Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/n3oIbQrTRAZpkKItKptAWkehFH4.roa
File: n3oIbQrTRAZpkKItKptAWkehFH4.roa (raw, json)
Hash identifier: wuDeK6CUZfl14PDVWOlFkGmydI7Xc2iD47+QJBZqaJQ=
Subject key identifier: 9F:7A:08:6D:0A:D3:44:06:69:90:A2:2D:2A:9B:40:5A:47:A1:14:7E
Certificate issuer: /CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Certificate serial: 01856DEF71C51F972EE78A301720807DDD7E
Authority key identifier: C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/n3oIbQrTRAZpkKItKptAWkehFH4.roa
Signing time: Sun 01 Jan 2023 15:24:46 +0000
ROA not before: Sun 01 Jan 2023 15:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200799
IP address blocks: 185.188.24.0/24 maxlen: 24
185.188.24.0/22 maxlen: 22
185.188.27.0/24 maxlen: 24
185.188.26.0/24 maxlen: 24
185.188.25.0/24 maxlen: 24
185.95.39.0/24 maxlen: 24
130.193.1.0/24 maxlen: 24
185.95.38.0/24 maxlen: 24
185.95.37.0/24 maxlen: 24
185.95.36.0/22 maxlen: 22
185.95.36.0/24 maxlen: 24
212.237.252.0/24 maxlen: 24
217.61.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:71:c5:1f:97:2e:e7:8a:30:17:20:80:7d:dd:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Validity
Not Before: Jan 1 15:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f7a086d0ad344066990a22d2a9b405a47a1147e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:20:ac:a5:36:82:81:54:85:1b:7c:2f:dc:df:
49:12:f8:2f:53:f6:2d:f4:9f:d2:8c:f9:e5:51:9d:
e0:65:8f:41:e4:a9:ef:85:88:eb:a3:50:2f:59:40:
51:1c:47:d2:85:d6:00:fa:88:97:8b:e7:d0:b8:ab:
08:46:b7:44:f9:cf:96:6a:1c:c7:16:54:a0:f9:4e:
8a:91:99:08:1f:bf:41:e7:df:1e:5b:a6:e4:bf:ea:
70:f8:f2:c9:67:a0:86:ca:a4:c0:d5:91:bb:97:b6:
13:c4:49:c7:ed:c8:74:54:be:db:71:3c:f1:71:bf:
1a:61:f5:39:2d:86:42:fe:76:d1:dd:01:da:f9:db:
60:e3:f5:26:c0:59:eb:b4:02:5e:4f:78:78:c4:fd:
27:c6:56:34:98:28:ef:2b:29:42:28:d9:ef:88:36:
ca:90:49:2c:ce:25:1e:5c:0c:95:a1:8e:5c:10:ea:
35:36:81:f9:ee:69:86:50:ce:cc:90:3b:0f:61:f0:
8a:75:9d:b9:9e:15:49:6a:c6:10:e5:9d:d2:ce:5e:
50:b5:6d:02:84:37:76:96:e5:27:86:a7:7e:7e:8c:
86:db:76:4f:f4:0b:e3:d8:c1:db:7f:34:6a:7f:a6:
3d:f5:3e:12:50:4c:8c:85:98:23:41:95:63:d0:6c:
e4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7A:08:6D:0A:D3:44:06:69:90:A2:2D:2A:9B:40:5A:47:A1:14:7E
X509v3 Authority Key Identifier:
keyid:C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/n3oIbQrTRAZpkKItKptAWkehFH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.1.0/24
185.95.36.0/22
185.188.24.0/22
212.237.252.0/24
217.61.254.0/24
Signature Algorithm: sha256WithRSAEncryption
19:6a:17:fe:c3:75:ce:26:c9:99:f9:43:53:7a:f6:af:a5:0a:
ea:97:fc:ed:75:60:c8:94:51:99:83:02:95:de:ab:cf:d9:20:
6e:f0:eb:c4:c6:4f:4a:e1:fd:cd:1b:70:c1:d8:14:7b:18:5f:
45:17:df:f3:25:18:a7:ba:3b:df:9b:0a:33:ca:06:2d:ab:d1:
dd:ec:52:c3:a5:24:46:85:61:f9:77:9f:99:9b:e8:3b:69:c6:
bc:11:8e:26:9d:c4:4c:67:15:64:9e:46:2e:81:46:41:61:7d:
60:c2:9f:07:d3:e7:0d:76:ad:ae:59:7c:96:50:43:05:bf:41:
1e:d7:e0:3f:b5:97:37:58:2f:05:d7:5e:4d:38:56:d3:b8:ab:
1d:79:e9:e5:83:28:92:19:a2:18:9b:f4:a3:af:5e:ed:73:db:
c1:59:54:38:c1:41:e8:e1:ad:18:4f:52:3a:59:b4:61:32:07:
c1:c5:10:85:5c:eb:32:d9:00:f7:54:74:81:54:18:3b:35:c0:
71:88:8a:06:dc:28:b5:a9:83:09:86:21:9c:47:8a:f9:4f:46:
80:ef:f0:ec:bf:78:9a:7b:05:29:da:2f:8d:72:38:13:06:cd:
1d:81:32:84:f3:e2:f6:20:13:a5:6c:4b:42:d3:86:b7:a5:77:
ae:4a:a2:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVt73HFH5cu54owFyCAfd1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzZhOGJhODc0YzNmYmRkYWQzNDRkMDMyNThiM2UyYzA0
ZDdiY2IwHhcNMjMwMTAxMTUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdhMDg2ZDBhZDM0NDA2Njk5MGEyMmQyYTliNDA1YTQ3YTExNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iCspTaCgVSFG3wv3N9JEvgvU/Yt
9J/SjPnlUZ3gZY9B5KnvhYjro1AvWUBRHEfShdYA+oiXi+fQuKsIRrdE+c+WahzH
FlSg+U6KkZkIH79B598eW6bkv+pw+PLJZ6CGyqTA1ZG7l7YTxEnH7ch0VL7bcTzx
cb8aYfU5LYZC/nbR3QHa+dtg4/UmwFnrtAJeT3h4xP0nxlY0mCjvKylCKNnviDbK
kEksziUeXAyVoY5cEOo1NoH57mmGUM7MkDsPYfCKdZ25nhVJasYQ5Z3Szl5QtW0C
hDd2luUnhqd+foyG23ZP9Avj2MHbfzRqf6Y99T4SUEyMhZgjQZVj0GzkGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ96CG0K00QGaZCiLSqbQFpHoRR+MB8GA1UdIwQY
MBaAFMJ2qLqHTD+92tNE0DJYs+LATXvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMt
MzY2MWIxZWJiY2ZiLzEvbjNvSWJRclRSQVpwa0tJdEtwdEFXa2VoRkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMtMzY2MWIxZWJiY2Zi
LzEvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgsEBAwQC
uV8kAwQCubwYAwQA1O38AwQA2T3+MA0GCSqGSIb3DQEBCwUAA4IBAQAZahf+w3XO
JsmZ+UNTevavpQrql/ztdWDIlFGZgwKV3qvP2SBu8OvExk9K4f3NG3DB2BR7GF9F
F9/zJRinujvfmwozygYtq9Hd7FLDpSRGhWH5d5+Zm+g7aca8EY4mncRMZxVknkYu
gUZBYX1gwp8H0+cNdq2uWXyWUEMFv0Ee1+A/tZc3WC8F115NOFbTuKsdeenlgyiS
GaIYm/Sjr17tc9vBWVQ4wUHo4a0YT1I6WbRhMgfBxRCFXOsy2QD3VHSBVBg7NcBx
iIoG3Ci1qYMJhiGcR4r5T0aA7/Dsv3iaewUp2i+NcjgTBs0dgTKE8+L2IBOlbEtC
04a3pXeuSqLb
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:11 2024 by rpki-client on console.sobornost.net