Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/SpRnVIbJ7j9hZwM2XcKNoqtBfb4.roa
File: SpRnVIbJ7j9hZwM2XcKNoqtBfb4.roa (raw, json)
Hash identifier: 1jP+75xNvY8v0jJEqhW44WG/VseVyMmKg8tOQ1xPSpo=
Subject key identifier: 4A:94:67:54:86:C9:EE:3F:61:67:03:36:5D:C2:8D:A2:AB:41:7D:BE
Certificate issuer: /CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef
Certificate serial: 018572DEEE4B32FBD3FFE1AA66BAC6EA529C
Authority key identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/SpRnVIbJ7j9hZwM2XcKNoqtBfb4.roa
Signing time: Mon 02 Jan 2023 14:24:50 +0000
ROA not before: Mon 02 Jan 2023 14:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60134
IP address blocks: 45.152.157.0/24 maxlen: 24
45.152.156.0/24 maxlen: 24
193.30.129.0/24 maxlen: 24
45.152.158.0/24 maxlen: 24
45.152.159.0/24 maxlen: 24
185.158.253.0/24 maxlen: 24
185.158.252.0/22 maxlen: 22
185.158.252.0/24 maxlen: 24
185.158.255.0/24 maxlen: 24
185.158.254.0/24 maxlen: 24
45.144.206.0/24 maxlen: 24
45.144.205.0/24 maxlen: 24
45.144.204.0/22 maxlen: 22
45.144.204.0/24 maxlen: 24
45.144.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:ee:4b:32:fb:d3:ff:e1:aa:66:ba:c6:ea:52:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef
Validity
Not Before: Jan 2 14:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a94675486c9ee3f616703365dc28da2ab417dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0a:5f:3c:5b:3d:fa:17:f9:5d:f7:b0:43:e6:
f1:5b:4a:c4:83:3b:e3:36:13:20:27:4c:cb:d6:f8:
65:6a:c0:90:09:f8:ac:93:73:18:87:4d:dc:25:de:
ef:02:3d:e3:bc:8a:29:a1:83:d0:a5:b7:fd:8e:15:
f7:19:6f:6a:53:7d:1a:41:b0:95:43:75:f2:c6:75:
9d:a9:58:fb:41:d7:a3:60:70:6d:d4:df:2c:18:fb:
e8:74:4e:e7:9e:89:0d:dc:1f:df:d0:b5:7b:38:fd:
56:27:f7:0b:2c:b5:f2:4d:a2:32:c3:1f:93:3a:88:
1f:a0:5e:f1:ad:e8:c6:29:81:5f:4c:75:44:f4:07:
6a:d6:fd:ae:36:21:53:fa:01:41:d6:c7:36:03:47:
23:cc:00:ab:4d:ec:da:32:14:5b:ba:34:cd:88:f4:
5c:f0:6f:f5:a6:15:af:f3:12:63:cf:a9:a8:3d:fd:
31:59:47:b7:b0:24:e4:17:1b:13:84:96:01:5c:06:
fb:40:b7:3f:09:7f:4e:c2:3a:f0:a7:09:b2:1f:a8:
b3:4c:70:53:ae:87:77:a8:9f:9d:b6:04:ed:0a:ea:
6f:59:11:2e:dc:46:7d:3e:de:00:f7:62:d9:0b:e5:
37:bf:6f:ff:df:6e:1d:0e:f4:bb:a1:48:da:d1:9a:
3a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:94:67:54:86:C9:EE:3F:61:67:03:36:5D:C2:8D:A2:AB:41:7D:BE
X509v3 Authority Key Identifier:
keyid:08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/SpRnVIbJ7j9hZwM2XcKNoqtBfb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
185.158.252.0/22
193.30.129.0/24
Signature Algorithm: sha256WithRSAEncryption
11:de:2c:85:6c:8d:c2:f1:03:1a:b8:06:dc:42:e3:cf:c1:af:
be:e3:07:98:3e:8a:45:75:41:27:80:36:75:57:a2:48:b4:07:
02:85:46:21:53:93:a8:12:d3:78:91:88:6d:c1:b0:36:43:bd:
33:e9:df:fe:3c:dd:8e:26:68:40:c8:55:0d:f8:71:1c:08:5f:
c9:f1:a2:8f:14:11:7a:61:a6:a9:8c:e1:2e:0d:19:73:31:e9:
3d:e2:91:30:34:80:37:46:4f:b4:c2:df:47:9d:61:28:16:fb:
98:f4:d9:61:a0:f5:7b:08:55:b6:76:6b:21:7f:02:9a:ff:23:
56:3c:4b:ad:1c:4b:b6:5a:5f:26:0a:92:5b:89:cd:cd:04:83:
72:2d:6a:1b:9b:df:dc:36:88:80:63:43:be:47:c4:fb:81:f0:
ab:33:04:f1:b2:5e:2b:b6:ef:25:db:9f:2f:29:8f:c2:39:9e:
d7:55:a8:11:14:e3:26:b6:83:3c:cf:95:5f:f0:84:c6:8f:26:
24:fc:44:f9:25:32:6a:ca:1d:05:25:9a:1a:c1:29:0b:34:3d:
06:16:7c:b9:de:b0:05:30:b2:af:1c:83:62:3b:0f:dd:f2:64:
15:a9:c8:be:ff:1e:25:92:ee:8b:7f:1a:26:23:0a:f3:c6:72:
2a:13:86:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVy3u5LMvvT/+GqZrrG6lKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDNhNTE1NjgzZTlkZGI4NWQzOGU3YWIzOWMzM2FlZGFj
YWY3ZWYwHhcNMjMwMTAyMTQyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk0Njc1NDg2YzllZTNmNjE2NzAzMzY1ZGMyOGRhMmFiNDE3ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwpfPFs9+hf5XfewQ+bxW0rEgzvj
NhMgJ0zL1vhlasCQCfisk3MYh03cJd7vAj3jvIopoYPQpbf9jhX3GW9qU30aQbCV
Q3XyxnWdqVj7QdejYHBt1N8sGPvodE7nnokN3B/f0LV7OP1WJ/cLLLXyTaIywx+T
OogfoF7xrejGKYFfTHVE9Adq1v2uNiFT+gFB1sc2A0cjzACrTezaMhRbujTNiPRc
8G/1phWv8xJjz6moPf0xWUe3sCTkFxsThJYBXAb7QLc/CX9OwjrwpwmyH6izTHBT
rod3qJ+dtgTtCupvWREu3EZ9Pt4A92LZC+U3v2//324dDvS7oUja0Zo6IQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEqUZ1SGye4/YWcDNl3CjaKrQX2+MB8GA1UdIwQY
MBaAFAjTpRVoPp3bhdOOerOcM67ayvfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05PbEZXZy1uZHVGMDQ1NnM1d3pydHJLOS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82N2NmYTAtYTMyYi00MDYzLTkzNzAt
MGI1YzVkOTQ0MjZhLzEvU3BSblZJYko3ajloWndNMlhjS05vcXRCZmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82N2NmYTAtYTMyYi00MDYzLTkzNzAtMGI1YzVkOTQ0MjZh
LzEvQ05PbEZXZy1uZHVGMDQ1NnM1d3pydHJLOS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZDMAwQC
LZicAwQCuZ78AwQAwR6BMA0GCSqGSIb3DQEBCwUAA4IBAQAR3iyFbI3C8QMauAbc
QuPPwa++4weYPopFdUEngDZ1V6JItAcChUYhU5OoEtN4kYhtwbA2Q70z6d/+PN2O
JmhAyFUN+HEcCF/J8aKPFBF6YaapjOEuDRlzMek94pEwNIA3Rk+0wt9HnWEoFvuY
9NlhoPV7CFW2dmshfwKa/yNWPEutHEu2Wl8mCpJbic3NBINyLWobm9/cNoiAY0O+
R8T7gfCrMwTxsl4rtu8l258vKY/COZ7XVagRFOMmtoM8z5Vf8ITGjyYk/ET5JTJq
yh0FJZoawSkLND0GFny53rAFMLKvHINiOw/d8mQVqci+/x4lku6LfxomIwrzxnIq
E4Y4
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net