Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/PZ0bqkKSnBEZJZwyYlG9cC-W1qs.roa
File: PZ0bqkKSnBEZJZwyYlG9cC-W1qs.roa (raw, json)
Hash identifier: fFMCSQBT87H0CZnxVYhB+kwC29AWPT+yyCKKhOd+bgc=
Subject key identifier: 3D:9D:1B:AA:42:92:9C:11:19:25:9C:32:62:51:BD:70:2F:96:D6:AB
Certificate issuer: /CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Certificate serial: 018570D533FEF73D4F626AED60D40997223D
Authority key identifier: D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/PZ0bqkKSnBEZJZwyYlG9cC-W1qs.roa
Signing time: Mon 02 Jan 2023 04:54:58 +0000
ROA not before: Mon 02 Jan 2023 04:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 185.118.25.0/24 maxlen: 24
185.118.27.0/24 maxlen: 24
185.118.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:33:fe:f7:3d:4f:62:6a:ed:60:d4:09:97:22:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Validity
Not Before: Jan 2 04:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9d1baa42929c1119259c326251bd702f96d6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8d:a5:8a:63:41:d4:af:0c:ca:5d:04:20:4f:
3b:20:09:6c:7d:bf:45:0b:17:3e:fe:ab:fc:b2:07:
f0:b0:68:eb:68:79:59:97:af:8e:43:f3:70:e6:f6:
f7:04:f8:9e:26:34:32:ea:3e:db:bb:28:d5:2f:15:
94:2e:c0:ff:11:92:de:01:65:0f:9d:4c:d7:4e:4d:
e2:61:b0:d3:87:47:cb:cd:01:ce:00:bf:3d:50:c4:
57:2f:c0:4a:f5:5c:23:9d:14:13:90:2c:d2:75:29:
77:a1:5c:c9:f1:d0:e7:40:6b:01:14:32:57:e9:3d:
cb:38:cb:82:15:d3:57:79:b7:ec:11:71:de:ef:a1:
4a:77:6b:1f:c4:9d:16:d3:82:6c:fb:d5:c2:52:17:
dc:c6:cd:b9:ea:48:db:ea:f1:ef:09:d1:4c:d8:12:
c1:90:c3:9b:d2:4b:22:bd:71:ae:41:9b:f6:ed:b9:
e8:3b:d1:da:de:0b:14:98:07:13:3c:2e:86:1b:61:
a8:93:25:f5:92:9b:9f:3b:94:da:47:fb:fe:a6:bb:
9e:7a:35:fa:60:69:47:0d:4a:d1:72:b4:9c:22:6e:
36:f8:6a:07:7c:56:40:39:56:33:0d:6e:4c:d1:49:
c6:01:1b:f4:42:85:5e:ab:be:93:b9:29:da:2e:4a:
da:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9D:1B:AA:42:92:9C:11:19:25:9C:32:62:51:BD:70:2F:96:D6:AB
X509v3 Authority Key Identifier:
keyid:D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/PZ0bqkKSnBEZJZwyYlG9cC-W1qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.24.0/23
185.118.27.0/24
Signature Algorithm: sha256WithRSAEncryption
77:00:ef:97:79:5a:57:7b:84:0b:8f:f7:38:8a:44:77:3b:7d:
00:5d:e5:50:f9:0e:81:f4:5a:ec:fb:b9:fd:42:d6:fb:51:36:
b1:ba:20:2b:76:19:6e:cd:3f:48:cb:d4:5e:99:89:95:d3:9d:
c7:91:bf:78:c7:b5:1a:99:d6:01:73:c8:e3:ef:15:9f:f1:3e:
1a:63:84:e2:48:5a:10:70:b2:1b:3b:f9:63:ed:f9:a7:35:bf:
e8:c2:a4:b0:1f:a9:ba:f1:17:af:f6:d8:a1:c6:dc:75:22:43:
6b:ad:47:6c:83:9b:2e:e9:eb:77:63:49:5a:7c:71:d2:e7:6e:
73:7b:a1:a9:a9:a1:8d:d7:f1:e9:f6:74:61:72:23:32:bf:1e:
50:b4:59:81:36:64:4a:af:06:8b:77:b1:95:7b:0a:53:92:5c:
d8:71:23:cf:75:70:b2:df:44:ca:d4:31:11:93:2b:05:c7:9a:
6e:9e:0b:1c:cf:93:6e:e3:c6:ce:e8:7c:cd:90:1d:fd:22:d0:
62:2c:e9:b1:d7:4e:65:3d:c1:11:4c:6d:d2:fe:0a:53:d2:99:
0c:88:bf:7a:ef:66:97:a0:b5:ef:3b:37:ba:38:b6:7e:b8:c7:
3c:87:19:74:e4:28:0f:6c:c7:04:4a:02:0e:c4:c4:86:08:4a:
58:af:d5:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1TP+9z1PYmrtYNQJlyI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjdmMTZiMDVhMTEyMzE1MWE2NzdhNDdhYzJkOGQ5MDYx
ZGYzOTAwHhcNMjMwMTAyMDQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlkMWJhYTQyOTI5YzExMTkyNTljMzI2MjUxYmQ3MDJmOTZkNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs42limNB1K8Myl0EIE87IAlsfb9F
Cxc+/qv8sgfwsGjraHlZl6+OQ/Nw5vb3BPieJjQy6j7buyjVLxWULsD/EZLeAWUP
nUzXTk3iYbDTh0fLzQHOAL89UMRXL8BK9VwjnRQTkCzSdSl3oVzJ8dDnQGsBFDJX
6T3LOMuCFdNXebfsEXHe76FKd2sfxJ0W04Js+9XCUhfcxs256kjb6vHvCdFM2BLB
kMOb0ksivXGuQZv27bnoO9Ha3gsUmAcTPC6GG2GokyX1kpufO5TaR/v+prueejX6
YGlHDUrRcrScIm42+GoHfFZAOVYzDW5M0UnGARv0QoVeq76TuSnaLkra9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2dG6pCkpwRGSWcMmJRvXAvltarMB8GA1UdIwQY
MBaAFNf38WsFoRIxUaZ3pHrC2NkGHfOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYt
NmNiZTk0OTUzMmU0LzEvUFowYnFrS1NuQkVaSlp3eVlsRzljQy1XMXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYtNmNiZTk0OTUzMmU0
LzEvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXYYAwQA
uXYbMA0GCSqGSIb3DQEBCwUAA4IBAQB3AO+XeVpXe4QLj/c4ikR3O30AXeVQ+Q6B
9Frs+7n9Qtb7UTaxuiArdhluzT9Iy9RemYmV053Hkb94x7UamdYBc8jj7xWf8T4a
Y4TiSFoQcLIbO/lj7fmnNb/owqSwH6m68Rev9tihxtx1IkNrrUdsg5su6et3Y0la
fHHS525ze6GpqaGN1/Hp9nRhciMyvx5QtFmBNmRKrwaLd7GVewpTklzYcSPPdXCy
30TK1DERkysFx5pungscz5Nu48bO6HzNkB39ItBiLOmx105lPcERTG3S/gpT0pkM
iL9672aXoLXvOze6OLZ+uMc8hxl05CgPbMcESgIOxMSGCEpYr9U7
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:57 2023 by rpki-client on console.sobornost.net