Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/vma5sLtHr_4E-4yCv_5O23HpxZk.roa
File: vma5sLtHr_4E-4yCv_5O23HpxZk.roa (raw, json)
Hash identifier: JbrH4nsPr8aLrz8cbt+AZ3CkOFU5l62MissHRowS1tw=
Subject key identifier: BE:66:B9:B0:BB:47:AF:FE:04:FB:8C:82:BF:FE:4E:DB:71:E9:C5:99
Certificate issuer: /CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Certificate serial: 01856CC14BE87040A90BED4754BA38DED763
Authority key identifier: 0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/vma5sLtHr_4E-4yCv_5O23HpxZk.roa
Signing time: Sun 01 Jan 2023 09:54:45 +0000
ROA not before: Sun 01 Jan 2023 09:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17819
IP address blocks: 185.93.57.0/24 maxlen: 24
185.93.59.0/24 maxlen: 24
2a03:8fa0:1000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:4b:e8:70:40:a9:0b:ed:47:54:ba:38:de:d7:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Validity
Not Before: Jan 1 09:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be66b9b0bb47affe04fb8c82bffe4edb71e9c599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e9:23:39:7c:33:11:f1:20:58:8f:cd:2d:e6:
54:6b:3c:30:6d:0f:bb:d5:06:e4:55:3c:aa:4a:11:
7f:86:90:dc:3a:9d:f0:ef:8b:94:f5:d1:de:6e:54:
8b:4a:04:3a:03:c2:d3:d2:fa:0b:85:91:0c:41:04:
01:dc:20:de:24:ef:6c:70:ca:fe:4b:b6:99:b3:20:
7f:6e:0f:d4:24:35:cc:f1:3b:f4:15:15:66:bf:d2:
57:2d:a9:d0:57:19:a0:4a:c7:3e:c1:cd:63:2e:e8:
6f:4d:e4:6d:e1:13:b9:35:00:4f:8a:c4:7c:74:3d:
bd:83:4c:1f:d4:54:ed:2a:06:3e:a1:3b:4b:9e:17:
27:f5:16:ec:6d:7b:c1:4e:8b:ac:4c:2b:f0:49:11:
37:79:69:ae:a9:bb:4f:61:f1:a7:09:c7:c8:18:35:
bf:f9:91:5e:5d:3a:33:6f:38:17:3d:14:df:e9:40:
bf:b4:ff:34:64:92:04:fd:85:2d:9b:cc:43:fa:4d:
ab:f6:7f:38:24:68:ed:87:2c:8b:86:67:e8:8c:b1:
02:a1:d0:68:9c:15:ac:30:ff:53:a4:26:b4:70:f5:
9e:c3:ad:73:3e:dc:56:85:54:6c:7e:fd:db:d3:9f:
ee:ad:81:56:1a:ee:cb:f4:cd:0e:e5:82:ab:cf:79:
c5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:66:B9:B0:BB:47:AF:FE:04:FB:8C:82:BF:FE:4E:DB:71:E9:C5:99
X509v3 Authority Key Identifier:
keyid:0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/vma5sLtHr_4E-4yCv_5O23HpxZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/DC18I46J3NUvb7IpbfpHWMYcl74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.57.0/24
185.93.59.0/24
IPv6:
2a03:8fa0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
b4:f7:67:9d:86:f4:0c:bc:74:a2:05:36:25:9f:4e:c1:d4:e7:
f9:53:80:47:45:4e:21:fd:cb:d9:43:7f:82:9d:c6:a6:23:b0:
39:3b:d4:fd:af:ca:dc:42:ed:80:37:d3:12:e9:59:56:6f:ba:
aa:4a:5d:4b:02:63:ea:1a:a9:1a:37:4f:de:14:c0:c4:36:d9:
9f:33:d1:d4:fe:61:6d:9c:a0:8f:47:46:1e:b7:5a:c0:f1:31:
93:63:ab:c0:a5:8c:cc:ae:75:af:4f:ec:a2:50:90:33:7f:99:
45:d5:5f:6f:43:03:c3:c4:d6:3b:62:4f:84:2d:3a:92:8d:b3:
82:bb:42:e5:4f:b6:87:3e:01:bb:f3:19:ec:1d:2a:15:f9:b0:
d6:59:b0:e9:f1:fe:94:47:26:55:ce:1e:a8:89:c1:e9:02:e7:
e5:b9:b4:c7:be:df:fc:fc:1c:93:b9:67:74:a1:00:aa:35:4e:
22:92:c8:5b:d1:2d:8c:65:89:54:d5:d9:1e:5e:ac:5d:32:10:
c6:a1:44:98:c6:ba:25:bd:a0:bd:88:7f:6b:0a:db:48:88:8b:
d7:8a:52:b7:05:74:be:63:a7:8f:77:91:6e:d8:a2:9e:d2:6a:
3f:b9:8f:b7:aa:de:d0:81:12:e9:17:1b:54:d3:ed:ac:72:05:
03:c2:d8:a0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVswUvocECpC+1HVLo43tdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmQ3YzIzOGU4OWRjZDUyZjZmYjIyOTZkZmE0NzU4YzYx
Yzk3YmUwHhcNMjMwMTAxMDk1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY2YjliMGJiNDdhZmZlMDRmYjhjODJiZmZlNGVkYjcxZTljNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgekjOXwzEfEgWI/NLeZUazwwbQ+7
1QbkVTyqShF/hpDcOp3w74uU9dHeblSLSgQ6A8LT0voLhZEMQQQB3CDeJO9scMr+
S7aZsyB/bg/UJDXM8Tv0FRVmv9JXLanQVxmgSsc+wc1jLuhvTeRt4RO5NQBPisR8
dD29g0wf1FTtKgY+oTtLnhcn9RbsbXvBTousTCvwSRE3eWmuqbtPYfGnCcfIGDW/
+ZFeXTozbzgXPRTf6UC/tP80ZJIE/YUtm8xD+k2r9n84JGjthyyLhmfojLECodBo
nBWsMP9TpCa0cPWew61zPtxWhVRsfv3b05/urYFWGu7L9M0O5YKrz3nFqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFL5mubC7R6/+BPuMgr/+Tttx6cWZMB8GA1UdIwQY
MBaAFAwtfCOOidzVL2+yKW36R1jGHJe+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREMxOEk0NkozTlV2YjdJcGJmcEhXTVljbDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC80NjkxNmUtZTg2Yy00NGE4LThhYjkt
NTM4NDliYWYxYjQ1LzEvdm1hNXNMdEhyXzRFLTR5Q3ZfNU8yM0hweFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC80NjkxNmUtZTg2Yy00NGE4LThhYjktNTM4NDliYWYxYjQ1
LzEvREMxOEk0NkozTlV2YjdJcGJmcEhXTVljbDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAuV05AwQA
uV07MA4EAgACMAgDBgQqA4+gEDANBgkqhkiG9w0BAQsFAAOCAQEAtPdnnYb0DLx0
ogU2JZ9OwdTn+VOAR0VOIf3L2UN/gp3GpiOwOTvU/a/K3ELtgDfTEulZVm+6qkpd
SwJj6hqpGjdP3hTAxDbZnzPR1P5hbZygj0dGHrdawPExk2OrwKWMzK51r0/solCQ
M3+ZRdVfb0MDw8TWO2JPhC06ko2zgrtC5U+2hz4Bu/MZ7B0qFfmw1lmw6fH+lEcm
Vc4eqInB6QLn5bm0x77f/Pwck7lndKEAqjVOIpLIW9EtjGWJVNXZHl6sXTIQxqFE
mMa6Jb2gvYh/awrbSIiL14pStwV0vmOnj3eRbtiintJqP7mPt6re0IES6RcbVNPt
rHIFA8LYoA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:30 2024 by rpki-client on console.sobornost.net