tusldONDztc+XP9/IFXq57UWpK4J0aeorSUsTfchPXo8lqwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIkMOcaLNikqYn6JTqptsELYB7YZMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvaVF3NXhvczJLU3BpZm9sT3FtMndRdGdIdGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEAT1xCabiEGVW/
PN9xxmp/ynGkr5SsClI0arWPI1Vi/QpMyNLp1G0cqVonETE+KzSD3hvjhZsmAaPB
Jm8SuMT/ZEZ761aIK9VRcnkhYCJZ8w03Tdswucst7agn1V+ACqceAT+RPpxrtco2
cNiiVsY1u8KQ/BWxEnKhdcfe4HJzJdfDY09Cmp8OjTMuDdtngevhxVYN/K/U4BpW
Z9gC/+ojWK1m3vV94iBlY1QaS4J/O+OZ6xrKSpLIgI05B0RMTGwUbYv5eGwf/bEU
an2ps8TEhq2LTUYPhxeDAJgdVe1e/CRGFSCAzM/jGpyouZuKeFSWzgulSV86/WwZ
sdgNlssjgg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net