Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CxgBhvqyAKCxFl7gbpBIy0C0Eu8.roa
File: CxgBhvqyAKCxFl7gbpBIy0C0Eu8.roa (raw, json)
Hash identifier: /68wTzEOvPZkCbiSQetQq6eCl/YsJWpi9LRTIf+ehjs=
Subject key identifier: 0B:18:01:86:FA:B2:00:A0:B1:16:5E:E0:6E:90:48:CB:40:B4:12:EF
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41E081138762A04C2C700D829844C0
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CxgBhvqyAKCxFl7gbpBIy0C0Eu8.roa
Signing time: Sun 01 Jan 2023 16:54:49 +0000
ROA not before: Sun 01 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57446
IP address blocks: 89.38.137.0/24 maxlen: 24
89.44.123.0/24 maxlen: 24
89.39.148.0/24 maxlen: 24
89.33.86.0/24 maxlen: 24
94.176.130.0/24 maxlen: 24
89.37.158.0/24 maxlen: 24
86.106.171.0/24 maxlen: 24
89.34.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:e0:81:13:87:62:a0:4c:2c:70:0d:82:98:44:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b180186fab200a0b1165ee06e9048cb40b412ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:1f:84:cb:0a:d8:8c:36:a2:00:9e:31:b8:
58:7b:ed:7b:fb:3b:af:63:9f:d3:8e:91:04:de:8d:
b2:4e:db:b1:69:a5:fc:29:20:19:2a:ea:a0:8e:c7:
ac:ec:fa:a4:53:e1:4c:47:a1:85:ff:39:7a:3e:20:
cc:c5:e6:c1:8f:30:a3:00:fd:6f:79:d7:f3:4d:8b:
d9:19:ed:b3:5a:4d:ce:19:5a:88:1e:1e:e8:68:01:
fa:e4:3b:01:50:97:a9:04:03:ce:8b:77:b9:08:b6:
89:45:1f:59:fa:48:be:2d:be:cf:25:20:04:4d:c7:
57:37:d5:38:64:32:03:13:a9:f5:d1:93:4b:66:50:
dd:7d:df:3d:73:07:8a:6b:c8:12:01:d9:45:08:9c:
66:fa:0c:fe:57:f0:42:3c:1a:d9:7d:4c:d8:33:c7:
a9:46:47:0d:91:9b:55:68:a0:55:52:ba:92:e4:d9:
3e:a7:26:7c:62:94:ff:2c:96:cd:32:3a:00:e9:9d:
62:7c:d0:5c:7e:6b:bb:11:b2:18:8f:03:74:fa:d0:
9e:2c:5c:40:58:54:f6:f3:a7:f5:2a:b5:74:f0:12:
60:45:7d:e2:df:3f:00:b5:4f:3d:f1:92:7a:3f:23:
ea:a0:7d:21:1d:0d:01:f5:bf:97:8c:a8:c2:8e:57:
26:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:18:01:86:FA:B2:00:A0:B1:16:5E:E0:6E:90:48:CB:40:B4:12:EF
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CxgBhvqyAKCxFl7gbpBIy0C0Eu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.171.0/24
89.33.86.0/24
89.34.173.0/24
89.37.158.0/24
89.38.137.0/24
89.39.148.0/24
89.44.123.0/24
94.176.130.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:05:ee:e6:26:87:5e:9f:cd:86:97:28:f7:e2:5e:d4:42:04:
07:ce:25:91:21:fe:01:31:53:28:3e:79:35:36:21:e3:59:67:
a7:ac:ba:45:b2:c3:3e:cd:65:4e:a2:79:01:45:92:ce:4d:73:
18:57:cf:58:74:64:8e:25:12:54:a0:0b:7e:c8:1b:97:65:35:
d2:8c:23:ed:65:ab:42:57:8d:41:0d:b0:66:14:ba:b8:a6:34:
54:25:fe:88:22:fe:c5:45:be:ad:75:14:de:c7:26:61:2d:88:
91:56:48:9f:6c:df:c1:c3:d0:c7:ff:d8:cf:df:da:fb:5f:05:
12:df:9b:1d:d3:f3:c1:32:53:54:3f:59:13:43:1c:cd:e3:3c:
ad:bf:73:dc:91:b4:fd:ed:2a:cc:b9:12:fa:fa:13:71:b4:45:
aa:35:5d:35:51:c8:ee:2e:4a:f1:ed:90:14:e7:fc:ee:5a:6f:
18:02:ec:85:71:60:95:cf:03:f0:71:3f:c2:fe:97:5b:d9:3a:
d6:de:88:ee:39:20:88:a9:48:eb:37:c9:03:77:35:4c:b8:19:
fe:e6:3b:bc:6f:9b:80:2a:ae:3e:77:63:c9:c9:61:54:98:3a:
2a:78:2e:26:30:43:7e:e1:07:ef:43:31:d3:95:9f:01:ef:0c:
a5:c0:ab:dc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVuQeCBE4dioEwscA2CmETAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE4MDE4NmZhYjIwMGEwYjExNjVlZTA2ZTkwNDhjYjQwYjQxMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGgfhMsK2Iw2ogCeMbhYe+17+zuv
Y5/TjpEE3o2yTtuxaaX8KSAZKuqgjses7PqkU+FMR6GF/zl6PiDMxebBjzCjAP1v
edfzTYvZGe2zWk3OGVqIHh7oaAH65DsBUJepBAPOi3e5CLaJRR9Z+ki+Lb7PJSAE
TcdXN9U4ZDIDE6n10ZNLZlDdfd89cweKa8gSAdlFCJxm+gz+V/BCPBrZfUzYM8ep
RkcNkZtVaKBVUrqS5Nk+pyZ8YpT/LJbNMjoA6Z1ifNBcfmu7EbIYjwN0+tCeLFxA
WFT286f1KrV08BJgRX3i3z8AtU898ZJ6PyPqoH0hHQ0B9b+XjKjCjlcmvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAsYAYb6sgCgsRZe4G6QSMtAtBLvMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvQ3hnQmh2cXlBS0N4Rmw3Z2JwQkl5MEMwRXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVmqrAwQA
WSFWAwQAWSKtAwQAWSWeAwQAWSaJAwQAWSeUAwQAWSx7AwQAXrCCMA0GCSqGSIb3
DQEBCwUAA4IBAQBNBe7mJoden82Glyj34l7UQgQHziWRIf4BMVMoPnk1NiHjWWen
rLpFssM+zWVOonkBRZLOTXMYV89YdGSOJRJUoAt+yBuXZTXSjCPtZatCV41BDbBm
FLq4pjRUJf6IIv7FRb6tdRTexyZhLYiRVkifbN/Bw9DH/9jP39r7XwUS35sd0/PB
MlNUP1kTQxzN4zytv3PckbT97SrMuRL6+hNxtEWqNV01UcjuLkrx7ZAU5/zuWm8Y
AuyFcWCVzwPwcT/C/pdb2TrW3ojuOSCIqUjrN8kDdzVMuBn+5ju8b5uAKq4+d2PJ
yWFUmDoqeC4mMEN+4QfvQzHTlZ8B7wylwKvc
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:10 2024 by rpki-client on console.sobornost.net