Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/8Lp7qUNVcum4oolpVr9h5f9XFd4.roa
File: 8Lp7qUNVcum4oolpVr9h5f9XFd4.roa (raw, json)
Hash identifier: qBHzuGbgkUUtDC1GTVltUdlGUrnUr9DRNFY1DsIMsrM=
Subject key identifier: F0:BA:7B:A9:43:55:72:E9:B8:A2:89:69:56:BF:61:E5:FF:57:15:DE
Certificate issuer: /CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Certificate serial: 018570DE2B9498794AA8DB4B60FE3864977B
Authority key identifier: CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/8Lp7qUNVcum4oolpVr9h5f9XFd4.roa
Signing time: Mon 02 Jan 2023 05:04:46 +0000
ROA not before: Mon 02 Jan 2023 05:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39869
IP address blocks: 89.107.152.0/21 maxlen: 21
31.6.64.0/21 maxlen: 21
185.24.216.0/22 maxlen: 22
178.19.96.0/20 maxlen: 20
212.59.224.0/19 maxlen: 19
185.230.108.0/22 maxlen: 22
91.188.96.0/19 maxlen: 19
2a02:2430::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:2b:94:98:79:4a:a8:db:4b:60:fe:38:64:97:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Validity
Not Before: Jan 2 05:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0ba7ba9435572e9b8a2896956bf61e5ff5715de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:53:25:79:86:5c:2b:57:f8:85:96:7b:e9:00:
76:dd:73:bf:9c:39:c3:41:84:01:ff:d7:61:c9:73:
9a:dd:ae:46:0c:6a:8e:7f:54:92:52:bc:da:c2:d9:
91:e5:22:af:62:25:e9:db:eb:f3:9b:3a:b7:1d:61:
9d:5b:71:e2:e8:6a:f9:7a:d1:6e:98:1c:69:99:72:
b0:e4:c2:a9:ba:7e:9b:58:18:62:98:a1:20:79:ea:
86:1e:00:a7:49:40:e5:f0:a4:c8:2c:ed:7f:ae:7e:
27:e1:4a:df:13:b0:63:88:48:bc:60:95:57:3c:76:
54:69:51:64:d1:a1:76:07:78:cc:79:d1:37:d6:db:
2b:a1:12:22:71:c6:00:ee:4c:c5:eb:cd:cf:0e:28:
bb:51:c4:cc:e4:e1:a1:86:86:a6:be:3e:15:6c:60:
fd:28:dc:f6:b3:62:72:6c:43:ce:74:a4:05:e9:3a:
a1:51:13:eb:2d:1b:61:cb:1a:34:20:62:54:f6:74:
c4:93:f0:9a:73:dd:1b:e9:a5:19:66:c6:03:31:c1:
7a:3e:72:db:5e:a4:32:02:34:f0:e9:74:a1:14:ab:
be:83:64:25:81:35:cf:e2:ef:cf:a7:18:bb:ce:b2:
a4:86:ca:ad:96:49:12:ec:9f:39:b7:4a:76:84:79:
ca:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BA:7B:A9:43:55:72:E9:B8:A2:89:69:56:BF:61:E5:FF:57:15:DE
X509v3 Authority Key Identifier:
keyid:CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/8Lp7qUNVcum4oolpVr9h5f9XFd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.64.0/21
89.107.152.0/21
91.188.96.0/19
178.19.96.0/20
185.24.216.0/22
185.230.108.0/22
212.59.224.0/19
IPv6:
2a02:2430::/32
Signature Algorithm: sha256WithRSAEncryption
25:0e:f8:21:37:8d:45:2c:37:ca:b1:24:33:88:ba:ce:77:5c:
ff:cb:c1:72:15:ba:a5:62:96:aa:b1:37:68:ca:59:90:51:b0:
03:f9:ed:4f:0f:de:94:95:94:6b:24:31:21:b7:aa:12:88:7b:
ee:d7:3a:6c:f7:38:c0:be:6b:3c:ff:c9:41:5d:43:8d:55:c4:
f6:c4:76:cf:fe:c5:37:64:2f:46:23:23:a9:35:3a:75:4a:18:
21:ef:e0:f6:a0:73:53:27:ce:e5:47:14:91:dd:9e:ca:71:b8:
d2:57:dc:2e:b9:4b:6f:4a:25:71:29:f8:98:fb:05:d8:c5:c1:
32:72:bf:62:01:cd:c2:93:ec:17:e2:e5:09:2e:b6:57:5f:a0:
c6:45:4f:32:4b:66:86:8f:f6:79:b9:5c:7f:5e:a8:a9:d4:a1:
c2:b3:8c:7f:61:9f:c8:5a:3f:93:2a:5d:94:60:e3:42:b6:eb:
e3:69:56:55:37:e8:b0:14:b1:10:fa:49:06:92:97:d5:de:c8:
80:88:d4:a7:a8:5b:e4:af:53:e2:aa:90:6e:d6:73:95:5f:2b:
4f:9a:13:82:c6:38:f3:8e:1b:b4:86:0e:54:9d:78:ad:e2:d2:
80:cb:a3:a9:f3:9a:d1:b9:fd:29:97:1a:54:c5:45:7c:05:06:
45:e6:27:47
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVw3iuUmHlKqNtLYP44ZJd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjhmN2EzOTFiN2IxNjQ5ZWQ0OTAzNDgyZDNlOTMxZWQz
NGUzZDgwHhcNMjMwMTAyMDUwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhN2JhOTQzNTU3MmU5YjhhMjg5Njk1NmJmNjFlNWZmNTcxNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFMleYZcK1f4hZZ76QB23XO/nDnD
QYQB/9dhyXOa3a5GDGqOf1SSUrzawtmR5SKvYiXp2+vzmzq3HWGdW3Hi6Gr5etFu
mBxpmXKw5MKpun6bWBhimKEgeeqGHgCnSUDl8KTILO1/rn4n4UrfE7BjiEi8YJVX
PHZUaVFk0aF2B3jMedE31tsroRIiccYA7kzF683PDii7UcTM5OGhhoamvj4VbGD9
KNz2s2JybEPOdKQF6TqhURPrLRthyxo0IGJU9nTEk/Cac90b6aUZZsYDMcF6PnLb
XqQyAjTw6XShFKu+g2QlgTXP4u/Ppxi7zrKkhsqtlkkS7J85t0p2hHnKpwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPC6e6lDVXLpuKKJaVa/YeX/VxXeMB8GA1UdIwQY
MBaAFM1o96ORt7FkntSQNILT6THtNOPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQt
MTY3M2FkOGM0MDEyLzEvOExwN3FVTlZjdW00b29scFZyOWg1ZjlYRmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQtMTY3M2FkOGM0MDEy
LzEveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHwZAAwQD
WWuYAwQFW7xgAwQEshNgAwQCuRjYAwQCueZsAwQF1DvgMA0EAgACMAcDBQAqAiQw
MA0GCSqGSIb3DQEBCwUAA4IBAQAlDvghN41FLDfKsSQziLrOd1z/y8FyFbqlYpaq
sTdoylmQUbAD+e1PD96UlZRrJDEht6oSiHvu1zps9zjAvms8/8lBXUONVcT2xHbP
/sU3ZC9GIyOpNTp1Shgh7+D2oHNTJ87lRxSR3Z7KcbjSV9wuuUtvSiVxKfiY+wXY
xcEycr9iAc3Ck+wX4uUJLrZXX6DGRU8yS2aGj/Z5uVx/Xqip1KHCs4x/YZ/IWj+T
Kl2UYONCtuvjaVZVN+iwFLEQ+kkGkpfV3siAiNSnqFvkr1PiqpBu1nOVXytPmhOC
xjjzjhu0hg5UnXit4tKAy6Op85rRuf0plxpUxUV8BQZF5idH
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:23 2024 by rpki-client on console.sobornost.net