Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/rpAlRN0LCqtfPGebF302A08CNdE.roa
File: rpAlRN0LCqtfPGebF302A08CNdE.roa (raw, json)
Hash identifier: 7lCtEl7oeVlzIpQJHNl5pCNy1ci9VYSOgqL1PyQSBfM=
Subject key identifier: AE:90:25:44:DD:0B:0A:AB:5F:3C:67:9B:17:7D:36:03:4F:02:35:D1
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 018571556020ECAE2A0C396D65427FDCB56E
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/rpAlRN0LCqtfPGebF302A08CNdE.roa
Signing time: Mon 02 Jan 2023 07:14:58 +0000
ROA not before: Mon 02 Jan 2023 07:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34245
IP address blocks: 185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
213.159.128.0/22 maxlen: 24
87.192.220.0/23 maxlen: 24
85.91.0.0/19 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.128.0/21 maxlen: 24
87.232.134.0/24 maxlen: 24
87.198.0.0/16 maxlen: 24
87.232.64.0/18 maxlen: 24
213.79.32.0/19 maxlen: 24
89.127.253.0/24 maxlen: 24
89.127.252.0/24 maxlen: 24
89.127.252.0/23 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
87.232.32.0/19 maxlen: 24
2a01:148::/29 maxlen: 32
2a01:14f::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:60:20:ec:ae:2a:0c:39:6d:65:42:7f:dc:b5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 2 07:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae902544dd0b0aab5f3c679b177d36034f0235d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d8:7a:5d:46:0c:61:c6:78:c6:0a:aa:7e:20:
38:6b:ef:7e:2e:f2:73:6a:45:51:02:7c:13:00:bd:
35:66:a8:72:e7:59:8d:03:13:b7:0f:4f:63:7f:6f:
8a:b7:a7:e0:04:f2:bd:c4:b9:0a:46:52:1b:b4:6a:
fb:6d:17:5d:30:99:8e:fb:25:24:c2:b9:45:83:7c:
5f:40:2b:7f:7e:93:9a:31:58:79:f5:9b:3e:0d:c1:
a3:38:d0:12:87:85:8f:b1:2d:20:13:df:8c:27:17:
49:6a:b1:1b:8c:75:64:5b:f0:d3:80:af:7b:78:b4:
5d:39:a8:e0:26:48:e0:0a:76:53:15:30:94:ce:38:
b4:2f:8a:a1:29:aa:ad:fc:85:5d:df:6b:54:11:19:
34:ca:0d:f5:8c:e0:71:f2:44:1e:d3:65:6c:0f:01:
03:dc:54:2d:f1:16:45:c9:64:9a:c7:d9:b6:d2:48:
5f:a8:d5:78:59:5c:52:34:96:a2:11:6c:73:5f:9d:
d6:ae:c8:11:39:14:07:2e:81:e6:21:b2:b0:4a:bf:
c7:cb:67:21:bf:05:2f:0e:87:04:b6:4e:b7:3e:52:
ef:d9:d9:bc:1a:74:62:fc:d3:cb:16:f9:9a:d4:80:
43:03:4b:85:6c:b4:c0:2c:07:37:39:0f:7b:54:d5:
9b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:90:25:44:DD:0B:0A:AB:5F:3C:67:9B:17:7D:36:03:4F:02:35:D1
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/rpAlRN0LCqtfPGebF302A08CNdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
89.127.252.0/23
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
82:2d:86:26:a9:c1:6b:95:37:8d:54:3c:47:8c:e3:23:24:2b:
76:5a:99:28:68:e0:14:b3:39:74:24:56:42:a2:5e:26:ca:37:
21:2c:83:c7:9e:a1:ee:2c:47:e8:0b:2c:6e:e5:fc:df:0a:ec:
05:8a:12:18:3b:59:d4:1e:93:ab:57:69:44:c7:cd:bb:bb:32:
d5:ab:cd:49:2c:82:a9:96:8a:c6:5d:7a:63:39:a1:ab:c0:f3:
3a:8b:26:0d:94:13:e4:ce:2e:f0:f1:d8:db:e2:f8:8d:b4:5b:
a0:9a:b2:f1:dd:48:e1:84:cd:60:57:4f:fb:87:fa:ec:9c:f6:
a1:5f:a3:d3:d3:11:5d:83:62:58:6c:c7:9e:22:72:6d:77:2d:
e9:d1:08:43:40:ef:b6:ca:6f:fb:1d:43:90:e2:10:c7:ea:a4:
e9:4b:e3:d6:c3:1d:26:c5:67:5d:ea:7e:d3:c3:31:6e:72:8e:
9c:c8:37:3e:47:58:58:36:f5:e2:c2:84:af:8e:34:7d:ba:4e:
9b:a5:ee:d3:a7:a6:f1:31:40:5b:3e:55:dd:46:e9:31:bc:fa:
80:78:04:98:5b:ba:c4:63:39:ff:b9:0e:26:93:76:31:67:ef:
4d:cf:e2:70:ea:ff:7a:08:d0:e3:fe:c7:75:0a:42:de:82:3c:
fc:9d:c4:2e
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYVxVWAg7K4qDDltZUJ/3LVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjMwMTAyMDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkwMjU0NGRkMGIwYWFiNWYzYzY3OWIxNzdkMzYwMzRmMDIzNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNh6XUYMYcZ4xgqqfiA4a+9+LvJz
akVRAnwTAL01Zqhy51mNAxO3D09jf2+Kt6fgBPK9xLkKRlIbtGr7bRddMJmO+yUk
wrlFg3xfQCt/fpOaMVh59Zs+DcGjONASh4WPsS0gE9+MJxdJarEbjHVkW/DTgK97
eLRdOajgJkjgCnZTFTCUzji0L4qhKaqt/IVd32tUERk0yg31jOBx8kQe02VsDwED
3FQt8RZFyWSax9m20khfqNV4WVxSNJaiEWxzX53WrsgRORQHLoHmIbKwSr/Hy2ch
vwUvDocEtk63PlLv2dm8GnRi/NPLFvma1IBDA0uFbLTALAc3OQ97VNWbkQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFK6QJUTdCwqrXzxnmxd9NgNPAjXRMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvcnBBbFJOMExDcXRmUEdlYkYzMDJBMDhDTmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVVsA
AwQAV8BQAwQBV8DcAwMAV8YwDAMEBVfoIAMEA1fogAMEAFfowQMEAFfo4DALAwQB
V+j6AwMAV+gwDAMEAVl88gMEAFl89AMEAVl//AMEArlqWAMEBdQRIAMEBdVPIAME
AtWfgDANBAIAAjAHAwUDKgEBSDANBgkqhkiG9w0BAQsFAAOCAQEAgi2GJqnBa5U3
jVQ8R4zjIyQrdlqZKGjgFLM5dCRWQqJeJso3ISyDx56h7ixH6AssbuX83wrsBYoS
GDtZ1B6Tq1dpRMfNu7sy1avNSSyCqZaKxl16Yzmhq8DzOosmDZQT5M4u8PHY2+L4
jbRboJqy8d1I4YTNYFdP+4f67Jz2oV+j09MRXYNiWGzHniJybXct6dEIQ0Dvtspv
+x1DkOIQx+qk6Uvj1sMdJsVnXep+08MxbnKOnMg3PkdYWDb14sKEr440fbpOm6Xu
06em8TFAWz5V3UbpMbz6gHgEmFu6xGM5/7kOJpN2MWfvTc/icOr/egjQ4/7HdQpC
3oI8/J3ELg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:02 2024 by rpki-client on console.sobornost.net