Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1YwqVp-4Tt1Fy6njf5gJ1616ls0.roa
File: 1YwqVp-4Tt1Fy6njf5gJ1616ls0.roa (raw, json)
Hash identifier: SUDW2/21FcLYwMiwL2XfBwaT39lEvJbottHpI6HGWyE=
Subject key identifier: D5:8C:2A:56:9F:B8:4E:DD:45:CB:A9:E3:7F:98:09:D7:AD:7A:96:CD
Certificate issuer: /CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Certificate serial: 0185707969EE9D31A7733B5DC8B7C5622772
Authority key identifier: 7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1YwqVp-4Tt1Fy6njf5gJ1616ls0.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205086
IP address blocks: 185.231.20.0/24 maxlen: 24
185.231.23.0/24 maxlen: 24
185.231.22.0/24 maxlen: 24
185.231.21.0/24 maxlen: 24
2a0a:9580::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:69:ee:9d:31:a7:73:3b:5d:c8:b7:c5:62:27:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d58c2a569fb84edd45cba9e37f9809d7ad7a96cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:ca:71:78:89:74:08:7c:54:58:8e:ed:a7:
08:da:b4:aa:69:2d:45:e0:f0:e7:65:55:dd:f9:c7:
31:2e:93:41:42:45:4a:5c:6b:2d:e9:8f:cd:e3:d0:
8c:e5:49:24:9e:25:42:26:81:ca:c5:85:84:7d:ab:
05:5d:0c:f7:ad:53:a6:72:57:7c:24:be:6f:ed:c2:
2e:67:22:38:50:66:bf:cf:33:c1:57:cc:70:b6:7f:
74:39:48:38:a5:cd:67:e7:9f:b8:ef:3d:b4:c7:53:
bd:90:79:8c:bd:d5:39:db:fb:34:f5:8b:cc:73:8f:
a5:88:a4:44:dc:e8:5c:65:71:31:e8:aa:3f:93:d4:
40:a3:50:ae:13:eb:01:cc:36:01:ea:98:16:a1:a8:
c1:53:ee:bc:8d:43:75:8c:6d:c6:f6:e7:37:e6:e0:
29:46:76:60:ed:76:4f:6a:d5:b9:27:4a:67:ad:e1:
72:f7:59:9c:c5:ec:d7:57:f0:bd:9d:0a:d5:36:25:
28:e7:15:0c:a2:ac:2d:85:29:82:d7:24:76:2c:2e:
fc:26:e3:28:91:98:cb:bf:ff:1f:4a:8b:9e:c2:38:
11:2c:31:23:8f:a9:3b:26:31:4b:a9:a0:28:20:67:
d1:20:8b:e2:62:02:c9:f3:87:2e:1d:30:bd:3d:4c:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8C:2A:56:9F:B8:4E:DD:45:CB:A9:E3:7F:98:09:D7:AD:7A:96:CD
X509v3 Authority Key Identifier:
keyid:7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1YwqVp-4Tt1Fy6njf5gJ1616ls0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.20.0/22
IPv6:
2a0a:9580::/29
Signature Algorithm: sha256WithRSAEncryption
9c:6e:06:cc:b1:9c:84:4e:5a:21:2a:ac:86:0e:0f:39:db:75:
e6:12:f8:bb:fe:13:b4:25:70:00:1a:d8:6b:a0:66:45:75:9f:
4a:c8:af:90:fe:39:eb:e9:51:97:94:cf:1d:70:54:fc:e9:f1:
e0:f8:1c:bb:b2:0b:36:8c:af:ec:c3:95:43:0f:7b:85:5c:44:
43:40:dc:74:cd:1c:65:75:56:d9:9d:b2:2b:43:85:92:61:a2:
71:63:b4:56:4c:77:af:3e:26:f0:b8:f6:77:21:5f:91:da:e5:
31:50:53:fe:8f:46:df:da:a7:bb:6d:74:6b:ef:d4:a7:1a:5b:
73:25:92:50:e3:42:10:ff:34:d6:7f:b8:48:52:e2:7a:92:d5:
42:1c:fa:c5:7c:b5:ff:a2:7e:d7:c6:fa:7b:f1:83:cc:52:4d:
21:a6:2c:18:20:89:44:52:b7:e5:1d:40:f7:f0:98:58:a7:2a:
52:d5:ef:bb:5d:6b:8b:06:f2:e6:7e:b7:8a:e2:d2:ca:5c:ca:
1f:e1:18:e1:91:c3:c8:6c:a9:40:cf:71:ed:64:ea:c7:95:6e:
ac:82:84:6a:0f:b7:64:d2:c2:b5:b8:d9:98:e9:80:81:18:4f:
91:c5:bc:7c:4a:e2:70:e7:85:21:e0:ba:65:d2:3b:43:8b:1c:
3f:db:4b:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweWnunTGncztdyLfFYidyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTM0MTRiZGMyMzEyNDAwZGZhOWY1MDY1MGQ1MWVlMDQ0
M2RmMTYwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThjMmE1NjlmYjg0ZWRkNDVjYmE5ZTM3Zjk4MDlkN2FkN2E5NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1/KcXiJdAh8VFiO7acI2rSqaS1F
4PDnZVXd+ccxLpNBQkVKXGst6Y/N49CM5UkkniVCJoHKxYWEfasFXQz3rVOmcld8
JL5v7cIuZyI4UGa/zzPBV8xwtn90OUg4pc1n55+47z20x1O9kHmMvdU52/s09YvM
c4+liKRE3OhcZXEx6Ko/k9RAo1CuE+sBzDYB6pgWoajBU+68jUN1jG3G9uc35uAp
RnZg7XZPatW5J0pnreFy91mcxezXV/C9nQrVNiUo5xUMoqwthSmC1yR2LC78JuMo
kZjLv/8fSouewjgRLDEjj6k7JjFLqaAoIGfRIIviYgLJ84cuHTC9PUwdTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNWMKlafuE7dRcup43+YCdetepbNMB8GA1UdIwQY
MBaAFH4TQUvcIxJADfqfUGUNUe4EQ98WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQt
MDRmY2VjYWQ3MGVjLzEvMVl3cVZwLTRUdDFGeTZuamY1Z0oxNjE2bHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQtMDRmY2VjYWQ3MGVj
LzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuecUMA0E
AgACMAcDBQMqCpWAMA0GCSqGSIb3DQEBCwUAA4IBAQCcbgbMsZyETlohKqyGDg85
23XmEvi7/hO0JXAAGthroGZFdZ9KyK+Q/jnr6VGXlM8dcFT86fHg+By7sgs2jK/s
w5VDD3uFXERDQNx0zRxldVbZnbIrQ4WSYaJxY7RWTHevPibwuPZ3IV+R2uUxUFP+
j0bf2qe7bXRr79SnGltzJZJQ40IQ/zTWf7hIUuJ6ktVCHPrFfLX/on7Xxvp78YPM
Uk0hpiwYIIlEUrflHUD38JhYpypS1e+7XWuLBvLmfreK4tLKXMof4RjhkcPIbKlA
z3HtZOrHlW6sgoRqD7dk0sK1uNmY6YCBGE+Rxbx8SuJw54Uh4Lpl0jtDixw/20tt
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:42 2024 by rpki-client on console.sobornost.net