Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/lP3kLcKqFYiaFzLQo3zyKE5f1mA.roa
File: lP3kLcKqFYiaFzLQo3zyKE5f1mA.roa (raw, json)
Hash identifier: w59th14zIYPlenXQAknbg0CSDOT346GcufJcn9HVCog=
Subject key identifier: 94:FD:E4:2D:C2:AA:15:88:9A:17:32:D0:A3:7C:F2:28:4E:5F:D6:60
Certificate issuer: /CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Certificate serial: 01856FD4EE9F9BC46ED7CB42F4F641BEA603
Authority key identifier: F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/lP3kLcKqFYiaFzLQo3zyKE5f1mA.roa
Signing time: Mon 02 Jan 2023 00:15:03 +0000
ROA not before: Mon 02 Jan 2023 00:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24929
IP address blocks: 45.66.140.0/22 maxlen: 24
83.175.168.0/22 maxlen: 24
109.232.240.0/24 maxlen: 24
194.54.24.0/22 maxlen: 22
2a0e:84c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:ee:9f:9b:c4:6e:d7:cb:42:f4:f6:41:be:a6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Validity
Not Before: Jan 2 00:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94fde42dc2aa15889a1732d0a37cf2284e5fd660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:87:fd:64:ae:46:35:d2:c8:8e:81:29:19:45:
1b:09:ff:6f:2b:da:2a:53:a7:f7:23:ed:70:99:94:
e0:aa:8e:59:5b:45:5f:d0:bb:24:64:61:74:2a:06:
3c:21:6c:a5:f7:13:6d:81:92:9c:e9:c9:89:c4:13:
c3:9f:85:97:e2:f3:48:55:ae:42:74:c5:f4:c5:92:
0e:f8:94:4c:26:e9:6e:39:37:5c:b9:e9:36:d8:ba:
f9:5a:6f:d7:55:9f:1b:88:0d:0f:6e:ac:0f:d5:89:
5e:82:05:a2:33:54:fa:c9:1b:76:21:d8:fc:a2:e5:
c1:a3:ca:2d:f9:43:44:27:fd:6b:54:e4:f0:7d:e8:
79:7e:2a:41:9e:05:a6:98:3f:57:f3:3e:b8:63:e4:
01:73:70:31:01:40:48:41:47:8e:bd:f3:65:47:6f:
79:68:ac:48:cd:4d:36:1f:8b:c2:79:4e:42:f2:d1:
32:f9:ce:28:7d:a6:f4:78:79:ff:b4:23:6d:b2:c7:
a5:a6:dc:99:4d:e4:c6:1f:5d:82:9e:a1:62:94:f6:
22:1f:83:12:8a:23:ff:a8:f7:db:f3:e9:45:9b:93:
f9:b5:51:8b:bc:75:48:9a:c3:10:6e:fd:43:20:77:
64:04:16:c0:b0:32:34:8b:5e:eb:25:c6:54:cf:dd:
79:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FD:E4:2D:C2:AA:15:88:9A:17:32:D0:A3:7C:F2:28:4E:5F:D6:60
X509v3 Authority Key Identifier:
keyid:F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/lP3kLcKqFYiaFzLQo3zyKE5f1mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.140.0/22
83.175.168.0/22
109.232.240.0/24
194.54.24.0/22
IPv6:
2a0e:84c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:a6:3e:9b:2e:ac:52:7e:fa:44:4f:a8:cf:fa:cf:2f:62:e7:
33:c8:b4:ff:c4:64:ef:aa:5b:dc:9e:13:dc:d5:6e:25:e6:35:
e4:6d:c2:3f:28:96:2e:dd:be:9e:00:02:2e:d4:ce:bf:6b:c5:
be:a4:39:e0:d5:07:86:9a:b6:a7:26:0c:30:a1:82:e0:bf:7a:
43:d0:3d:71:1a:73:8b:24:2a:77:f0:80:a8:e5:91:a6:e3:d8:
2f:ac:98:1a:06:2f:9b:05:da:10:1d:3b:10:c1:b4:8e:b2:a5:
03:06:49:d2:f9:18:57:3f:05:2b:7a:7d:14:00:25:97:19:9b:
4c:a4:da:e4:24:af:cf:f5:ca:30:1e:b0:2b:11:e9:fe:75:ce:
09:d9:bd:ea:27:0f:9f:0b:ed:b0:d2:0b:9c:5f:27:13:99:66:
f8:61:80:1e:27:64:28:08:99:eb:d8:3a:24:85:da:86:80:f5:
d3:13:ac:90:cd:aa:27:52:c3:ec:16:8e:89:59:41:5f:30:0c:
4b:16:ee:bf:b6:2c:7c:ea:31:f8:c3:85:0c:3a:2a:4c:26:ab:
3e:1a:06:0d:62:c0:4f:a2:50:99:ca:46:c0:dc:9f:e6:b8:2f:
62:aa:c2:bc:8e:1c:d0:28:b2:f8:84:c8:e5:0f:8f:74:55:fc:
f7:01:50:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVv1O6fm8Ru18tC9PZBvqYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjkyMGJiZDdmYjcwZWY1ZGJjZjJkMGZlYTIwMmJkOTU3
NjVlYmEwHhcNMjMwMTAyMDAxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGZkZTQyZGMyYWExNTg4OWExNzMyZDBhMzdjZjIyODRlNWZkNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjof9ZK5GNdLIjoEpGUUbCf9vK9oq
U6f3I+1wmZTgqo5ZW0Vf0LskZGF0KgY8IWyl9xNtgZKc6cmJxBPDn4WX4vNIVa5C
dMX0xZIO+JRMJuluOTdcuek22Lr5Wm/XVZ8biA0PbqwP1YleggWiM1T6yRt2Idj8
ouXBo8ot+UNEJ/1rVOTwfeh5fipBngWmmD9X8z64Y+QBc3AxAUBIQUeOvfNlR295
aKxIzU02H4vCeU5C8tEy+c4ofab0eHn/tCNtsselptyZTeTGH12CnqFilPYiH4MS
iiP/qPfb8+lFm5P5tVGLvHVImsMQbv1DIHdkBBbAsDI0i17rJcZUz915AwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJT95C3CqhWImhcy0KN88ihOX9ZgMB8GA1UdIwQY
MBaAFPJpILvX+3DvXbzy0P6iAr2Vdl66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1rZ3U5ZjdjTzlkdlBMUV9xSUN2WlYyWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMThhOTctOGZjNy00OTU1LTg3YWYt
MGJjZmM1MzI5MzNjLzEvbFAza0xjS3FGWWlhRnpMUW8zenlLRTVmMW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMThhOTctOGZjNy00OTU1LTg3YWYtMGJjZmM1MzI5MzNj
LzEvOG1rZ3U5ZjdjTzlkdlBMUV9xSUN2WlYyWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUKMAwQC
U6+oAwQAbejwAwQCwjYYMA0EAgACMAcDBQAqDoTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBbpj6bLqxSfvpET6jP+s8vYuczyLT/xGTvqlvcnhPc1W4l5jXkbcI/KJYu3b6e
AAIu1M6/a8W+pDng1QeGmranJgwwoYLgv3pD0D1xGnOLJCp38ICo5ZGm49gvrJga
Bi+bBdoQHTsQwbSOsqUDBknS+RhXPwUren0UACWXGZtMpNrkJK/P9cowHrArEen+
dc4J2b3qJw+fC+2w0gucXycTmWb4YYAeJ2QoCJnr2DokhdqGgPXTE6yQzaonUsPs
Fo6JWUFfMAxLFu6/tix86jH4w4UMOipMJqs+GgYNYsBPolCZykbA3J/muC9iqsK8
jhzQKLL4hMjlD490Vfz3AVDV
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:22 2024 by rpki-client on console.sobornost.net