Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/X99fLCwNQAeG0aKMy1u1q_MCtho.roa
File: X99fLCwNQAeG0aKMy1u1q_MCtho.roa (raw, json)
Hash identifier: k+WwKI9zXJolhbqEeZEYemgFpGRx66avnwTg+IVpM6E=
Subject key identifier: 5F:DF:5F:2C:2C:0D:40:07:86:D1:A2:8C:CB:5B:B5:AB:F3:02:B6:1A
Certificate issuer: /CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Certificate serial: 018B662AB28329AE00F41ADBD7D6C8B2D29D
Authority key identifier: B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/X99fLCwNQAeG0aKMy1u1q_MCtho.roa
Signing time: Wed 25 Oct 2023 09:29:16 +0000
ROA not before: Wed 25 Oct 2023 09:29:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51341
IP address blocks: 91.218.85.0/24 maxlen: 24
91.218.84.0/24 maxlen: 24
91.218.86.0/24 maxlen: 24
91.218.87.0/24 maxlen: 24
213.109.201.0/24 maxlen: 24
91.236.141.0/24 maxlen: 24
91.236.140.0/24 maxlen: 24
91.236.143.0/24 maxlen: 24
91.236.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:2a:b2:83:29:ae:00:f4:1a:db:d7:d6:c8:b2:d2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Validity
Not Before: Oct 25 09:29:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fdf5f2c2c0d400786d1a28ccb5bb5abf302b61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:97:84:8c:52:fa:32:a7:76:62:a4:9a:17:78:
77:c4:da:3a:7f:c8:43:28:8b:3c:66:df:61:e2:4f:
e0:ba:30:5a:dc:0b:28:cd:00:f2:2b:87:24:ff:42:
25:34:7b:65:86:57:c7:42:e0:01:13:57:8b:a7:7b:
a9:f4:c3:f9:28:70:9b:a0:d7:4a:57:a1:ce:32:4c:
f4:06:ee:f2:b3:ee:a2:0e:52:32:37:81:8a:6b:1a:
8e:22:b9:9a:d6:44:d4:50:0c:a8:76:e5:50:8e:e5:
b6:9a:e3:03:bb:6b:82:d2:9c:6a:c7:39:9b:ec:4f:
ec:45:87:7d:1e:03:b5:0c:c3:91:d2:e0:38:cb:9d:
d7:6b:4c:b3:7b:32:ca:97:4f:d3:37:41:4b:d9:86:
04:45:ab:c2:00:54:ae:d7:68:b7:62:f4:0d:15:5c:
a1:6a:22:cc:c4:37:04:af:94:81:87:7a:da:6c:2a:
a5:b8:8d:22:32:0c:79:cb:60:84:a6:06:a3:db:35:
a8:b9:4e:0d:5b:a7:27:0b:60:a0:2f:55:a0:29:b1:
bf:c8:a4:05:54:08:e8:28:59:1b:00:28:3f:d8:90:
f6:86:72:1e:05:3c:51:8f:b9:fc:97:1d:c8:98:9d:
32:a2:e2:a7:6f:b8:fb:23:a4:14:2d:79:63:37:84:
5c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DF:5F:2C:2C:0D:40:07:86:D1:A2:8C:CB:5B:B5:AB:F3:02:B6:1A
X509v3 Authority Key Identifier:
keyid:B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/X99fLCwNQAeG0aKMy1u1q_MCtho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.84.0/22
91.236.140.0/22
213.109.201.0/24
Signature Algorithm: sha256WithRSAEncryption
71:98:ab:46:a7:50:dc:85:6f:38:29:93:1d:1d:46:23:ce:0e:
45:c6:70:91:45:5b:a5:c5:d9:08:09:13:55:68:e7:94:4a:a1:
ae:39:b3:7c:3c:f5:88:18:43:57:c5:73:de:55:13:ec:e3:72:
0a:a9:dd:11:4d:c1:eb:44:d9:02:0b:94:3d:f7:64:16:76:bf:
95:da:ca:dc:81:99:1b:e5:47:92:0d:87:76:2c:2a:3e:7b:9e:
84:8a:ae:3c:ec:b5:12:9b:1c:b3:cb:6d:42:0a:57:1f:dd:a0:
93:41:83:3c:d9:bb:74:f5:38:62:d8:54:4e:d5:0c:b8:3a:c4:
b3:69:eb:17:7d:aa:75:32:5f:ed:37:d2:d7:7c:8f:1a:8a:19:
01:5b:37:e8:01:5c:b6:cb:af:46:6a:4b:ae:3b:4f:6b:f8:1a:
5b:ca:f9:15:92:d7:bd:3f:6e:95:6b:43:a5:10:f9:42:45:d2:
98:9a:b3:f6:26:ef:35:1a:1d:47:3c:5e:34:4b:66:a0:61:dc:
cc:77:92:09:d3:79:97:a3:e9:5b:b7:e1:27:9c:9e:9c:27:bf:
c7:9d:54:35:2e:eb:d5:f8:31:00:f0:9f:a8:ad:4a:8d:90:fc:
9a:fe:20:f6:55:5a:4a:45:3e:2a:ab:21:ba:0a:a1:3a:2a:f6:
cb:1f:36:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtmKrKDKa4A9Brb19bIstKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjJhYzcwMWMxNGQzNGJiMmU0NDc1ZWM1MTE1MmE0MGM5
ZDNkM2MwHhcNMjMxMDI1MDkyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRmNWYyYzJjMGQ0MDA3ODZkMWEyOGNjYjViYjVhYmYzMDJiNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZeEjFL6Mqd2YqSaF3h3xNo6f8hD
KIs8Zt9h4k/gujBa3AsozQDyK4ck/0IlNHtlhlfHQuABE1eLp3up9MP5KHCboNdK
V6HOMkz0Bu7ys+6iDlIyN4GKaxqOIrma1kTUUAyoduVQjuW2muMDu2uC0pxqxzmb
7E/sRYd9HgO1DMOR0uA4y53Xa0yzezLKl0/TN0FL2YYERavCAFSu12i3YvQNFVyh
aiLMxDcEr5SBh3rabCqluI0iMgx5y2CEpgaj2zWouU4NW6cnC2CgL1WgKbG/yKQF
VAjoKFkbACg/2JD2hnIeBTxRj7n8lx3ImJ0youKnb7j7I6QULXljN4RcgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF/fXywsDUAHhtGijMtbtavzArYaMB8GA1UdIwQY
MBaAFLVirHAcFNNLsuRHXsURUqQMnT08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTIt
MDk3MzI0ZGQ5ZWM4LzEvWDk5ZkxDd05RQWVHMGFLTXkxdTFxX01DdGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTItMDk3MzI0ZGQ5ZWM4
LzEvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9pUAwQC
W+yMAwQA1W3JMA0GCSqGSIb3DQEBCwUAA4IBAQBxmKtGp1DchW84KZMdHUYjzg5F
xnCRRVulxdkICRNVaOeUSqGuObN8PPWIGENXxXPeVRPs43IKqd0RTcHrRNkCC5Q9
92QWdr+V2srcgZkb5UeSDYd2LCo+e56Eiq487LUSmxyzy21CClcf3aCTQYM82bt0
9Thi2FRO1Qy4OsSzaesXfap1Ml/tN9LXfI8aihkBWzfoAVy2y69GakuuO09r+Bpb
yvkVkte9P26Va0OlEPlCRdKYmrP2Ju81Gh1HPF40S2agYdzMd5IJ03mXo+lbt+En
nJ6cJ7/HnVQ1LuvV+DEA8J+orUqNkPya/iD2VVpKRT4qqyG6CqE6KvbLHzYC
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:47 2024 by rpki-client on console.sobornost.net