Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/taJWCdBJ6ECsSeWm5s98XtMNtsg.roa
File: taJWCdBJ6ECsSeWm5s98XtMNtsg.roa (raw, json)
Hash identifier: qj6dGQ4wCoWu5dBi5Xlpfyc/r2e1iuJYJwXIke/KezQ=
Subject key identifier: B5:A2:56:09:D0:49:E8:40:AC:49:E5:A6:E6:CF:7C:5E:D3:0D:B6:C8
Certificate issuer: /CN=b81c9652557987a2a0580cc5c65e3646b01da3bb
Certificate serial: 018C3E5DAA5B1A54FD1F0FC6BAA833A9B3A2
Authority key identifier: B8:1C:96:52:55:79:87:A2:A0:58:0C:C5:C6:5E:36:46:B0:1D:A3:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uByWUlV5h6KgWAzFxl42RrAdo7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/taJWCdBJ6ECsSeWm5s98XtMNtsg.roa
Signing time: Wed 06 Dec 2023 09:02:54 +0000
ROA not before: Wed 06 Dec 2023 09:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49136
IP address blocks: 109.229.96.0/19 maxlen: 19
94.231.128.0/20 maxlen: 20
94.231.135.0/24 maxlen: 24
94.231.136.0/24 maxlen: 24
94.231.139.0/24 maxlen: 24
81.162.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:5d:aa:5b:1a:54:fd:1f:0f:c6:ba:a8:33:a9:b3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81c9652557987a2a0580cc5c65e3646b01da3bb
Validity
Not Before: Dec 6 09:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a25609d049e840ac49e5a6e6cf7c5ed30db6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1f:87:c1:91:a6:a0:84:53:23:fa:f2:5c:e2:
8e:1e:3c:87:c4:92:4a:65:69:c1:e2:dc:0f:59:c9:
96:ec:f0:d7:a1:6c:52:d5:44:f1:66:bf:0d:98:da:
dc:0c:59:d7:78:e8:5e:38:34:6e:fb:96:a9:1d:9c:
58:6d:9d:d3:b5:84:f2:aa:df:ee:58:6b:47:8b:a4:
a2:37:63:ab:01:3c:e4:4d:cb:7c:93:67:7f:0c:58:
73:fd:6c:e0:6e:99:c9:56:4d:39:73:3b:f3:80:2f:
9e:ee:ce:62:c1:81:f8:98:3f:18:d2:4a:3e:f5:7c:
f7:b9:df:28:e0:07:11:1d:66:ae:25:18:1c:7c:d8:
e1:da:7d:b9:59:23:9e:44:5d:e5:f5:77:1b:75:de:
32:dc:9c:f9:fd:3c:e6:3b:35:ff:95:0f:a7:08:60:
cd:c8:62:02:c3:26:5a:b1:45:58:ab:10:9a:b9:0f:
e4:dc:2f:fb:08:de:ad:f0:d4:48:e0:8e:c2:34:db:
e6:38:33:c9:5b:3a:48:a6:dd:37:33:7b:49:e4:8f:
90:37:c3:5f:9e:ce:e5:8f:39:8e:f1:22:f4:2f:3d:
ae:7f:95:5e:b8:89:24:04:48:d4:5a:85:21:e8:e3:
9b:cf:2a:2f:61:a7:54:6d:94:43:6c:2a:14:89:18:
4d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A2:56:09:D0:49:E8:40:AC:49:E5:A6:E6:CF:7C:5E:D3:0D:B6:C8
X509v3 Authority Key Identifier:
keyid:B8:1C:96:52:55:79:87:A2:A0:58:0C:C5:C6:5E:36:46:B0:1D:A3:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uByWUlV5h6KgWAzFxl42RrAdo7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/taJWCdBJ6ECsSeWm5s98XtMNtsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/uByWUlV5h6KgWAzFxl42RrAdo7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.32.0/20
94.231.128.0/20
109.229.96.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:11:76:86:bb:9f:17:64:64:5e:3f:bc:0d:6b:2d:13:96:d5:
77:85:46:c1:16:1c:94:a5:05:b6:38:de:65:15:65:a4:cd:8b:
e2:4a:5f:be:3a:2b:56:62:c2:c7:13:f2:aa:41:2f:d0:c2:fb:
6e:13:06:89:ae:70:f7:1e:eb:56:ef:85:20:3d:51:d5:4b:c8:
fe:fe:11:ce:a1:67:58:c0:95:43:94:a9:52:ed:2d:1b:3c:e3:
77:7e:7a:0e:c8:39:58:e9:d1:9b:0d:43:68:2a:d1:5c:b2:67:
65:87:74:6d:7c:43:f5:7f:b6:f0:9e:71:75:8d:99:c2:0a:c5:
99:95:65:3a:e7:13:98:57:1a:e8:1b:fe:40:dc:8f:91:93:48:
18:f3:4a:50:1e:8e:f5:59:89:7d:de:04:3e:6e:cd:54:a7:3e:
36:47:8f:86:f9:96:9e:32:f4:28:24:21:87:04:ca:1f:e3:60:
c8:98:e0:69:70:fc:5c:3d:0a:c4:1e:31:0f:f7:96:84:0c:6e:
fe:fd:cd:bf:9e:7d:e2:fc:58:14:9c:ce:95:21:21:11:90:01:
2a:c8:ca:9b:48:92:35:84:1f:68:c7:f2:a5:a8:2c:3e:26:d2:
0e:30:f1:31:ff:19:6c:10:74:a5:31:9e:73:f6:43:fa:a8:d9:
43:d0:de:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw+XapbGlT9Hw/GuqgzqbOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWM5NjUyNTU3OTg3YTJhMDU4MGNjNWM2NWUzNjQ2YjAx
ZGEzYmIwHhcNMjMxMjA2MDkwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWEyNTYwOWQwNDllODQwYWM0OWU1YTZlNmNmN2M1ZWQzMGRiNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih+HwZGmoIRTI/ryXOKOHjyHxJJK
ZWnB4twPWcmW7PDXoWxS1UTxZr8NmNrcDFnXeOheODRu+5apHZxYbZ3TtYTyqt/u
WGtHi6SiN2OrATzkTct8k2d/DFhz/WzgbpnJVk05czvzgC+e7s5iwYH4mD8Y0ko+
9Xz3ud8o4AcRHWauJRgcfNjh2n25WSOeRF3l9Xcbdd4y3Jz5/TzmOzX/lQ+nCGDN
yGICwyZasUVYqxCauQ/k3C/7CN6t8NRI4I7CNNvmODPJWzpIpt03M3tJ5I+QN8Nf
ns7ljzmO8SL0Lz2uf5VeuIkkBEjUWoUh6OObzyovYadUbZRDbCoUiRhNsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLWiVgnQSehArEnlpubPfF7TDbbIMB8GA1UdIwQY
MBaAFLgcllJVeYeioFgMxcZeNkawHaO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJ5V1VsVjVoNktnV0F6RnhsNDJSckFkbzdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hYWIwNTQtZWQ1MC00YWE2LWFjZWUt
ZmEwZDJlNDdlNmYxLzEvdGFKV0NkQko2RUNzU2VXbTVzOThYdE1OdHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hYWIwNTQtZWQ1MC00YWE2LWFjZWUtZmEwZDJlNDdlNmYx
LzEvdUJ5V1VsVjVoNktnV0F6RnhsNDJSckFkbzdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUaIgAwQE
XueAAwQFbeVgMA0GCSqGSIb3DQEBCwUAA4IBAQAMEXaGu58XZGReP7wNay0TltV3
hUbBFhyUpQW2ON5lFWWkzYviSl++OitWYsLHE/KqQS/QwvtuEwaJrnD3HutW74Ug
PVHVS8j+/hHOoWdYwJVDlKlS7S0bPON3fnoOyDlY6dGbDUNoKtFcsmdlh3RtfEP1
f7bwnnF1jZnCCsWZlWU65xOYVxroG/5A3I+Rk0gY80pQHo71WYl93gQ+bs1Upz42
R4+G+ZaeMvQoJCGHBMof42DImOBpcPxcPQrEHjEP95aEDG7+/c2/nn3i/FgUnM6V
ISERkAEqyMqbSJI1hB9ox/KlqCw+JtIOMPEx/xlsEHSlMZ5z9kP6qNlD0N7k
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:35 2024 by rpki-client on console.sobornost.net