Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1-F-38xOFyB7VqITrcfkOYFgiImU.roa
File: 1-F-38xOFyB7VqITrcfkOYFgiImU.roa (raw, json)
Hash identifier: QX5ao0FfkvwXiGaBJMF9dMOIWmgNH6Y1mi+5zMHApyk=
Subject key identifier: F8:5F:B7:F3:13:85:C8:1E:D5:A8:84:EB:71:F9:0E:60:58:22:22:65
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018FA1A42E2C36EB7588A746D6A9D1737FCA
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1-F-38xOFyB7VqITrcfkOYFgiImU.roa
Signing time: Wed 22 May 2024 18:50:42 +0000
ROA not before: Wed 22 May 2024 18:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 22:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:a4:2e:2c:36:eb:75:88:a7:46:d6:a9:d1:73:7f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 22 18:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f85fb7f31385c81ed5a884eb71f90e6058222265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:36:0f:2f:2b:dd:6d:da:cc:4e:9e:b6:81:80:
60:35:9d:89:85:4b:32:78:c0:8f:0e:a1:33:e5:15:
26:b9:40:b8:7a:30:0b:07:f2:d4:ca:9e:e5:2e:f9:
db:6d:a0:e5:4a:22:2c:a6:86:bd:5e:75:07:51:45:
7d:32:a8:54:dd:6e:4e:68:db:d3:e5:83:9f:54:64:
b3:6a:4d:06:99:2b:7e:94:40:d7:df:37:d9:c7:ba:
a0:5e:52:4b:bc:9b:99:45:73:97:64:5b:96:ab:7d:
2f:50:a7:3b:d1:67:3a:f9:86:ab:10:12:68:32:f2:
1a:57:26:f7:47:63:f3:bd:e9:81:a8:91:3c:3a:f8:
93:c6:74:fd:e9:74:05:4f:2a:4a:ff:e0:70:8d:a3:
f3:d7:6a:da:2a:74:87:d5:58:ea:d7:7d:b7:c6:b0:
64:02:05:9d:22:99:8b:5b:e7:57:b6:78:67:d3:05:
94:04:b1:9a:29:17:98:c3:f8:3f:fb:81:d8:c8:be:
de:8a:a7:40:27:ba:eb:76:5a:99:7a:47:9c:8c:57:
7e:7f:09:ef:69:16:5d:42:d3:3e:88:49:a8:5b:75:
45:78:2a:17:07:01:17:f7:10:eb:71:41:b5:7b:28:
b5:ef:c2:07:59:77:0a:ff:54:6d:2a:ea:22:0c:45:
97:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5F:B7:F3:13:85:C8:1E:D5:A8:84:EB:71:F9:0E:60:58:22:22:65
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1-F-38xOFyB7VqITrcfkOYFgiImU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/47
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:65:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:81:99:5f:d1:c2:3b:79:f4:0e:fc:9a:45:83:b1:53:e3:a0:
f9:fc:06:71:59:93:bf:1c:ad:49:9f:27:61:99:f9:a4:57:0e:
79:f0:cc:98:85:e7:07:b8:f8:d4:ef:1f:c7:fa:f6:e8:dd:c4:
da:a0:2d:1c:8d:52:ab:81:e0:df:ce:16:63:7b:56:f2:ca:35:
b9:a8:03:1d:81:bf:96:d3:e8:b4:0f:f6:62:73:be:2f:13:7a:
bf:98:98:dd:ab:da:59:65:c2:fc:87:c4:67:61:a4:8f:b1:1d:
b3:cc:2c:2c:36:18:44:b0:a1:6c:4b:44:7c:d0:21:12:37:33:
e6:eb:83:be:1f:9d:01:e4:3d:05:85:ba:dd:b1:f8:76:69:b5:
e1:84:6e:46:b0:10:4e:29:8e:96:8f:4a:10:58:18:b3:ca:21:
cc:63:02:32:5b:fa:60:39:fc:78:45:ac:91:20:41:75:53:3b:
66:35:28:28:88:6f:1a:b9:86:e0:58:78:20:27:32:3d:2e:95:
7c:f6:14:84:f6:69:29:c3:92:0e:e7:d2:58:ad:f6:53:1a:2f:
9d:93:ff:3f:80:34:e3:b6:8c:d8:b2:76:5c:c8:90:66:3d:53:
a6:39:11:8a:36:1b:a7:31:27:18:c4:d0:15:7d:fe:5f:95:0a:
f2:ec:c9:d3
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY+hpC4sNut1iKdG1qnRc3/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwNTIyMTg1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODVmYjdmMzEzODVjODFlZDVhODg0ZWI3MWY5MGU2MDU4MjIyMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTYPLyvdbdrMTp62gYBgNZ2JhUsy
eMCPDqEz5RUmuUC4ejALB/LUyp7lLvnbbaDlSiIspoa9XnUHUUV9MqhU3W5OaNvT
5YOfVGSzak0GmSt+lEDX3zfZx7qgXlJLvJuZRXOXZFuWq30vUKc70Wc6+YarEBJo
MvIaVyb3R2PzvemBqJE8OviTxnT96XQFTypK/+BwjaPz12raKnSH1Vjq1323xrBk
AgWdIpmLW+dXtnhn0wWUBLGaKReYw/g/+4HYyL7eiqdAJ7rrdlqZekecjFd+fwnv
aRZdQtM+iEmoW3VFeCoXBwEX9xDrcUG1eyi178IHWXcK/1RtKuoiDEWXTwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFPhft/MThcge1aiE63H5DmBYIiJlMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvMS1GLTM4eE9GeUI3VnFJVHJjZmtPWUZnaUltVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvOTlhZTJmLTM5Y2MtNDNmMy05NDFkLTUxOTIwMzczMzUz
Yy8xL2lRVnZxV0piYklkQVFtZkczQ0daSkt3V0FFVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB6AYIKwYBBQUHAQcBAf8EgdgwgdUwJAQCAAEwHgMEAW1o
mAMEAG1omwMEApNOAAMEAbl+7gMEALnVFzCBrAQCAAIwgaUwEgMHASoRCEAABgMH
ACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhAABgD
BwEqEQhAACAwEgMHAioRCEAAJAMHACoRCEAAJgMHACoRCEAAMAMHACoRCEAAMwMH
ASoRCEAAQDASAwcAKhEIQABHAwcAKhEIQABIAwcAKhEIQABUMBIDBwUqEQhAAGAD
BwEqEQhAAGQwDQYJKoZIhvcNAQELBQADggEBAHCBmV/Rwjt59A78mkWDsVPjoPn8
BnFZk78crUmfJ2GZ+aRXDnnwzJiF5we4+NTvH8f69ujdxNqgLRyNUquB4N/OFmN7
VvLKNbmoAx2Bv5bT6LQP9mJzvi8Ter+YmN2r2lllwvyHxGdhpI+xHbPMLCw2GESw
oWxLRHzQIRI3M+brg74fnQHkPQWFut2x+HZpteGEbkawEE4pjpaPShBYGLPKIcxj
AjJb+mA5/HhFrJEgQXVTO2Y1KCiIbxq5huBYeCAnMj0ulXz2FIT2aSnDkg7n0lit
9lMaL52T/z+ANOO2jNiydlzIkGY9U6Y5EYo2G6cxJxjE0BV9/l+VCvLsydM=
-----END CERTIFICATE-----
Generated at Fri May 24 04:19:13 2024 by rpki-client on console.sobornost.net