Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/Atht3HkD1WuUpSsqyq_XT-P1jq0.roa
File: Atht3HkD1WuUpSsqyq_XT-P1jq0.roa (raw, json)
Hash identifier: jOQub+1BLq6zkziLibtx9j0l4Y3i1Z7ns7CGDHpDpRE=
Subject key identifier: 02:D8:6D:DC:79:03:D5:6B:94:A5:2B:2A:CA:AF:D7:4F:E3:F5:8E:AD
Certificate issuer: /CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Certificate serial: 018ADBB8F8EC7EAB61254DA43F6D231D6A85
Authority key identifier: A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/Atht3HkD1WuUpSsqyq_XT-P1jq0.roa
Signing time: Thu 28 Sep 2023 12:17:27 +0000
ROA not before: Thu 28 Sep 2023 12:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51752
IP address blocks: 185.15.220.0/22 maxlen: 22
91.220.88.0/24 maxlen: 24
2a03:c9c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:b8:f8:ec:7e:ab:61:25:4d:a4:3f:6d:23:1d:6a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8707679223c883fed7f7c79ff2f293bff8730b5
Validity
Not Before: Sep 28 12:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02d86ddc7903d56b94a52b2acaafd74fe3f58ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2f:ec:9e:c9:ad:58:fc:2c:2d:b8:47:9a:ef:
01:af:63:2b:11:a6:55:db:8b:f0:ef:55:e3:00:6e:
94:81:12:9e:c2:25:46:b3:f1:42:d4:fa:ed:e9:0b:
97:ac:c9:b0:1e:1d:26:63:54:59:6c:cc:57:d3:99:
e7:31:f9:6d:ff:38:c4:95:2c:84:e0:33:a4:81:75:
20:03:38:f8:08:b7:91:76:f9:b6:bc:95:69:49:a7:
51:2a:48:cd:07:06:48:f2:41:3b:26:b3:20:dc:14:
2a:5c:7e:a1:b3:a0:85:4a:03:18:d9:de:99:47:d3:
d8:b0:47:1b:c7:cc:fb:e8:82:2c:9a:c7:3f:cd:a1:
28:b6:02:57:3c:cf:06:97:bc:ff:7d:77:b7:97:e9:
95:47:a8:84:85:b5:5f:4e:22:5c:49:ea:86:33:77:
0d:f3:d8:48:dc:60:28:a6:8e:2d:a9:cd:5a:13:08:
10:44:c3:20:df:05:9f:3d:29:e6:d3:21:f2:fb:72:
d8:66:0f:b7:48:35:c4:9d:e0:88:0f:fb:43:96:32:
12:8e:16:bf:12:af:af:a3:0f:5b:40:02:5e:61:77:
3a:84:42:1c:b4:40:e0:b3:b4:fd:88:50:84:36:57:
8e:43:d6:e8:16:68:bd:56:3a:37:f2:1a:e5:cb:c3:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D8:6D:DC:79:03:D5:6B:94:A5:2B:2A:CA:AF:D7:4F:E3:F5:8E:AD
X509v3 Authority Key Identifier:
keyid:A8:70:76:79:22:3C:88:3F:ED:7F:7C:79:FF:2F:29:3B:FF:87:30:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHB2eSI8iD_tf3x5_y8pO_-HMLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/Atht3HkD1WuUpSsqyq_XT-P1jq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/db9866-dbf6-4294-94b9-407fef69cfb8/1/qHB2eSI8iD_tf3x5_y8pO_-HMLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.88.0/24
185.15.220.0/22
IPv6:
2a03:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:88:50:77:71:4d:c1:ab:02:0c:42:f9:26:2d:00:2f:56:af:
e0:e9:48:d3:8b:bc:34:1b:3d:20:02:88:1d:14:a6:17:03:85:
3b:ab:3d:14:81:c2:96:41:90:22:b5:46:ed:ba:c7:cc:b7:ea:
f6:bb:08:d1:3d:56:65:68:26:70:ef:98:40:d5:24:15:3d:f9:
3a:c1:73:63:59:26:73:2d:6e:53:0c:28:74:75:0d:fa:71:ef:
58:06:2b:95:3b:30:85:9a:76:9a:2b:93:62:06:65:93:9e:3e:
29:c1:fa:23:7f:e8:43:b4:53:60:38:b0:ad:71:dc:42:4f:ff:
32:e2:02:0d:8e:b8:76:03:d1:ca:e3:1a:73:f2:35:4d:87:f1:
36:f7:f0:2f:69:b8:89:77:b0:19:86:54:ea:47:8e:2f:f9:67:
87:d3:9b:d9:68:c8:65:bf:60:98:7a:73:bd:61:75:48:f4:2d:
f4:2c:1e:c3:ee:ee:88:0b:31:99:7c:ba:52:d2:90:60:4f:ad:
8e:8d:77:b2:29:4c:ce:05:1b:be:11:64:77:f7:c9:0e:c3:32:
a3:8d:d6:0a:9b:a9:b4:7d:a1:c7:cb:d8:71:6c:8e:9f:82:ea:
0b:9e:3f:4e:aa:16:15:6c:af:e8:b7:2b:85:d8:00:f5:54:9e:
39:4b:1e:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYrbuPjsfqthJU2kP20jHWqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA3Njc5MjIzYzg4M2ZlZDdmN2M3OWZmMmYyOTNiZmY4
NzMwYjUwHhcNMjMwOTI4MTIxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ4NmRkYzc5MDNkNTZiOTRhNTJiMmFjYWFmZDc0ZmUzZjU4ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS/snsmtWPwsLbhHmu8Br2MrEaZV
24vw71XjAG6UgRKewiVGs/FC1Prt6QuXrMmwHh0mY1RZbMxX05nnMflt/zjElSyE
4DOkgXUgAzj4CLeRdvm2vJVpSadRKkjNBwZI8kE7JrMg3BQqXH6hs6CFSgMY2d6Z
R9PYsEcbx8z76IIsmsc/zaEotgJXPM8Gl7z/fXe3l+mVR6iEhbVfTiJcSeqGM3cN
89hI3GAopo4tqc1aEwgQRMMg3wWfPSnm0yHy+3LYZg+3SDXEneCID/tDljISjha/
Eq+vow9bQAJeYXc6hEIctEDgs7T9iFCENleOQ9boFmi9Vjo38hrly8MQcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFALYbdx5A9VrlKUrKsqv10/j9Y6tMB8GA1UdIwQY
MBaAFKhwdnkiPIg/7X98ef8vKTv/hzC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0Yjkt
NDA3ZmVmNjljZmI4LzEvQXRodDNIa0QxV3VVcFNzcXlxX1hULVAxanEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9kYjk4NjYtZGJmNi00Mjk0LTk0YjktNDA3ZmVmNjljZmI4
LzEvcUhCMmVTSThpRF90ZjN4NV95OHBPXy1ITUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9xYAwQC
uQ/cMA0EAgACMAcDBQAqA8nAMA0GCSqGSIb3DQEBCwUAA4IBAQAtiFB3cU3BqwIM
QvkmLQAvVq/g6UjTi7w0Gz0gAogdFKYXA4U7qz0UgcKWQZAitUbtusfMt+r2uwjR
PVZlaCZw75hA1SQVPfk6wXNjWSZzLW5TDCh0dQ36ce9YBiuVOzCFmnaaK5NiBmWT
nj4pwfojf+hDtFNgOLCtcdxCT/8y4gINjrh2A9HK4xpz8jVNh/E29/AvabiJd7AZ
hlTqR44v+WeH05vZaMhlv2CYenO9YXVI9C30LB7D7u6ICzGZfLpS0pBgT62OjXey
KUzOBRu+EWR398kOwzKjjdYKm6m0faHHy9hxbI6fguoLnj9OqhYVbK/otyuF2AD1
VJ45Sx4H
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:40 2024 by rpki-client on console.sobornost.net