Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/bsy0z2zBBD_TEVLN0Tg6LXlSTlU.roa
File: bsy0z2zBBD_TEVLN0Tg6LXlSTlU.roa (raw, json)
Hash identifier: Pczds3FpIOPqfOMtN1wQvmRPL1FVv2oaepXqVVNIcxk=
Subject key identifier: 6E:CC:B4:CF:6C:C1:04:3F:D3:11:52:CD:D1:38:3A:2D:79:52:4E:55
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 01891B7E64C9405F08BA054F67AE1EAFADC3
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/bsy0z2zBBD_TEVLN0Tg6LXlSTlU.roa
Signing time: Mon 03 Jul 2023 11:23:35 +0000
ROA not before: Mon 03 Jul 2023 11:23:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
194.104.149.0/24 maxlen: 24
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:7e:64:c9:40:5f:08:ba:05:4f:67:ae:1e:af:ad:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jul 3 11:23:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eccb4cf6cc1043fd31152cdd1383a2d79524e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:24:a5:29:98:ef:dd:93:58:e7:83:bb:d5:4a:
a8:02:f3:47:77:e6:98:4a:a4:d7:d3:5a:4e:b3:aa:
13:c3:26:ba:f4:a6:96:01:22:22:e7:64:68:b6:7c:
78:43:93:45:95:ea:bd:c4:51:b7:d3:cb:35:8f:8d:
8c:09:47:53:60:6f:30:b0:65:ff:0f:88:57:7c:c0:
81:39:8e:88:e7:f6:5f:64:cc:dd:c5:fc:55:0f:01:
76:08:a3:ac:b5:ef:35:99:09:36:15:6e:8c:33:5e:
ef:58:9f:91:f4:46:ca:6d:b8:89:63:2d:dd:88:67:
3c:29:1c:6e:67:72:b0:48:f8:33:99:52:c6:4d:a3:
a8:f5:a7:a2:55:2a:2a:92:05:58:db:fe:03:b3:94:
02:ae:5a:35:d7:48:a4:92:64:20:4e:3e:ae:89:1b:
23:43:78:06:18:aa:8b:67:06:8b:89:56:54:a3:f8:
7e:2b:91:1a:c5:3a:c3:1f:00:64:91:d8:25:e7:8f:
18:16:8d:8e:07:cc:14:67:97:4e:98:d4:9c:f5:57:
e5:49:89:34:b5:1e:fb:75:25:f3:3e:5a:4e:f7:ed:
01:07:d6:05:73:c6:5c:20:cc:83:45:2e:02:a7:29:
c5:22:00:00:1f:61:fc:21:d3:4a:13:e4:27:91:b0:
0d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CC:B4:CF:6C:C1:04:3F:D3:11:52:CD:D1:38:3A:2D:79:52:4E:55
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/bsy0z2zBBD_TEVLN0Tg6LXlSTlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
36:fe:11:50:cc:fa:45:c4:a4:3b:1c:a6:5b:6d:c7:99:4b:18:
b8:0c:01:8c:b9:58:ad:75:60:1b:38:01:b7:fd:2c:77:93:10:
4c:f5:01:04:0d:5f:c7:ff:e4:60:a6:93:a5:e8:dc:de:a7:52:
78:61:81:d6:f5:ea:7d:2e:0d:0d:43:a6:9c:d9:3a:3f:84:59:
df:e5:ff:f9:07:ba:c4:fe:5d:52:bb:85:ea:92:a2:ed:81:a4:
98:2b:5d:de:9b:32:46:2b:3b:58:5c:f8:28:41:3a:0d:99:41:
9e:6d:92:fa:fe:cc:39:c6:aa:f5:08:36:0f:80:13:7e:86:12:
d2:8d:58:af:e4:ee:a9:d4:4c:54:01:cd:b0:5a:10:da:fa:aa:
ed:ad:e8:ee:06:08:ce:a5:dc:f3:98:df:d8:0a:1a:6c:6e:c4:
81:c1:6a:d1:aa:ba:6a:a0:3e:ac:3d:a5:08:d2:53:18:cb:16:
bb:eb:8c:c1:13:40:7a:92:5c:cc:a7:bd:cc:79:a1:70:bd:6b:
fb:e7:1f:33:04:d3:3c:1e:00:66:ee:ea:dc:6a:27:00:ba:ee:
2a:ad:26:a0:65:aa:6d:95:15:d4:b7:fd:17:7f:e0:8f:a8:fe:
b8:d3:40:b1:c3:71:41:a7:ae:73:88:c5:cf:ec:89:1f:75:bf:
59:aa:72:9c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYkbfmTJQF8IugVPZ64er63DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjMwNzAzMTEyMzM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNjYjRjZjZjYzEwNDNmZDMxMTUyY2RkMTM4M2EyZDc5NTI0ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsySlKZjv3ZNY54O71UqoAvNHd+aY
SqTX01pOs6oTwya69KaWASIi52Rotnx4Q5NFleq9xFG308s1j42MCUdTYG8wsGX/
D4hXfMCBOY6I5/ZfZMzdxfxVDwF2CKOste81mQk2FW6MM17vWJ+R9EbKbbiJYy3d
iGc8KRxuZ3KwSPgzmVLGTaOo9aeiVSoqkgVY2/4Ds5QCrlo110ikkmQgTj6uiRsj
Q3gGGKqLZwaLiVZUo/h+K5EaxTrDHwBkkdgl548YFo2OB8wUZ5dOmNSc9VflSYk0
tR77dSXzPlpO9+0BB9YFc8ZcIMyDRS4CpynFIgAAH2H8IdNKE+QnkbANEwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG7MtM9swQQ/0xFSzdE4Oi15Uk5VMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvYnN5MHoyekJCRF9URVZMTjBUZzZMWGxTVGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEB
CwUAA4IBAQA2/hFQzPpFxKQ7HKZbbceZSxi4DAGMuVitdWAbOAG3/Sx3kxBM9QEE
DV/H/+RgppOl6Nzep1J4YYHW9ep9Lg0NQ6ac2To/hFnf5f/5B7rE/l1Su4XqkqLt
gaSYK13emzJGKztYXPgoQToNmUGebZL6/sw5xqr1CDYPgBN+hhLSjViv5O6p1ExU
Ac2wWhDa+qrtrejuBgjOpdzzmN/YChpsbsSBwWrRqrpqoD6sPaUI0lMYyxa764zB
E0B6klzMp73MeaFwvWv75x8zBNM8HgBm7urcaicAuu4qrSagZaptlRXUt/0Xf+CP
qP6400Cxw3FBp65ziMXP7Ikfdb9ZqnKc
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:07 2024 by rpki-client on console.sobornost.net