Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/1-1gLQ8B1EpYvfrP64KlMbgnFePE.roa
File: 1-1gLQ8B1EpYvfrP64KlMbgnFePE.roa (raw, json)
Hash identifier: MMCukEFISESnKJ3vid/vSzKGZkkdhfCdTqw8OAA8+/A=
Subject key identifier: FB:58:0B:43:C0:75:12:96:2F:7E:B3:FA:E0:A9:4C:6E:09:C5:78:F1
Certificate issuer: /CN=9ee76113dbf320386f73e1935ac9ac943e81b58c
Certificate serial: 018CC50098F709F3B23B02207E53D36EA628
Authority key identifier: 9E:E7:61:13:DB:F3:20:38:6F:73:E1:93:5A:C9:AC:94:3E:81:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nudhE9vzIDhvc-GTWsmslD6BtYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/1-1gLQ8B1EpYvfrP64KlMbgnFePE.roa
Signing time: Mon 01 Jan 2024 12:29:59 +0000
ROA not before: Mon 01 Jan 2024 12:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20986
IP address blocks: 185.111.56.0/22 maxlen: 22
185.111.52.0/22 maxlen: 22
185.112.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:98:f7:09:f3:b2:3b:02:20:7e:53:d3:6e:a6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ee76113dbf320386f73e1935ac9ac943e81b58c
Validity
Not Before: Jan 1 12:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb580b43c07512962f7eb3fae0a94c6e09c578f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5e:8f:78:3b:fb:1d:41:d1:99:31:74:3f:9c:
e7:3f:e1:38:26:85:fd:9d:e0:a6:82:2a:ff:26:08:
77:24:75:c4:c1:7e:08:ce:06:ac:03:dc:e4:37:8b:
56:08:5c:33:1f:f0:35:9d:6d:5d:f7:39:ef:4d:df:
f5:cb:3d:ac:a3:24:64:54:2f:33:e4:73:c5:54:39:
f0:2d:49:6a:d4:7c:2a:eb:20:b6:8b:fa:bb:a7:63:
b5:3a:26:a3:2c:e4:39:45:d7:8e:73:99:83:65:03:
29:b1:04:f1:69:f5:3c:58:6a:82:0c:2d:ef:d0:11:
cc:a5:28:f5:29:09:d0:43:a7:39:01:9d:45:dd:f0:
be:86:cb:23:5d:18:ae:20:b8:6a:b3:2d:ac:f9:b1:
2e:3e:3f:a2:0b:65:d8:30:f2:95:74:4e:e1:4c:0a:
6e:9f:ce:14:c8:31:b1:20:9f:52:0d:ec:8d:6d:02:
f5:4d:8b:21:37:db:be:e0:a1:21:10:ad:45:c5:a7:
d5:c7:f3:a2:de:26:cf:e7:dd:d2:9b:a8:ef:9a:fb:
96:d8:7a:c5:b1:8f:69:5f:a1:5e:ab:3a:0f:56:c8:
f4:2b:d7:51:af:75:7e:e0:55:30:da:ff:f7:67:ea:
9f:60:bb:4c:fe:b6:5c:ab:91:e7:d7:60:5f:0e:71:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:58:0B:43:C0:75:12:96:2F:7E:B3:FA:E0:A9:4C:6E:09:C5:78:F1
X509v3 Authority Key Identifier:
keyid:9E:E7:61:13:DB:F3:20:38:6F:73:E1:93:5A:C9:AC:94:3E:81:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nudhE9vzIDhvc-GTWsmslD6BtYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/1-1gLQ8B1EpYvfrP64KlMbgnFePE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b919ce-0f83-4fb4-8dd8-de0412eb3bcc/1/nudhE9vzIDhvc-GTWsmslD6BtYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.52.0-185.111.59.255
185.112.16.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ac:2e:4c:29:79:64:1e:dc:62:b8:db:d3:2a:44:9d:91:ee:
ec:0d:95:70:c7:e5:6d:17:1a:f7:24:e1:9f:e3:43:34:bc:1f:
2f:db:d5:91:56:93:6e:3f:85:4a:9e:48:42:ad:2d:55:3d:85:
9f:88:2f:4d:bd:74:ba:cb:20:e5:4e:5e:5c:4a:16:34:d4:15:
85:ae:5b:7d:1b:ef:de:4f:f3:b4:18:aa:6b:c5:4a:47:9f:55:
e9:e1:bc:5c:4b:f4:fc:85:4f:64:04:1a:58:98:f5:6d:03:6b:
35:82:05:8e:0f:e8:65:e8:45:91:43:71:e0:c8:4f:9a:ab:42:
1f:39:49:cd:b7:92:8e:e5:c0:d3:9c:96:59:de:e5:fe:f9:31:
0f:eb:3b:cd:ee:e1:e5:81:1b:19:43:33:39:52:0b:6f:dd:a9:
85:90:df:3b:68:88:6f:60:f1:80:61:71:8c:33:8d:73:2a:7a:
f0:ac:ca:5c:5f:86:2a:7b:94:d8:eb:4c:76:f8:b5:48:46:8a:
32:6b:62:a6:72:ac:30:b5:e2:13:8e:52:41:89:17:08:8e:d5:
36:ca:96:3b:f1:53:ba:27:32:cd:a5:0d:fc:90:9f:74:bf:3f:
81:73:2c:3e:3e:95:f2:e9:46:62:60:19:87:3c:b0:d9:6d:ac:
eb:92:7e:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAJj3CfOyOwIgflPTbqYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTc2MTEzZGJmMzIwMzg2ZjczZTE5MzVhYzlhYzk0M2U4
MWI1OGMwHhcNMjQwMTAxMTIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjU4MGI0M2MwNzUxMjk2MmY3ZWIzZmFlMGE5NGM2ZTA5YzU3OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV6PeDv7HUHRmTF0P5znP+E4JoX9
neCmgir/Jgh3JHXEwX4IzgasA9zkN4tWCFwzH/A1nW1d9znvTd/1yz2soyRkVC8z
5HPFVDnwLUlq1Hwq6yC2i/q7p2O1OiajLOQ5RdeOc5mDZQMpsQTxafU8WGqCDC3v
0BHMpSj1KQnQQ6c5AZ1F3fC+hssjXRiuILhqsy2s+bEuPj+iC2XYMPKVdE7hTApu
n84UyDGxIJ9SDeyNbQL1TYshN9u+4KEhEK1FxafVx/Oi3ibP593Sm6jvmvuW2HrF
sY9pX6FeqzoPVsj0K9dRr3V+4FUw2v/3Z+qfYLtM/rZcq5Hn12BfDnGSawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPtYC0PAdRKWL36z+uCpTG4JxXjxMB8GA1UdIwQY
MBaAFJ7nYRPb8yA4b3Phk1rJrJQ+gbWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVkaEU5dnpJRGh2Yy1HVFdzbXNsRDZCdFl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iOTE5Y2UtMGY4My00ZmI0LThkZDgt
ZGUwNDEyZWIzYmNjLzEvMS0xZ0xROEIxRXBZdmZyUDY0S2xNYmduRmVQRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvYjkxOWNlLTBmODMtNGZiNC04ZGQ4LWRlMDQxMmViM2Jj
Yy8xL251ZGhFOXZ6SURodmMtR1RXc21zbEQ2QnRZdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQCuW80
AwQCuW84AwQCuXAQMA0GCSqGSIb3DQEBCwUAA4IBAQA1rC5MKXlkHtxiuNvTKkSd
ke7sDZVwx+VtFxr3JOGf40M0vB8v29WRVpNuP4VKnkhCrS1VPYWfiC9NvXS6yyDl
Tl5cShY01BWFrlt9G+/eT/O0GKprxUpHn1Xp4bxcS/T8hU9kBBpYmPVtA2s1ggWO
D+hl6EWRQ3HgyE+aq0IfOUnNt5KO5cDTnJZZ3uX++TEP6zvN7uHlgRsZQzM5Ugtv
3amFkN87aIhvYPGAYXGMM41zKnrwrMpcX4Yqe5TY60x2+LVIRooya2KmcqwwteIT
jlJBiRcIjtU2ypY78VO6JzLNpQ38kJ90vz+Bcyw+PpXy6UZiYBmHPLDZbazrkn5z
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:00:06 2024 by rpki-client on console.sobornost.net