Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/xj9evlPtKktn2mDZqh4rWLRJvMI.roa
File: xj9evlPtKktn2mDZqh4rWLRJvMI.roa (raw, json)
Hash identifier: yQ/G2/vaM8a724pE38vCvNkIWAHAASNZBk87u9gijm8=
Subject key identifier: C6:3F:5E:BE:53:ED:2A:4B:67:DA:60:D9:AA:1E:2B:58:B4:49:BC:C2
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 0189F2A30A577C3576294679153AF047381D
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/xj9evlPtKktn2mDZqh4rWLRJvMI.roa
Signing time: Mon 14 Aug 2023 06:01:58 +0000
ROA not before: Mon 14 Aug 2023 06:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49121
IP address blocks: 37.221.71.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
5.57.209.0/24 maxlen: 24
2a09:e200::/48 maxlen: 48
2a09:e200:e200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:a3:0a:57:7c:35:76:29:46:79:15:3a:f0:47:38:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Aug 14 06:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c63f5ebe53ed2a4b67da60d9aa1e2b58b449bcc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:83:0e:3d:61:85:54:66:ef:c6:de:12:e1:f5:
69:aa:9a:ce:a8:af:69:f9:ba:03:17:2a:14:0a:9e:
8c:6f:ea:59:d4:f8:fd:79:0c:06:b9:b6:41:9b:e1:
08:e1:2e:f7:9f:89:ac:75:8a:d6:d6:4f:81:38:f2:
9e:28:19:36:fe:63:03:27:15:49:e3:92:0f:e2:6e:
7a:6e:c9:41:0a:14:ad:a1:b6:28:d9:a7:1a:69:a8:
82:b6:25:f8:2b:1b:d1:b4:9a:b3:5a:2e:db:00:af:
28:05:fd:31:55:3f:15:0f:d3:b7:0d:66:e4:13:4e:
da:03:09:9f:d2:17:6d:5d:01:67:bf:1c:e4:cc:e1:
48:a4:66:7f:5a:16:d9:cf:ce:a5:61:08:50:54:fa:
2f:c7:47:a4:c4:3b:4b:83:5c:76:41:8b:59:82:3a:
09:46:ba:91:4c:7f:0c:f3:ba:11:b9:19:17:68:ed:
2c:98:73:1c:d9:61:39:8c:7f:8e:4f:28:84:ca:f5:
af:f5:20:02:1c:37:f8:e1:cc:b6:e4:6d:c7:2a:6f:
42:59:3b:8b:5b:21:cc:a4:25:be:10:e6:aa:ba:dc:
f7:dc:85:6d:82:b7:6e:90:c1:93:22:0f:4c:94:ea:
67:6b:e2:68:7b:bf:c0:84:3f:11:0e:57:8f:f1:66:
af:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3F:5E:BE:53:ED:2A:4B:67:DA:60:D9:AA:1E:2B:58:B4:49:BC:C2
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/xj9evlPtKktn2mDZqh4rWLRJvMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/24
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
Signature Algorithm: sha256WithRSAEncryption
2f:74:d5:b1:df:69:a4:6a:65:fc:e2:96:61:d6:84:29:9b:91:
04:a7:a2:3c:c6:9b:4a:e5:7e:42:7e:43:48:22:70:e7:f6:73:
fc:17:9d:79:67:24:0a:e3:05:67:af:8c:a1:c7:7e:cc:34:e4:
f4:07:1b:dd:2a:dd:18:b7:b7:a6:19:88:7b:6e:e2:bd:20:de:
69:c8:1c:7a:ca:9a:dc:05:de:74:16:db:7c:82:24:2f:97:39:
00:dd:6c:8d:3c:cb:e8:4c:4d:26:25:b5:42:d5:e8:25:54:9f:
76:04:99:53:37:c3:03:d6:2f:3c:a6:43:42:63:6f:00:5d:0e:
59:bf:b5:ba:52:96:7e:be:6d:dc:04:c7:8c:10:40:73:76:d3:
c0:d8:ec:d0:c5:11:b3:4b:67:6c:4b:5f:19:a0:07:3d:dc:97:
e9:17:6f:74:e0:ba:c8:c2:ec:37:07:c7:da:c7:5d:b7:c3:7f:
a6:e6:ce:a6:ac:b5:c6:30:db:77:1e:9e:59:32:52:09:5e:c7:
17:2c:a5:a9:41:18:c7:bd:d2:86:59:dd:d6:82:21:92:1f:89:
38:d9:08:18:e7:df:49:59:c5:5d:78:f4:fe:3d:7d:1d:b4:2f:
31:2d:8d:4d:10:bf:5d:53:37:e2:d5:ee:bf:29:91:d7:93:58:
00:35:99:da
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYnyowpXfDV2KUZ5FTrwRzgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjMwODE0MDYwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNmNWViZTUzZWQyYTRiNjdkYTYwZDlhYTFlMmI1OGI0NDliY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYMOPWGFVGbvxt4S4fVpqprOqK9p
+boDFyoUCp6Mb+pZ1Pj9eQwGubZBm+EI4S73n4msdYrW1k+BOPKeKBk2/mMDJxVJ
45IP4m56bslBChStobYo2acaaaiCtiX4KxvRtJqzWi7bAK8oBf0xVT8VD9O3DWbk
E07aAwmf0hdtXQFnvxzkzOFIpGZ/WhbZz86lYQhQVPovx0ekxDtLg1x2QYtZgjoJ
RrqRTH8M87oRuRkXaO0smHMc2WE5jH+OTyiEyvWv9SACHDf44cy25G3HKm9CWTuL
WyHMpCW+EOaqutz33IVtgrdukMGTIg9MlOpna+Joe7/AhD8RDleP8WavZwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMY/Xr5T7SpLZ9pg2aoeK1i0SbzCMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEveGo5ZXZsUHRLa3RuMm1EWnFoNHJXTFJKdk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAmBAIAATAgAwQABTnRAwQC
Jd1EMAwDBAAtV3UDBAMtV3ADBAC5ugAwGAQCAAIwEgMHACoJ4gAAAAMHACoJ4gDi
ADANBgkqhkiG9w0BAQsFAAOCAQEAL3TVsd9ppGpl/OKWYdaEKZuRBKeiPMabSuV+
Qn5DSCJw5/Zz/BedeWckCuMFZ6+Mocd+zDTk9Acb3SrdGLe3phmIe27ivSDeacgc
esqa3AXedBbbfIIkL5c5AN1sjTzL6ExNJiW1QtXoJVSfdgSZUzfDA9YvPKZDQmNv
AF0OWb+1ulKWfr5t3ATHjBBAc3bTwNjs0MURs0tnbEtfGaAHPdyX6RdvdOC6yMLs
NwfH2sddt8N/pubOpqy1xjDbdx6eWTJSCV7HFyylqUEYx73Shlnd1oIhkh+JONkI
GOffSVnFXXj0/j19HbQvMS2NTRC/XVM34tXuvymR15NYADWZ2g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:31 2023 by rpki-client on console.sobornost.net