Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/vfuuSeAlbg9GIXXlO8kAy-OftQA.roa
File: vfuuSeAlbg9GIXXlO8kAy-OftQA.roa (raw, json)
Hash identifier: dMEMp66/6KGVCH48tMM1yRgrOVrq6Yv0y25mQ/+ZdOY=
Subject key identifier: BD:FB:AE:49:E0:25:6E:0F:46:21:75:E5:3B:C9:00:CB:E3:9F:B5:00
Certificate issuer: /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial: 0185715E7E0357737381C59EAF09D20D531E
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/vfuuSeAlbg9GIXXlO8kAy-OftQA.roa
Signing time: Mon 02 Jan 2023 07:24:56 +0000
ROA not before: Mon 02 Jan 2023 07:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39180
IP address blocks: 185.153.244.0/22 maxlen: 22
79.110.56.0/22 maxlen: 22
37.148.240.0/21 maxlen: 21
93.191.40.0/21 maxlen: 21
185.242.140.0/22 maxlen: 22
178.18.48.0/20 maxlen: 20
188.93.40.0/21 maxlen: 21
81.18.176.0/20 maxlen: 20
185.29.64.0/23 maxlen: 23
2a01:378::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:7e:03:57:73:73:81:c5:9e:af:09:d2:0d:53:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Validity
Not Before: Jan 2 07:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdfbae49e0256e0f462175e53bc900cbe39fb500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9f:26:34:4f:57:7e:88:01:71:62:33:b1:35:
13:b5:f5:33:04:f0:be:d3:be:dc:c3:60:9b:9a:ba:
66:01:1e:1e:0d:ca:97:f2:04:59:67:c3:f1:42:f0:
95:d9:e5:44:03:ff:67:92:09:a2:24:65:69:cf:2c:
2f:df:90:8a:07:58:21:78:5c:62:38:a8:6a:4d:c1:
8e:ff:23:13:19:04:e8:5b:51:e0:3a:d6:57:de:cb:
8d:82:24:b3:02:30:26:09:4f:9d:94:28:01:49:22:
2f:a2:bc:50:da:12:28:3b:a2:e8:16:70:85:50:8a:
da:82:64:2c:88:a2:3d:a9:b6:df:4e:80:b5:07:0e:
4f:85:83:a1:fa:05:d7:7e:00:07:03:8c:af:e1:07:
f1:d0:34:22:8f:58:19:45:c4:56:fc:6a:d1:2c:5b:
a2:a0:59:14:f9:b4:79:49:c5:d1:90:20:e8:c0:ca:
55:65:91:99:e5:5e:00:cb:1c:b5:23:b4:17:31:d3:
0b:24:03:2a:46:74:1e:fd:7c:a0:03:1f:0c:81:89:
69:70:da:6e:aa:61:c3:dd:f3:1d:ff:f0:e6:37:19:
22:56:5b:01:73:88:8f:e8:3b:e5:87:6d:c0:bb:74:
51:e4:20:4c:dc:2e:77:a1:e1:48:aa:e3:ad:ab:f7:
65:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FB:AE:49:E0:25:6E:0F:46:21:75:E5:3B:C9:00:CB:E3:9F:B5:00
X509v3 Authority Key Identifier:
keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/vfuuSeAlbg9GIXXlO8kAy-OftQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.240.0/21
79.110.56.0/22
81.18.176.0/20
93.191.40.0/21
178.18.48.0/20
185.29.64.0/23
185.153.244.0/22
185.242.140.0/22
188.93.40.0/21
IPv6:
2a01:378::/32
Signature Algorithm: sha256WithRSAEncryption
8b:cd:7d:53:09:75:4f:76:10:57:7e:1e:6d:5b:21:7e:8e:70:
1a:12:99:59:78:87:de:f0:5e:8d:6d:7e:21:78:ed:c3:7b:e2:
16:b9:eb:ba:3f:34:9d:5f:4e:63:cb:ee:73:1a:c7:a7:49:42:
41:01:40:94:e9:7d:89:79:5f:ea:e2:77:ff:79:17:48:37:bc:
83:21:85:1d:16:8c:db:75:93:23:0f:cf:17:b6:3e:4c:cc:0f:
ea:3c:15:f2:79:5f:82:45:88:fe:54:05:c4:66:8f:d2:d9:44:
d5:fa:52:b8:3d:cf:21:c8:66:79:89:8b:a7:45:68:48:77:66:
f7:60:1e:9c:cd:12:df:cb:c5:9b:8d:14:27:a8:3e:a1:c8:02:
fc:0e:b0:57:6d:09:94:b7:84:38:ca:25:2a:07:3e:0f:b9:a1:
c3:2b:e5:78:38:c9:96:26:cf:35:79:2d:45:c7:66:ea:e3:23:
d5:15:d6:bb:88:40:a9:61:96:38:2f:5d:ac:21:d2:e3:32:3b:
61:ea:6f:1e:17:0e:a8:a0:d0:6e:d2:d8:f2:24:9d:bd:21:5e:
6a:02:25:27:73:4c:62:26:c9:ca:fb:29:08:b0:b4:18:cc:ee:
69:29:b7:8b:b5:c7:03:91:a8:8f:f9:58:a7:c9:a4:0f:f9:e0:
80:cc:41:1d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVxXn4DV3NzgcWerwnSDVMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MmY1NjVlZDE2ZDhjMzM3YThjOGFiM2NkYzU3MmVmMTE1
MGY1YTkwHhcNMjMwMTAyMDcyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZiYWU0OWUwMjU2ZTBmNDYyMTc1ZTUzYmM5MDBjYmUzOWZiNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ8mNE9XfogBcWIzsTUTtfUzBPC+
077cw2CbmrpmAR4eDcqX8gRZZ8PxQvCV2eVEA/9nkgmiJGVpzywv35CKB1gheFxi
OKhqTcGO/yMTGQToW1HgOtZX3suNgiSzAjAmCU+dlCgBSSIvorxQ2hIoO6LoFnCF
UIragmQsiKI9qbbfToC1Bw5PhYOh+gXXfgAHA4yv4Qfx0DQij1gZRcRW/GrRLFui
oFkU+bR5ScXRkCDowMpVZZGZ5V4Ayxy1I7QXMdMLJAMqRnQe/XygAx8MgYlpcNpu
qmHD3fMd//DmNxkiVlsBc4iP6Dvlh23Au3RR5CBM3C53oeFIquOtq/dlnQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFL37rkngJW4PRiF15TvJAMvjn7UAMB8GA1UdIwQY
MBaAFJQvVl7RbYwzeoyKs83Fcu8RUPWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQt
NjZkMjUzNDMyZjVmLzEvdmZ1dVNlQWxiZzlHSVhYbE84a0F5LU9mdFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQtNjZkMjUzNDMyZjVm
LzEvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJZTwAwQC
T244AwQEURKwAwQDXb8oAwQEshIwAwQBuR1AAwQCuZn0AwQCufKMAwQDvF0oMA0E
AgACMAcDBQAqAQN4MA0GCSqGSIb3DQEBCwUAA4IBAQCLzX1TCXVPdhBXfh5tWyF+
jnAaEplZeIfe8F6NbX4heO3De+IWueu6PzSdX05jy+5zGsenSUJBAUCU6X2JeV/q
4nf/eRdIN7yDIYUdFozbdZMjD88Xtj5MzA/qPBXyeV+CRYj+VAXEZo/S2UTV+lK4
Pc8hyGZ5iYunRWhId2b3YB6czRLfy8WbjRQnqD6hyAL8DrBXbQmUt4Q4yiUqBz4P
uaHDK+V4OMmWJs81eS1Fx2bq4yPVFda7iECpYZY4L12sIdLjMjth6m8eFw6ooNBu
0tjyJJ29IV5qAiUnc0xiJsnK+ykIsLQYzO5pKbeLtccDkaiP+VinyaQP+eCAzEEd
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:05 2024 by rpki-client on console.sobornost.net