Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/1-ZmoHw_g8fAPrFOiAEGt5XzYh7U.roa
File: 1-ZmoHw_g8fAPrFOiAEGt5XzYh7U.roa (raw, json)
Hash identifier: w9k16ixApHMgMwui4f9mUHDke+IacajR5iPMKX/Zj5E=
Subject key identifier: F9:99:A8:1F:0F:E0:F1:F0:0F:AC:53:A2:00:41:AD:E5:7C:D8:87:B5
Certificate issuer: /CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Certificate serial: 018572FA63522C11AA651791C3554AA89B00
Authority key identifier: A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/1-ZmoHw_g8fAPrFOiAEGt5XzYh7U.roa
Signing time: Mon 02 Jan 2023 14:54:50 +0000
ROA not before: Mon 02 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6856
IP address blocks: 195.98.80.0/20 maxlen: 20
92.244.224.0/19 maxlen: 19
94.141.32.0/19 maxlen: 19
46.164.192.0/18 maxlen: 18
83.139.128.0/18 maxlen: 18
195.98.64.0/20 maxlen: 20
217.25.224.0/20 maxlen: 20
2a00:1af8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:63:52:2c:11:aa:65:17:91:c3:55:4a:a8:9b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bdab2580abb3bf628b5d4f89d497cd9d92a4e3
Validity
Not Before: Jan 2 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f999a81f0fe0f1f00fac53a20041ade57cd887b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:30:3a:68:b9:4c:9f:4e:ed:d3:5f:18:ca:82:
3e:c4:ec:b5:ee:c0:50:43:ac:d2:6c:fd:5a:fb:81:
3c:f3:39:62:f9:98:e0:97:fa:6c:d8:82:e8:4c:e6:
f4:a9:4a:29:7c:54:a0:2d:61:34:ae:4b:98:00:f3:
80:be:53:40:a2:94:ac:e4:f1:3a:d0:eb:a3:5c:e5:
42:91:22:a0:4a:ae:dc:16:9c:c3:0c:0d:c1:b5:2c:
5d:3f:5d:04:f7:00:15:05:ee:74:a9:ce:ad:c4:38:
e4:bc:a8:73:03:2a:36:cb:8e:8f:a0:e8:82:26:7d:
83:34:8d:dc:85:8e:0f:21:08:d2:03:16:7f:b1:cd:
cb:ea:20:a8:7d:94:82:09:9c:12:d2:59:2c:e3:23:
37:c0:8b:67:cb:05:51:8f:72:96:6d:0f:3f:06:30:
aa:40:cc:98:d0:2b:a7:f5:0f:1e:46:9d:36:31:09:
80:37:20:39:8b:72:cf:2f:85:a1:ee:3c:1d:02:11:
e8:b7:93:f3:0e:a7:e8:29:c4:43:72:5e:21:53:b7:
f0:6e:e2:ed:26:4c:48:30:69:5f:46:53:00:9b:bb:
83:97:f4:7f:eb:c8:3c:f6:b2:d2:22:c2:0b:ac:91:
ed:25:b8:0a:fe:8e:eb:86:03:ce:ff:f2:a2:94:b4:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:99:A8:1F:0F:E0:F1:F0:0F:AC:53:A2:00:41:AD:E5:7C:D8:87:B5
X509v3 Authority Key Identifier:
keyid:A7:BD:AB:25:80:AB:B3:BF:62:8B:5D:4F:89:D4:97:CD:9D:92:A4:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p72rJYCrs79ii11PidSXzZ2SpOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/1-ZmoHw_g8fAPrFOiAEGt5XzYh7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/8f1b46-a4b1-4ff2-bbec-1d709a5c616b/1/p72rJYCrs79ii11PidSXzZ2SpOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.164.192.0/18
83.139.128.0/18
92.244.224.0/19
94.141.32.0/19
195.98.64.0/19
217.25.224.0/20
IPv6:
2a00:1af8::/32
Signature Algorithm: sha256WithRSAEncryption
0d:f2:c9:1c:c5:00:e1:44:9b:74:8b:3d:ff:49:ba:a9:1e:2e:
1c:3c:d7:dd:6b:4f:a5:8f:bc:98:a4:f1:2a:24:4e:52:f4:52:
2d:c6:19:d6:dc:99:48:ba:5e:cf:58:77:48:c4:bc:7d:23:69:
29:4b:99:2f:16:13:50:5d:9f:ec:30:78:87:da:6f:c8:c3:47:
44:48:e5:b3:74:ed:9e:bc:2c:85:af:4b:e8:01:0b:55:a0:d2:
4b:84:04:b2:50:c5:d4:8d:2b:02:f1:71:61:27:27:de:70:e0:
4b:5a:89:2b:34:e1:47:52:ac:3a:74:d9:14:8a:03:66:1f:98:
24:4c:f0:43:13:ed:32:bc:ab:bf:7e:d8:d8:bd:af:61:b1:0a:
25:79:17:d9:55:6a:ce:93:3a:ad:88:42:41:f3:89:b7:26:ec:
be:68:52:2f:e9:78:44:48:aa:15:3c:12:a1:00:3b:a2:e2:b3:
4a:14:56:d1:f9:37:19:a4:b9:b5:5c:8f:7e:9b:a1:73:69:1f:
b4:a3:63:98:33:5c:2a:12:cb:5a:d6:f8:0d:6b:1c:14:7a:d9:
db:6d:db:86:2a:54:a9:e5:92:22:81:52:8a:c2:56:68:54:b9:
a1:fc:b0:36:9d:46:8d:ea:e6:8c:d7:53:6d:f3:f3:f3:24:0b:
7b:2f:7a:84
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVy+mNSLBGqZReRw1VKqJsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmRhYjI1ODBhYmIzYmY2MjhiNWQ0Zjg5ZDQ5N2NkOWQ5
MmE0ZTMwHhcNMjMwMTAyMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTk5YTgxZjBmZTBmMWYwMGZhYzUzYTIwMDQxYWRlNTdjZDg4N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjA6aLlMn07t018YyoI+xOy17sBQ
Q6zSbP1a+4E88zli+Zjgl/ps2ILoTOb0qUopfFSgLWE0rkuYAPOAvlNAopSs5PE6
0OujXOVCkSKgSq7cFpzDDA3BtSxdP10E9wAVBe50qc6txDjkvKhzAyo2y46PoOiC
Jn2DNI3chY4PIQjSAxZ/sc3L6iCofZSCCZwS0lks4yM3wItnywVRj3KWbQ8/BjCq
QMyY0Cun9Q8eRp02MQmANyA5i3LPL4Wh7jwdAhHot5PzDqfoKcRDcl4hU7fwbuLt
JkxIMGlfRlMAm7uDl/R/68g89rLSIsILrJHtJbgK/o7rhgPO//KilLSH8wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPmZqB8P4PHwD6xTogBBreV82Ie1MB8GA1UdIwQY
MBaAFKe9qyWAq7O/YotdT4nUl82dkqTjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDcyckpZQ3JzNzlpaTExUGlkU1h6WjJTcE9NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84ZjFiNDYtYTRiMS00ZmYyLWJiZWMt
MWQ3MDlhNWM2MTZiLzEvMS1abW9Id19nOGZBUHJGT2lBRUd0NVh6WWg3VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvOGYxYjQ2LWE0YjEtNGZmMi1iYmVjLTFkNzA5YTVjNjE2
Yi8xL3A3MnJKWUNyczc5aWkxMVBpZFNYeloyU3BPTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBi6kwAME
BlOLgAMEBVz04AMEBV6NIAMEBcNiQAMEBNkZ4DANBAIAAjAHAwUAKgAa+DANBgkq
hkiG9w0BAQsFAAOCAQEADfLJHMUA4USbdIs9/0m6qR4uHDzX3WtPpY+8mKTxKiRO
UvRSLcYZ1tyZSLpez1h3SMS8fSNpKUuZLxYTUF2f7DB4h9pvyMNHREjls3Ttnrws
ha9L6AELVaDSS4QEslDF1I0rAvFxYScn3nDgS1qJKzThR1KsOnTZFIoDZh+YJEzw
QxPtMryrv37Y2L2vYbEKJXkX2VVqzpM6rYhCQfOJtybsvmhSL+l4REiqFTwSoQA7
ouKzShRW0fk3GaS5tVyPfpuhc2kftKNjmDNcKhLLWtb4DWscFHrZ223bhipUqeWS
IoFSisJWaFS5ofywNp1GjermjNdTbfPz8yQLey96hA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:36 2024 by rpki-client on console.sobornost.net