Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/jsSdFWl8iVhQmZ02J3V3zA69vEM.roa
File: jsSdFWl8iVhQmZ02J3V3zA69vEM.roa (raw, json)
Hash identifier: ya/yxYNCF7obbcpCXJko0lMUd59xylStH6o6FtOBfG0=
Subject key identifier: 8E:C4:9D:15:69:7C:89:58:50:99:9D:36:27:75:77:CC:0E:BD:BC:43
Certificate issuer: /CN=58dd42ab3460279709c134b570f76e34e4d95b91
Certificate serial: 01856E78EA7A2087D5F4A9936DA60E30D680
Authority key identifier: 58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/jsSdFWl8iVhQmZ02J3V3zA69vEM.roa
Signing time: Sun 01 Jan 2023 17:54:56 +0000
ROA not before: Sun 01 Jan 2023 17:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29152
IP address blocks: 195.80.152.0/24 maxlen: 24
195.80.158.0/24 maxlen: 24
195.80.154.0/24 maxlen: 24
195.80.157.0/24 maxlen: 24
195.80.153.0/24 maxlen: 24
195.80.156.0/24 maxlen: 24
195.80.159.0/24 maxlen: 24
195.80.155.0/24 maxlen: 24
2a00:1b11:115::/48 maxlen: 48
2a00:1b11:116::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ea:7a:20:87:d5:f4:a9:93:6d:a6:0e:30:d6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dd42ab3460279709c134b570f76e34e4d95b91
Validity
Not Before: Jan 1 17:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ec49d15697c895850999d36277577cc0ebdbc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:55:01:51:09:4d:36:43:09:a5:a1:a3:9e:99:
11:87:3d:05:cc:f6:5c:94:2f:8f:86:73:9b:b8:20:
1c:6c:43:9e:f9:54:8a:3b:be:e9:96:e5:42:8f:4a:
b1:76:20:b1:35:7c:d6:f8:c0:a3:bf:f7:f4:90:cb:
05:20:3e:69:ef:d5:18:1e:73:b8:23:ea:36:ec:96:
19:37:e8:84:43:47:f9:1a:f9:1d:ea:02:01:e3:51:
00:a5:de:29:5a:41:f7:a6:38:d7:a3:75:fa:44:f6:
d9:a0:a2:ce:0e:b0:bc:99:ed:5e:29:ec:ab:e5:86:
44:15:11:19:98:45:64:f5:43:40:cd:ce:32:cd:b5:
0e:c4:fe:cb:33:65:ee:de:62:10:ea:9c:a6:2a:3d:
8b:7b:1b:46:8c:90:a1:aa:92:0f:87:b2:a4:27:b8:
76:f1:8e:d5:62:e7:5d:cb:b8:b0:b0:6b:ce:88:d6:
5e:eb:84:bb:13:f2:bd:d2:12:20:e7:d9:3e:90:d5:
6c:ec:a1:d9:ae:17:f9:41:fb:96:82:90:d2:f1:5d:
f7:ae:0d:6c:6c:25:05:1a:58:1d:0f:ae:13:76:38:
1f:3e:43:13:20:62:85:3b:f5:13:04:12:19:a0:4d:
92:94:af:1b:7d:cc:76:e2:18:7b:d0:69:3d:b7:1a:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C4:9D:15:69:7C:89:58:50:99:9D:36:27:75:77:CC:0E:BD:BC:43
X509v3 Authority Key Identifier:
keyid:58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/jsSdFWl8iVhQmZ02J3V3zA69vEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/WN1CqzRgJ5cJwTS1cPduNOTZW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.152.0/21
IPv6:
2a00:1b11:115::-2a00:1b11:116:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:5c:1d:ae:0e:8f:32:ba:48:44:7d:2f:21:a8:bb:8b:ec:40:
04:e4:14:28:56:7b:92:5a:28:a0:6b:05:04:9a:85:5f:49:b2:
77:49:c9:8d:06:8b:e9:6f:20:10:80:38:04:dd:9a:b0:d6:da:
61:b0:f2:f7:c8:7c:87:27:e2:95:eb:cd:e2:2b:22:ce:a2:f3:
54:5f:1d:6c:c3:73:94:e4:0a:ee:06:1f:3c:af:c7:a5:ac:06:
5f:80:9d:80:0a:33:4c:88:01:60:37:05:c6:3e:4c:96:b8:8f:
db:80:87:ec:83:b3:af:e6:24:56:80:36:f6:e8:0d:02:c8:0e:
da:b2:32:3a:8e:f1:16:51:0d:70:58:8f:ed:bc:dc:5c:91:b9:
08:36:2d:bd:17:f6:c4:41:03:67:2e:dc:c9:ba:fa:2c:28:58:
5d:e4:2b:bf:6c:92:cd:7a:cd:7a:df:d2:93:79:d1:34:96:13:
61:d6:48:64:de:60:de:1f:0a:3b:ed:3d:d1:9b:b1:f3:0d:6f:
8a:62:92:8d:09:1a:82:3c:c2:67:15:e7:ef:d5:e6:0d:14:f0:
92:05:f2:e9:d8:ea:14:de:ab:d6:3b:f8:55:19:6c:63:22:d4:
09:51:eb:ab:c0:e5:d7:b4:95:ed:65:c5:59:ec:82:e4:e2:c4:
f5:77:b7:86
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVueOp6IIfV9KmTbaYOMNaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGQ0MmFiMzQ2MDI3OTcwOWMxMzRiNTcwZjc2ZTM0ZTRk
OTViOTEwHhcNMjMwMTAxMTc1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWM0OWQxNTY5N2M4OTU4NTA5OTlkMzYyNzc1NzdjYzBlYmRiYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVUBUQlNNkMJpaGjnpkRhz0FzPZc
lC+PhnObuCAcbEOe+VSKO77pluVCj0qxdiCxNXzW+MCjv/f0kMsFID5p79UYHnO4
I+o27JYZN+iEQ0f5Gvkd6gIB41EApd4pWkH3pjjXo3X6RPbZoKLODrC8me1eKeyr
5YZEFREZmEVk9UNAzc4yzbUOxP7LM2Xu3mIQ6pymKj2LextGjJChqpIPh7KkJ7h2
8Y7VYuddy7iwsGvOiNZe64S7E/K90hIg59k+kNVs7KHZrhf5QfuWgpDS8V33rg1s
bCUFGlgdD64TdjgfPkMTIGKFO/UTBBIZoE2SlK8bfcx24hh70Gk9txoU1wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFI7EnRVpfIlYUJmdNid1d8wOvbxDMB8GA1UdIwQY
MBaAFFjdQqs0YCeXCcE0tXD3bjTk2VuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgt
NmUzMTM0N2QwNGQ5LzEvanNTZEZXbDhpVmhRbVowMkozVjN6QTY5dkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgtNmUzMTM0N2QwNGQ5
LzEvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQDw1CYMBoE
AgACMBQwEgMHACoAGxEBFQMHACoAGxEBFjANBgkqhkiG9w0BAQsFAAOCAQEAC1wd
rg6PMrpIRH0vIai7i+xABOQUKFZ7kloooGsFBJqFX0myd0nJjQaL6W8gEIA4BN2a
sNbaYbDy98h8hyfilevN4isizqLzVF8dbMNzlOQK7gYfPK/HpawGX4CdgAozTIgB
YDcFxj5MlriP24CH7IOzr+YkVoA29ugNAsgO2rIyOo7xFlENcFiP7bzcXJG5CDYt
vRf2xEEDZy7cybr6LChYXeQrv2ySzXrNet/Sk3nRNJYTYdZIZN5g3h8KO+090Zux
8w1vimKSjQkagjzCZxXn79XmDRTwkgXy6djqFN6r1jv4VRlsYyLUCVHrq8Dl17SV
7WXFWeyC5OLE9Xe3hg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:57 2024 by rpki-client on console.sobornost.net