Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/oUa82wkMMbOOJAClsB9-qUnoyIQ.roa
File: oUa82wkMMbOOJAClsB9-qUnoyIQ.roa (raw, json)
Hash identifier: lNZAc7XKk/ZiVsx1J//n8SKeP6VbetqA/KhpRnSy/2g=
Subject key identifier: A1:46:BC:DB:09:0C:31:B3:8E:24:00:A5:B0:1F:7E:A9:49:E8:C8:84
Certificate issuer: /CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Certificate serial: 01856BE593121F039C8FE5F6B996F29908C5
Authority key identifier: BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/oUa82wkMMbOOJAClsB9-qUnoyIQ.roa
Signing time: Sun 01 Jan 2023 05:54:45 +0000
ROA not before: Sun 01 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24904
IP address blocks: 185.172.232.0/22 maxlen: 22
185.172.233.0/24 maxlen: 24
185.172.234.0/24 maxlen: 24
178.250.208.128/28 maxlen: 28
185.109.200.0/22 maxlen: 24
185.4.76.0/22 maxlen: 24
81.28.192.0/20 maxlen: 24
185.144.44.0/22 maxlen: 24
185.207.80.0/22 maxlen: 24
185.73.232.0/22 maxlen: 24
185.164.232.0/22 maxlen: 24
178.250.208.64/27 maxlen: 27
178.250.208.0/21 maxlen: 24
185.66.100.0/22 maxlen: 24
185.45.32.0/22 maxlen: 24
2a03:4980::/32 maxlen: 32
2a03:4980:100::/40 maxlen: 40
2a03:4980::/40 maxlen: 40
2a03:4980:200::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:93:12:1f:03:9c:8f:e5:f6:b9:96:f2:99:08:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Validity
Not Before: Jan 1 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a146bcdb090c31b38e2400a5b01f7ea949e8c884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e0:61:fc:51:df:97:df:95:44:f2:6d:0d:4c:
1e:33:a0:17:8a:30:9f:b6:d8:e6:0c:39:d3:46:ee:
1a:0a:71:e0:f9:98:db:3e:f6:c7:70:cf:31:06:de:
fe:11:ba:25:47:64:aa:23:64:f4:1f:64:83:ce:a6:
9b:22:46:7e:10:f4:63:44:2c:bd:c4:72:09:f9:21:
d6:7d:3e:0a:9e:9d:f0:9f:8a:ac:11:c8:d3:9e:cf:
b1:15:8a:62:b3:ca:69:c2:b1:7c:d9:da:f4:c0:85:
f0:e0:1f:cb:0f:95:1a:4a:e5:a0:7a:1e:b2:59:53:
ae:d5:ab:f3:b3:da:11:e6:46:27:82:ce:87:66:6a:
bf:e0:86:f5:40:2b:44:c7:c5:35:6d:cf:8e:c9:c4:
8c:7c:c2:f9:50:40:e8:eb:9d:06:cb:a6:61:08:2a:
a2:2d:e0:a4:3f:78:ee:10:19:2f:5e:02:96:c6:53:
85:1a:ab:a8:46:d7:a6:ac:a2:d1:02:46:57:e5:65:
41:ec:c7:a9:92:c2:7e:9f:5e:ba:fe:bb:5a:41:48:
ef:20:28:52:25:54:75:2f:a0:cf:cb:d0:68:5e:e5:
bf:b2:64:55:27:bd:31:25:09:0b:e7:98:17:ca:b9:
b0:5a:61:73:fb:02:29:c8:ed:27:ee:15:0d:87:31:
a0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:46:BC:DB:09:0C:31:B3:8E:24:00:A5:B0:1F:7E:A9:49:E8:C8:84
X509v3 Authority Key Identifier:
keyid:BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/oUa82wkMMbOOJAClsB9-qUnoyIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.192.0/20
178.250.208.0/21
185.4.76.0/22
185.45.32.0/22
185.66.100.0/22
185.73.232.0/22
185.109.200.0/22
185.144.44.0/22
185.164.232.0/22
185.172.232.0/22
185.207.80.0/22
IPv6:
2a03:4980::/32
Signature Algorithm: sha256WithRSAEncryption
1b:a0:bc:57:47:bf:88:d7:c3:f4:23:73:4c:0a:16:38:d1:2c:
00:50:6f:1a:0f:65:96:12:b8:37:f5:47:19:c5:fc:62:b4:12:
6a:1e:c3:38:b8:10:b3:03:66:0a:d0:ef:7a:7b:7d:5e:f1:b0:
c3:2f:dd:6c:36:ce:f1:7a:4c:d9:44:62:13:e8:e9:74:63:96:
51:81:82:a4:ff:c0:b6:ce:a0:7a:76:3e:25:4c:83:54:d4:4f:
25:24:33:db:d1:cf:93:b7:ee:82:27:3a:c8:b1:48:43:6f:8a:
f3:89:c7:81:42:94:ed:74:75:62:8a:38:6a:da:c4:d6:8f:5a:
33:e9:15:cf:45:a9:94:69:a4:c9:20:cf:53:da:d4:f3:1b:d9:
0a:30:1f:39:e8:93:17:32:bc:a6:65:c7:84:31:4b:6c:8d:6b:
18:e0:e1:af:9a:17:d8:4e:e3:79:c4:b6:21:65:b0:d8:d9:6b:
49:b6:35:cf:c4:3e:81:88:7b:58:55:57:1d:5c:a2:aa:a7:61:
8b:7a:f3:47:10:a0:05:b5:60:14:e2:7d:ad:9e:f1:ed:5d:35:
3e:6c:44:03:7a:ae:7e:ba:4b:75:cc:46:18:38:4c:03:7c:b8:
91:45:cb:10:da:e3:d3:42:79:e0:3c:49:c1:77:23:b3:10:29:
72:c4:c1:46
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVr5ZMSHwOcj+X2uZbymQjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjVlNWU2MDFjYmY1ZDE5ZDEwZDRkYjQ3NmE5MjNiM2Iz
NmY4MjcwHhcNMjMwMTAxMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ2YmNkYjA5MGMzMWIzOGUyNDAwYTViMDFmN2VhOTQ5ZThjODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOBh/FHfl9+VRPJtDUweM6AXijCf
ttjmDDnTRu4aCnHg+ZjbPvbHcM8xBt7+EbolR2SqI2T0H2SDzqabIkZ+EPRjRCy9
xHIJ+SHWfT4Knp3wn4qsEcjTns+xFYpis8ppwrF82dr0wIXw4B/LD5UaSuWgeh6y
WVOu1avzs9oR5kYngs6HZmq/4Ib1QCtEx8U1bc+OycSMfML5UEDo650Gy6ZhCCqi
LeCkP3juEBkvXgKWxlOFGquoRtemrKLRAkZX5WVB7MepksJ+n166/rtaQUjvIChS
JVR1L6DPy9BoXuW/smRVJ70xJQkL55gXyrmwWmFz+wIpyO0n7hUNhzGgzwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKFGvNsJDDGzjiQApbAffqlJ6MiEMB8GA1UdIwQY
MBaAFLq15eYBy/XRnRDU20dqkjs7NvgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQt
NzdjYTg5Y2Y0MzZhLzEvb1VhODJ3a01NYk9PSkFDbHNCOS1xVW5veUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQtNzdjYTg5Y2Y0MzZh
LzEvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEURzAAwQD
svrQAwQCuQRMAwQCuS0gAwQCuUJkAwQCuUnoAwQCuW3IAwQCuZAsAwQCuaToAwQC
uazoAwQCuc9QMA0EAgACMAcDBQAqA0mAMA0GCSqGSIb3DQEBCwUAA4IBAQAboLxX
R7+I18P0I3NMChY40SwAUG8aD2WWErg39UcZxfxitBJqHsM4uBCzA2YK0O96e31e
8bDDL91sNs7xekzZRGIT6Ol0Y5ZRgYKk/8C2zqB6dj4lTINU1E8lJDPb0c+Tt+6C
JzrIsUhDb4rziceBQpTtdHViijhq2sTWj1oz6RXPRamUaaTJIM9T2tTzG9kKMB85
6JMXMrymZceEMUtsjWsY4OGvmhfYTuN5xLYhZbDY2WtJtjXPxD6BiHtYVVcdXKKq
p2GLevNHEKAFtWAU4n2tnvHtXTU+bEQDeq5+ukt1zEYYOEwDfLiRRcsQ2uPTQnng
PEnBdyOzEClyxMFG
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:50 2024 by rpki-client on console.sobornost.net