Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/egq5lTKHZIIFEmXGd8qDQ-g6na8.roa
File: egq5lTKHZIIFEmXGd8qDQ-g6na8.roa (raw, json)
Hash identifier: XmBoXKRrs5B7Ms0zK78VfrEEdDSrrM/eGQQ3dYG0ujo=
Subject key identifier: 7A:0A:B9:95:32:87:64:82:05:12:65:C6:77:CA:83:43:E8:3A:9D:AF
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018BAA28BC013CFF41BFFEE082DF6DA7FD22
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/egq5lTKHZIIFEmXGd8qDQ-g6na8.roa
Signing time: Tue 07 Nov 2023 14:21:18 +0000
ROA not before: Tue 07 Nov 2023 14:21:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57752
IP address blocks: 185.54.36.0/22 maxlen: 22
185.167.220.0/22 maxlen: 22
185.17.56.0/24 maxlen: 24
185.17.56.0/22 maxlen: 22
185.17.57.0/24 maxlen: 24
45.130.236.0/22 maxlen: 22
45.130.236.0/24 maxlen: 24
45.130.238.0/24 maxlen: 24
45.130.237.0/24 maxlen: 24
45.130.239.0/24 maxlen: 24
185.234.48.0/22 maxlen: 22
176.118.172.0/22 maxlen: 22
109.205.64.0/21 maxlen: 21
2a03:dc00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:28:bc:01:3c:ff:41:bf:fe:e0:82:df:6d:a7:fd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Nov 7 14:21:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a0ab99532876482051265c677ca8343e83a9daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:72:ee:b5:74:0a:9e:ff:e7:fe:0a:57:1b:
33:c8:16:4d:b5:54:14:fd:50:ef:d4:f1:84:14:8c:
89:21:be:4f:23:e7:d5:e2:cf:a2:41:16:cb:1c:2a:
2c:77:50:cb:dd:cb:2a:78:7b:2f:40:57:dd:00:02:
2d:f4:be:43:67:30:e4:7d:c3:d5:5c:d2:bb:bd:88:
f3:6b:bb:f9:f7:59:98:70:de:06:7a:de:d6:23:05:
02:2e:78:39:2e:4f:e7:af:f1:be:86:a5:9b:1d:61:
ec:ae:73:dd:65:b6:60:86:46:09:89:9a:84:e2:ff:
bf:8e:50:4d:20:0f:26:c9:d0:28:e9:b9:83:d2:f9:
be:24:a3:39:74:ca:94:b8:25:a4:25:33:d3:f1:df:
d5:bc:47:6a:46:aa:60:12:82:9f:83:e7:da:a2:7f:
37:28:df:56:c4:2e:cc:80:cc:36:40:67:d1:8c:be:
bc:ec:0e:81:5a:91:e8:5a:11:4c:8d:fd:86:80:28:
42:be:f8:56:f7:a2:94:39:f8:d1:35:f2:49:0e:dd:
b4:1b:83:da:d8:16:ac:5f:8b:d5:a6:e2:a5:02:13:
30:0c:f9:17:b0:ae:71:a6:5e:0d:66:75:97:c6:6a:
40:a5:f5:6a:fd:d4:53:24:f3:19:80:28:e3:dd:32:
11:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0A:B9:95:32:87:64:82:05:12:65:C6:77:CA:83:43:E8:3A:9D:AF
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/egq5lTKHZIIFEmXGd8qDQ-g6na8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.236.0/22
109.205.64.0/21
176.118.172.0/22
185.17.56.0/22
185.54.36.0/22
185.167.220.0/22
185.234.48.0/22
IPv6:
2a03:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
ae:e3:1e:34:19:7a:00:7f:88:40:bc:d5:6a:53:f7:51:eb:c1:
40:7e:64:ae:f4:2f:09:ff:4b:09:ab:1b:9e:f1:f2:60:5a:36:
5f:55:3a:ac:d9:dc:77:14:b3:ed:e2:c9:d8:c1:35:4e:1f:a3:
55:db:17:83:85:5b:5a:d4:75:1e:d1:91:ba:0f:74:4e:8f:31:
e0:1e:29:e3:da:4c:c6:4b:5a:aa:9c:52:d3:50:0e:9b:35:8c:
bf:1d:aa:01:39:9b:0f:05:a3:cd:4b:56:c7:4c:15:59:99:28:
7e:44:35:ba:2a:70:d2:25:ad:3f:41:48:dc:73:ae:4f:d4:36:
ee:46:e6:99:23:d0:bb:40:03:72:5d:0f:9d:b8:56:ff:1f:d8:
f4:54:0a:c3:79:e2:ab:b5:32:57:67:01:36:8a:3d:a4:44:01:
7f:fe:7a:8a:4a:7b:3f:35:9b:56:61:e8:2a:2f:0d:c6:b2:7c:
39:96:c0:14:5b:1b:77:33:7d:30:19:89:27:66:3d:ed:8d:00:
84:d7:cc:ae:5f:29:86:b8:74:26:45:fa:dc:22:45:ac:ef:5d:
1d:0c:65:41:08:11:d2:53:be:58:a7:ff:35:77:6d:d0:dd:72:
12:f3:9a:3c:4b:d4:cd:1d:3f:59:b0:39:37:b6:9b:2a:9f:52:
6e:53:ef:1f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYuqKLwBPP9Bv/7ggt9tp/0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjMxMTA3MTQyMTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBhYjk5NTMyODc2NDgyMDUxMjY1YzY3N2NhODM0M2U4M2E5ZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qpy7rV0Cp7/5/4KVxszyBZNtVQU
/VDv1PGEFIyJIb5PI+fV4s+iQRbLHCosd1DL3csqeHsvQFfdAAIt9L5DZzDkfcPV
XNK7vYjza7v591mYcN4Get7WIwUCLng5Lk/nr/G+hqWbHWHsrnPdZbZghkYJiZqE
4v+/jlBNIA8mydAo6bmD0vm+JKM5dMqUuCWkJTPT8d/VvEdqRqpgEoKfg+faon83
KN9WxC7MgMw2QGfRjL687A6BWpHoWhFMjf2GgChCvvhW96KUOfjRNfJJDt20G4Pa
2BasX4vVpuKlAhMwDPkXsK5xpl4NZnWXxmpApfVq/dRTJPMZgCjj3TIRdQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHoKuZUyh2SCBRJlxnfKg0PoOp2vMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvZWdxNWxUS0haSUlGRW1YR2Q4cURRLWc2bmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLYLsAwQD
bc1AAwQCsHasAwQCuRE4AwQCuTYkAwQCuafcAwQCueowMA0EAgACMAcDBQAqA9wA
MA0GCSqGSIb3DQEBCwUAA4IBAQCu4x40GXoAf4hAvNVqU/dR68FAfmSu9C8J/0sJ
qxue8fJgWjZfVTqs2dx3FLPt4snYwTVOH6NV2xeDhVta1HUe0ZG6D3ROjzHgHinj
2kzGS1qqnFLTUA6bNYy/HaoBOZsPBaPNS1bHTBVZmSh+RDW6KnDSJa0/QUjcc65P
1DbuRuaZI9C7QANyXQ+duFb/H9j0VArDeeKrtTJXZwE2ij2kRAF//nqKSns/NZtW
YegqLw3Gsnw5lsAUWxt3M30wGYknZj3tjQCE18yuXymGuHQmRfrcIkWs710dDGVB
CBHSU75Yp/81d23Q3XIS85o8S9TNHT9ZsDk3tpsqn1JuU+8f
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net