Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/EnkUVP56nHEpz793JaB4r8x2N6s.roa
File: EnkUVP56nHEpz793JaB4r8x2N6s.roa (raw, json)
Hash identifier: u5fZDoqMbejxiUejWiFGohTGn+AsbgNE6jIj+IOdJS0=
Subject key identifier: 12:79:14:54:FE:7A:9C:71:29:CF:BF:77:25:A0:78:AF:CC:76:37:AB
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018B0431562118CBE648C6D2A370175341F3
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/EnkUVP56nHEpz793JaB4r8x2N6s.roa
Signing time: Fri 06 Oct 2023 08:53:44 +0000
ROA not before: Fri 06 Oct 2023 08:53:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.23.200.0/23 maxlen: 32
185.251.44.0/23 maxlen: 32
185.251.46.0/23 maxlen: 32
185.247.230.0/23 maxlen: 32
185.247.229.0/24 maxlen: 32
185.247.228.0/24 maxlen: 32
195.66.220.0/22 maxlen: 32
95.175.80.0/20 maxlen: 32
185.251.248.0/23 maxlen: 32
185.251.250.0/23 maxlen: 32
194.156.112.0/22 maxlen: 32
193.8.80.0/22 maxlen: 32
178.239.22.0/23 maxlen: 32
95.214.84.0/22 maxlen: 32
88.218.144.0/22 maxlen: 32
45.133.136.0/24 maxlen: 32
91.193.100.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:31:56:21:18:cb:e6:48:c6:d2:a3:70:17:53:41:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Oct 6 08:53:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12791454fe7a9c7129cfbf7725a078afcc7637ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:77:ea:6d:c1:ae:c5:e2:09:9b:06:d9:43:
68:59:9d:53:96:da:d4:da:25:fe:76:f2:26:87:97:
63:b0:23:da:32:97:43:ec:ed:0f:43:51:cb:4f:5f:
c4:61:8b:02:9a:74:fa:36:1c:b1:7c:70:d7:2a:24:
4f:b8:16:38:44:f2:5d:7f:c7:42:2f:9b:b6:7c:8c:
f9:13:f9:de:81:3d:60:91:5c:6c:dc:35:e7:ca:4d:
5e:33:e7:d2:55:5b:0e:2d:d0:bf:b3:42:1a:7a:93:
71:4f:4e:2d:32:3b:ee:da:c3:63:e6:17:1f:4e:62:
9d:c0:c2:f5:06:78:ca:a9:94:1c:ed:8e:56:24:b5:
b0:dd:ed:08:52:4e:ba:5e:92:e1:2b:3c:1b:f0:93:
93:83:a8:9f:96:48:0a:d8:73:66:3e:f2:9b:03:9b:
d8:cf:a2:af:65:07:11:fb:1a:e3:9e:b4:3a:7d:06:
10:a6:63:87:01:c5:61:cc:bc:ef:d5:e4:f7:f2:e9:
8a:f2:f8:ac:cf:9b:07:cb:3e:60:3e:96:91:3f:97:
63:95:f0:f3:6c:08:63:14:6d:ee:6f:98:74:1c:44:
7b:70:cd:48:12:ba:54:23:76:e9:59:da:b8:87:b4:
74:ee:7a:a2:ea:8d:35:6b:e1:b3:69:42:b9:2e:5b:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:79:14:54:FE:7A:9C:71:29:CF:BF:77:25:A0:78:AF:CC:76:37:AB
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/EnkUVP56nHEpz793JaB4r8x2N6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
88.218.144.0/22
91.193.100.0/22
95.175.80.0/20
95.214.84.0/22
178.239.22.0/23
185.23.200.0/23
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
193.8.80.0/22
194.156.112.0/22
195.66.220.0/22
Signature Algorithm: sha256WithRSAEncryption
43:d4:e7:a6:b9:0f:83:d7:df:71:0c:6a:70:6a:6d:3b:92:6d:
14:d4:9f:70:15:f9:d8:9c:41:af:43:fc:19:47:3e:c2:d5:71:
bb:97:f9:08:d4:63:c8:89:2f:7f:a9:23:24:b3:2c:af:3c:d3:
9b:4a:2f:a0:cf:63:f9:5a:b3:13:07:b6:3c:b6:fa:c3:22:60:
44:8a:9b:a3:a1:ac:ce:a6:c1:40:86:60:90:63:44:b1:0f:92:
fb:c5:51:15:95:ff:40:97:28:83:8f:36:72:e6:9a:50:ce:12:
cd:d5:ce:ea:5f:47:b7:08:e2:22:ce:02:4d:77:f1:db:3c:ad:
27:cf:2e:b7:49:b5:0d:a7:88:d6:bf:63:f7:79:ad:22:df:94:
42:51:b6:07:01:77:a4:6d:ca:38:ec:86:70:ac:11:d5:49:7a:
fc:32:80:81:63:54:7e:6c:43:39:96:35:00:6f:3b:f3:a0:cc:
75:84:f4:f7:60:d0:52:4a:84:5c:41:9e:e5:fe:12:e4:62:e8:
b4:1e:03:6b:73:33:dc:a7:58:69:56:ce:e1:ff:25:23:0b:e7:
91:69:7f:bf:0a:42:e9:bd:7d:b2:f4:f3:df:7c:91:7b:75:b2:
4b:27:c0:c6:06:67:04:e0:a2:1b:f4:70:a8:67:7e:8e:95:a6:
ab:c2:05:78
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYsEMVYhGMvmSMbSo3AXU0HzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMDA2MDg1MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjc5MTQ1NGZlN2E5YzcxMjljZmJmNzcyNWEwNzhhZmNjNzYzN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwV36m3BrsXiCZsG2UNoWZ1TltrU
2iX+dvImh5djsCPaMpdD7O0PQ1HLT1/EYYsCmnT6NhyxfHDXKiRPuBY4RPJdf8dC
L5u2fIz5E/negT1gkVxs3DXnyk1eM+fSVVsOLdC/s0IaepNxT04tMjvu2sNj5hcf
TmKdwML1BnjKqZQc7Y5WJLWw3e0IUk66XpLhKzwb8JOTg6iflkgK2HNmPvKbA5vY
z6KvZQcR+xrjnrQ6fQYQpmOHAcVhzLzv1eT38umK8visz5sHyz5gPpaRP5djlfDz
bAhjFG3ub5h0HER7cM1IErpUI3bpWdq4h7R07nqi6o01a+GzaUK5LlulaQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBJ5FFT+epxxKc+/dyWgeK/MdjerMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvRW5rVVZQNTZuSEVwejc5M0phQjRyOHgyTjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALYWIAwQC
WNqQAwQCW8FkAwQEX69QAwQCX9ZUAwQBsu8WAwQBuRfIAwQCuffkAwQCufssAwQC
ufv4AwQCwQhQAwQCwpxwAwQCw0LcMA0GCSqGSIb3DQEBCwUAA4IBAQBD1OemuQ+D
199xDGpwam07km0U1J9wFfnYnEGvQ/wZRz7C1XG7l/kI1GPIiS9/qSMksyyvPNOb
Si+gz2P5WrMTB7Y8tvrDImBEipujoazOpsFAhmCQY0SxD5L7xVEVlf9AlyiDjzZy
5ppQzhLN1c7qX0e3COIizgJNd/HbPK0nzy63SbUNp4jWv2P3ea0i35RCUbYHAXek
bco47IZwrBHVSXr8MoCBY1R+bEM5ljUAbzvzoMx1hPT3YNBSSoRcQZ7l/hLkYui0
HgNrczPcp1hpVs7h/yUjC+eRaX+/CkLpvX2y9PPffJF7dbJLJ8DGBmcE4KIb9HCo
Z36OlaarwgV4
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:01 2023 by rpki-client on console.sobornost.net