Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/j3_6j6WwdUa3KcyC2BpjR20mW1Q.roa
File: j3_6j6WwdUa3KcyC2BpjR20mW1Q.roa (raw, json)
Hash identifier: b1yHqbIccldn/w2mCF0FhuqC5nRcsQ7OQGS9BNysbwA=
Subject key identifier: 8F:7F:FA:8F:A5:B0:75:46:B7:29:CC:82:D8:1A:63:47:6D:26:5B:54
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018B665D0E0BE7BDF8BA64799382C03E548D
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/j3_6j6WwdUa3KcyC2BpjR20mW1Q.roa
Signing time: Wed 25 Oct 2023 10:24:16 +0000
ROA not before: Wed 25 Oct 2023 10:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57752
IP address blocks: 185.54.36.0/22 maxlen: 22
185.17.56.0/24 maxlen: 24
185.17.56.0/22 maxlen: 22
185.17.57.0/24 maxlen: 24
45.130.238.0/24 maxlen: 24
45.130.237.0/24 maxlen: 24
45.130.236.0/22 maxlen: 22
45.130.236.0/24 maxlen: 24
45.130.239.0/24 maxlen: 24
185.234.48.0/22 maxlen: 22
109.205.64.0/21 maxlen: 21
2a03:dc00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:5d:0e:0b:e7:bd:f8:ba:64:79:93:82:c0:3e:54:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Oct 25 10:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f7ffa8fa5b07546b729cc82d81a63476d265b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:09:88:74:d8:4f:77:5a:50:cf:8a:fc:e3:6d:
6b:05:93:11:20:34:7b:2c:02:4b:11:7e:93:18:c4:
42:6d:ec:4e:a8:8a:47:d9:30:4c:b4:9e:d5:df:cb:
a4:82:7a:05:37:fb:81:47:e4:9b:8e:81:69:79:9b:
62:57:1c:76:a9:84:df:63:13:44:27:ef:c9:08:f0:
df:d0:f0:83:03:cb:e2:29:79:31:a0:20:45:3d:03:
e0:1f:3b:c3:78:d5:64:1b:52:57:34:2f:6e:3c:f3:
a9:bf:72:2a:be:dd:1c:f2:1c:3f:aa:f5:82:f7:30:
e0:fb:f7:14:0d:6a:b5:07:69:85:8e:e9:17:35:ad:
42:e6:60:18:45:a7:fb:6b:68:22:6a:bb:75:a1:ca:
18:0d:de:c9:5d:0c:dd:39:2b:df:53:85:ef:e3:3a:
fd:f9:a8:d7:d6:55:51:5a:7a:e1:c2:60:70:aa:90:
81:82:59:f1:14:05:bd:51:3c:9a:81:f5:61:13:4c:
0a:f4:73:62:de:5d:cf:ef:9a:d9:6a:3d:f6:4c:9c:
76:16:89:1a:e3:61:c0:54:41:0d:fe:16:ba:aa:b4:
8b:52:fc:1b:66:0d:0a:6e:02:20:5d:bb:89:31:db:
fd:dd:65:76:9d:60:f7:33:2a:77:95:e2:1d:cb:8f:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7F:FA:8F:A5:B0:75:46:B7:29:CC:82:D8:1A:63:47:6D:26:5B:54
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/j3_6j6WwdUa3KcyC2BpjR20mW1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.236.0/22
109.205.64.0/21
185.17.56.0/22
185.54.36.0/22
185.234.48.0/22
IPv6:
2a03:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
73:8d:6d:12:d2:36:bc:6d:9e:fa:0a:57:4d:fc:a0:d1:bc:e7:
b7:7a:08:d3:8b:1e:d9:85:6f:a7:e1:70:e4:7a:ee:10:ac:37:
40:fd:f4:35:63:d5:3b:3a:18:92:49:78:94:6d:39:6d:70:ee:
61:77:bd:9f:5c:e8:2c:93:95:a0:5e:0a:01:f6:7a:ac:8e:f1:
c6:2e:0c:60:13:d4:0e:51:fd:b4:93:23:18:89:e5:4e:20:60:
ba:cb:75:d2:db:78:cf:69:cf:6e:8e:ff:30:c4:40:ae:ca:c3:
cc:e6:ca:42:3e:63:23:80:f0:ff:b2:54:7e:24:b6:5b:94:ac:
da:77:34:0f:ec:57:3c:51:92:fb:33:cc:f4:ca:55:8c:85:03:
ea:27:83:9d:e6:be:71:e3:d2:6e:b3:20:9a:6d:a0:00:7b:0a:
13:fa:b8:a9:7f:e0:92:37:67:f3:a7:71:8f:a5:03:c0:8f:e4:
6c:c9:6e:ca:5b:a1:e8:ac:5a:b3:4b:5b:6a:ec:6b:99:09:eb:
cd:1f:61:70:13:bc:af:5a:20:28:68:12:69:9e:e2:8a:19:3e:
a3:00:1a:8c:dc:b1:b9:b2:d7:f8:50:b7:40:59:bb:f7:b2:4d:
98:bc:4f:37:1c:c8:67:3f:cb:56:ae:c5:da:a4:55:46:ec:ae:
e0:36:8c:a4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYtmXQ4L5734umR5k4LAPlSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjMxMDI1MTAyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdmZmE4ZmE1YjA3NTQ2YjcyOWNjODJkODFhNjM0NzZkMjY1YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AmIdNhPd1pQz4r8421rBZMRIDR7
LAJLEX6TGMRCbexOqIpH2TBMtJ7V38ukgnoFN/uBR+SbjoFpeZtiVxx2qYTfYxNE
J+/JCPDf0PCDA8viKXkxoCBFPQPgHzvDeNVkG1JXNC9uPPOpv3Iqvt0c8hw/qvWC
9zDg+/cUDWq1B2mFjukXNa1C5mAYRaf7a2giart1ocoYDd7JXQzdOSvfU4Xv4zr9
+ajX1lVRWnrhwmBwqpCBglnxFAW9UTyagfVhE0wK9HNi3l3P75rZaj32TJx2Foka
42HAVEEN/ha6qrSLUvwbZg0KbgIgXbuJMdv93WV2nWD3Myp3leIdy48fZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFI9/+o+lsHVGtynMgtgaY0dtJltUMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvajNfNmo2V3dkVWEzS2N5QzJCcGpSMjBtVzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYLsAwQD
bc1AAwQCuRE4AwQCuTYkAwQCueowMA0EAgACMAcDBQAqA9wAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzjW0S0ja8bZ76CldN/KDRvOe3egjTix7ZhW+n4XDkeu4QrDdA/fQ1
Y9U7OhiSSXiUbTltcO5hd72fXOgsk5WgXgoB9nqsjvHGLgxgE9QOUf20kyMYieVO
IGC6y3XS23jPac9ujv8wxECuysPM5spCPmMjgPD/slR+JLZblKzadzQP7Fc8UZL7
M8z0ylWMhQPqJ4Od5r5x49JusyCabaAAewoT+ripf+CSN2fzp3GPpQPAj+RsyW7K
W6HorFqzS1tq7GuZCevNH2FwE7yvWiAoaBJpnuKKGT6jABqM3LG5stf4ULdAWbv3
sk2YvE83HMhnP8tWrsXapFVG7K7gNoyk
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net