Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/co_GQR87uv1quSlGR5v2DQg5gMQ.roa
File: co_GQR87uv1quSlGR5v2DQg5gMQ.roa (raw, json)
Hash identifier: CQU3HqrfNWIQ8Pu/9RIaBsvLppFIPkayuD/aKFJ3kQc=
Subject key identifier: 72:8F:C6:41:1F:3B:BA:FD:6A:B9:29:46:47:9B:F6:0D:08:39:80:C4
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0189D3D4B14E25465945449DE0BBF9D23B37
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/co_GQR87uv1quSlGR5v2DQg5gMQ.roa
Signing time: Tue 08 Aug 2023 06:27:58 +0000
ROA not before: Tue 08 Aug 2023 06:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59613
IP address blocks: 195.234.112.0/24 maxlen: 24
195.234.115.0/24 maxlen: 24
195.234.114.0/24 maxlen: 24
195.234.113.0/24 maxlen: 24
185.158.208.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
2a02:2278:ff00::/40 maxlen: 40
2a02:2278:fffe::/48 maxlen: 48
2a02:2278:ffff::/48 maxlen: 48
2a02:2278:fffd::/48 maxlen: 48
2a02:2278:fffc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:d4:b1:4e:25:46:59:45:44:9d:e0:bb:f9:d2:3b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Aug 8 06:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=728fc6411f3bbafd6ab92946479bf60d083980c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:49:0d:b1:92:28:66:ba:02:cc:3b:fd:8e:
96:05:1a:c0:f8:d9:15:36:4f:8d:bb:28:38:30:f8:
fc:ec:43:88:46:4d:a0:f9:f9:ad:62:db:9e:19:31:
be:27:ea:8d:ec:52:56:53:9e:90:76:5b:f9:fc:30:
0a:5c:f1:f2:1e:5f:a1:73:f4:7d:8c:c4:eb:68:7b:
e2:da:4c:ca:d8:a8:0c:68:81:82:7d:3c:20:f3:dd:
60:47:ef:24:56:89:f0:03:07:bd:4b:ff:af:fa:26:
ba:d9:22:53:af:e8:bf:1e:58:b5:41:45:84:78:46:
0d:85:14:7b:5c:b2:35:d0:08:ef:9b:64:2b:db:d3:
5b:dc:e1:c8:06:ff:0a:c3:28:27:b0:4a:2f:71:8b:
f6:d7:33:ef:ee:9b:71:64:0f:82:3a:1d:e4:f0:3f:
63:6a:48:f3:be:cf:69:08:18:1a:45:47:50:7c:58:
3f:15:78:f1:41:68:78:e6:79:91:f5:4c:35:ee:d6:
b2:87:c4:12:f3:97:23:56:d5:44:8c:99:30:e5:51:
48:18:6c:72:dd:41:45:ce:22:19:42:a5:12:3d:62:
f2:bf:ae:12:06:ee:f7:c9:84:e1:de:c1:65:85:49:
94:64:fe:84:c0:d1:28:bf:1a:77:96:e3:38:0d:26:
55:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8F:C6:41:1F:3B:BA:FD:6A:B9:29:46:47:9B:F6:0D:08:39:80:C4
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/co_GQR87uv1quSlGR5v2DQg5gMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
4f:c7:5e:df:87:30:13:22:fb:32:c0:66:b1:ee:dc:22:c0:4b:
a5:88:b4:d3:56:5e:6a:48:d1:e7:ce:36:fd:14:3b:43:79:d2:
33:48:8a:0f:a4:d5:ec:1a:a8:68:dc:dd:43:d2:d9:85:78:29:
ae:aa:c2:5c:7a:8a:1e:e3:5e:2c:af:ab:71:63:04:d1:46:d0:
70:fa:50:cd:5d:23:1e:dc:39:95:79:9b:69:42:b6:ee:56:37:
59:57:af:8e:cf:ff:6f:39:d7:88:8a:c3:1a:5e:ed:8b:f5:5d:
5c:f9:4e:4b:1f:35:23:76:83:d5:46:2c:77:d7:26:09:8f:ae:
88:49:ed:c9:4b:ab:bd:fd:f4:96:31:e4:4f:cd:26:fb:35:e6:
00:c9:6d:e7:00:6a:1b:3a:32:99:4e:b0:f3:ca:b8:25:3b:ba:
5b:e6:86:c7:e6:79:7a:4c:79:11:eb:8a:29:05:71:f6:0d:9d:
dc:41:41:6f:1e:ca:cf:49:55:eb:96:a6:4d:6d:35:6a:3f:8f:
01:d4:d7:e3:8f:5d:9f:ae:c9:e3:2e:a6:1f:bf:69:21:02:28:
8f:aa:c4:3c:52:3f:46:24:fd:0a:52:1a:2b:ec:ec:59:c6:ae:
93:48:79:94:bc:09:3e:3f:18:d1:24:73:84:5a:23:77:47:76:
42:3a:97:34
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYnT1LFOJUZZRUSd4Lv50js3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwODA4MDYyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjhmYzY0MTFmM2JiYWZkNmFiOTI5NDY0NzliZjYwZDA4Mzk4MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKBJDbGSKGa6Asw7/Y6WBRrA+NkV
Nk+Nuyg4MPj87EOIRk2g+fmtYtueGTG+J+qN7FJWU56Qdlv5/DAKXPHyHl+hc/R9
jMTraHvi2kzK2KgMaIGCfTwg891gR+8kVonwAwe9S/+v+ia62SJTr+i/Hli1QUWE
eEYNhRR7XLI10Ajvm2Qr29Nb3OHIBv8KwygnsEovcYv21zPv7ptxZA+COh3k8D9j
akjzvs9pCBgaRUdQfFg/FXjxQWh45nmR9Uw17tayh8QS85cjVtVEjJkw5VFIGGxy
3UFFziIZQqUSPWLyv64SBu73yYTh3sFlhUmUZP6EwNEovxp3luM4DSZVkQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHKPxkEfO7r9arkpRkeb9g0IOYDEMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvY29fR1FSODd1djFxdVNsR1I1djJEUWc1Z01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAT8de34cwEyL7
MsBmse7cIsBLpYi001ZeakjR5842/RQ7Q3nSM0iKD6TV7BqoaNzdQ9LZhXgprqrC
XHqKHuNeLK+rcWME0UbQcPpQzV0jHtw5lXmbaUK27lY3WVevjs//bznXiIrDGl7t
i/VdXPlOSx81I3aD1UYsd9cmCY+uiEntyUurvf30ljHkT80m+zXmAMlt5wBqGzoy
mU6w88q4JTu6W+aGx+Z5ekx5EeuKKQVx9g2d3EFBbx7Kz0lV65amTW01aj+PAdTX
449dn67J4y6mH79pIQIoj6rEPFI/RiT9ClIaK+zsWcauk0h5lLwJPj8Y0SRzhFoj
d0d2QjqXNA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:31 2023 by rpki-client on console.sobornost.net