Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/vxA01sOzfHNiNOTs-ge10l7dP6k.roa
File: vxA01sOzfHNiNOTs-ge10l7dP6k.roa (raw, json)
Hash identifier: DTEcDFBflyZoqR6UEYYcOo7yO6cWzqU0y/P01VfbMO0=
Subject key identifier: BF:10:34:D6:C3:B3:7C:73:62:34:E4:EC:FA:07:B5:D2:5E:DD:3F:A9
Certificate issuer: /CN=1fedc4c19e033a167e4af795d54e34b71ea093c6
Certificate serial: 018C16715B4D4B87AF1715715DC841707EE4
Authority key identifier: 1F:ED:C4:C1:9E:03:3A:16:7E:4A:F7:95:D5:4E:34:B7:1E:A0:93:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/vxA01sOzfHNiNOTs-ge10l7dP6k.roa
Signing time: Tue 28 Nov 2023 14:59:36 +0000
ROA not before: Tue 28 Nov 2023 14:59:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34412
IP address blocks: 185.49.231.0/24 maxlen: 24
91.246.44.0/24 maxlen: 24
193.3.182.0/24 maxlen: 24
185.226.140.0/24 maxlen: 24
185.226.143.0/24 maxlen: 24
185.226.141.0/24 maxlen: 24
185.226.142.0/24 maxlen: 24
31.25.91.0/24 maxlen: 24
31.25.90.0/24 maxlen: 24
77.72.80.0/24 maxlen: 24
62.204.61.0/24 maxlen: 24
146.19.217.0/24 maxlen: 24
2a10:5740::/48 maxlen: 48
2a10:5740:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:71:5b:4d:4b:87:af:17:15:71:5d:c8:41:70:7e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fedc4c19e033a167e4af795d54e34b71ea093c6
Validity
Not Before: Nov 28 14:59:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf1034d6c3b37c736234e4ecfa07b5d25edd3fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0d:ed:10:79:47:d9:fa:3e:dd:46:c6:1e:a8:
5a:34:7c:e8:3b:bf:d8:b4:ad:07:be:34:f7:31:3b:
0a:22:6c:30:49:01:fe:64:dc:14:3e:0d:2a:84:b4:
f6:0b:2f:f3:02:29:b6:41:b5:81:35:7a:14:be:15:
c3:90:01:27:43:36:26:c3:e5:0a:c7:86:7a:30:dc:
23:eb:ef:90:2b:b2:65:59:97:80:57:85:7c:ba:58:
4c:e8:a9:e8:5e:e9:84:36:72:e8:da:40:e2:6e:96:
6e:56:2d:6f:9c:9f:c0:f0:2f:59:07:7b:0c:18:d9:
6d:c8:1b:78:da:a4:39:ed:7b:c5:1a:07:77:6e:7d:
3c:d9:c7:35:20:09:52:81:6a:f0:24:fc:42:b6:c8:
2e:c4:18:e8:aa:ba:06:da:bd:fa:3a:bf:80:03:c1:
af:44:66:77:92:8f:1e:ae:3d:95:ee:d1:ab:fd:c0:
e5:b4:b0:09:12:da:fc:4d:15:9b:bf:bd:19:93:59:
5c:de:6a:c9:48:b9:1e:dd:b6:f2:81:93:fc:78:92:
9c:cb:83:36:ce:1a:3d:a4:c8:89:8d:c0:1c:b7:a3:
ef:0d:6b:31:1a:5d:37:e2:e0:d3:50:7b:be:16:14:
31:f9:85:6f:1d:68:e2:e3:c9:56:a5:0c:37:f2:3a:
eb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:10:34:D6:C3:B3:7C:73:62:34:E4:EC:FA:07:B5:D2:5E:DD:3F:A9
X509v3 Authority Key Identifier:
keyid:1F:ED:C4:C1:9E:03:3A:16:7E:4A:F7:95:D5:4E:34:B7:1E:A0:93:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/vxA01sOzfHNiNOTs-ge10l7dP6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.90.0/23
62.204.61.0/24
77.72.80.0/24
91.246.44.0/24
146.19.217.0/24
185.49.231.0/24
185.226.140.0/22
193.3.182.0/24
IPv6:
2a10:5740::/48
2a10:5740:2::/48
Signature Algorithm: sha256WithRSAEncryption
2d:12:88:6e:9a:9e:21:2a:80:fb:8b:a6:ce:47:39:08:8c:2d:
84:b0:d5:aa:20:b6:7c:6f:5f:4a:12:96:ba:af:00:ee:4b:77:
d4:1d:74:c2:09:da:4a:33:85:78:b3:8e:cf:9f:b9:ed:7a:70:
89:99:63:76:26:98:e7:d2:78:96:c0:c9:a5:8c:06:46:0e:29:
f0:c7:54:1b:4a:ea:d6:1e:8c:bd:35:b3:e5:58:cb:2d:b8:44:
f4:54:e5:6d:02:fe:f5:82:c0:99:8b:61:b2:70:41:37:0e:91:
b3:56:81:0e:31:fe:c6:eb:d4:14:96:77:88:d3:78:ab:f4:88:
59:51:e0:29:bc:46:f1:ea:19:78:94:16:d9:a3:09:a1:95:cc:
af:e1:09:d3:1d:af:c8:e6:04:85:3a:c2:fd:7d:d6:47:d9:5d:
9f:9e:3b:d3:77:7c:fb:17:c4:e0:de:71:1c:01:1f:51:38:30:
ec:28:bb:36:28:1f:f6:eb:ca:8c:89:bd:6f:dd:5b:3a:ae:2e:
c4:19:eb:68:93:99:44:12:82:34:40:fe:10:2f:52:7e:51:22:
01:98:ed:20:e4:3a:85:58:4e:53:ad:be:cf:36:5c:68:b9:3c:
33:9e:f1:9b:fe:b5:6f:39:b6:54:a3:f1:3e:fb:11:62:26:dd:
ce:a3:b7:ae
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYwWcVtNS4evFxVxXchBcH7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZWRjNGMxOWUwMzNhMTY3ZTRhZjc5NWQ1NGUzNGI3MWVh
MDkzYzYwHhcNMjMxMTI4MTQ1OTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjEwMzRkNmMzYjM3YzczNjIzNGU0ZWNmYTA3YjVkMjVlZGQzZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw3tEHlH2fo+3UbGHqhaNHzoO7/Y
tK0HvjT3MTsKImwwSQH+ZNwUPg0qhLT2Cy/zAim2QbWBNXoUvhXDkAEnQzYmw+UK
x4Z6MNwj6++QK7JlWZeAV4V8ulhM6KnoXumENnLo2kDibpZuVi1vnJ/A8C9ZB3sM
GNltyBt42qQ57XvFGgd3bn082cc1IAlSgWrwJPxCtsguxBjoqroG2r36Or+AA8Gv
RGZ3ko8erj2V7tGr/cDltLAJEtr8TRWbv70Zk1lc3mrJSLke3bbygZP8eJKcy4M2
zho9pMiJjcAct6PvDWsxGl034uDTUHu+FhQx+YVvHWji48lWpQw38jrrxQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFL8QNNbDs3xzYjTk7PoHtdJe3T+pMB8GA1UdIwQY
MBaAFB/txMGeAzoWfkr3ldVONLceoJPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC0zRXdaNERPaFotU3ZlVjFVNDB0eDZnazhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kZjkxYzMtZDViOC00YTU4LWFlOWUt
MmY4NzliNTc1NGUxLzEvdnhBMDFzT3pmSE5pTk9Ucy1nZTEwbDdkUDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kZjkxYzMtZDViOC00YTU4LWFlOWUtMmY4NzliNTc1NGUx
LzEvSC0zRXdaNERPaFotU3ZlVjFVNDB0eDZnazhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA2BAIAATAwAwQBHxlaAwQA
Psw9AwQATUhQAwQAW/YsAwQAkhPZAwQAuTHnAwQCueKMAwQAwQO2MBgEAgACMBID
BwAqEFdAAAADBwAqEFdAAAIwDQYJKoZIhvcNAQELBQADggEBAC0SiG6aniEqgPuL
ps5HOQiMLYSw1aogtnxvX0oSlrqvAO5Ld9QddMIJ2kozhXizjs+fue16cImZY3Ym
mOfSeJbAyaWMBkYOKfDHVBtK6tYejL01s+VYyy24RPRU5W0C/vWCwJmLYbJwQTcO
kbNWgQ4x/sbr1BSWd4jTeKv0iFlR4Cm8RvHqGXiUFtmjCaGVzK/hCdMdr8jmBIU6
wv191kfZXZ+eO9N3fPsXxODecRwBH1E4MOwouzYoH/bryoyJvW/dWzquLsQZ62iT
mUQSgjRA/hAvUn5RIgGY7SDkOoVYTlOtvs82XGi5PDOe8Zv+tW85tlSj8T77EWIm
3c6jt64=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:37 2024 by rpki-client on console.sobornost.net