Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JQ4Lwr6B5UMAKMhAog4qLPVD4VQ.roa
File: JQ4Lwr6B5UMAKMhAog4qLPVD4VQ.roa (raw, json)
Hash identifier: CmkrIi26CGpKBMw4Dqzxyo+jsG2lSnpGAznOYewtSFw=
Subject key identifier: 25:0E:0B:C2:BE:81:E5:43:00:28:C8:40:A2:0E:2A:2C:F5:43:E1:54
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DD99FDCB160DDBAE1D88B2122911
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JQ4Lwr6B5UMAKMhAog4qLPVD4VQ.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49774
IP address blocks: 93.114.96.0/24 maxlen: 24
85.204.138.0/24 maxlen: 24
77.81.178.0/23 maxlen: 23
86.106.170.0/24 maxlen: 24
93.115.246.0/24 maxlen: 24
31.14.16.0/24 maxlen: 24
2a04:fee3::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:dd:99:fd:cb:16:0d:db:ae:1d:88:b2:12:29:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=250e0bc2be81e5430028c840a20e2a2cf543e154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1d:01:14:0c:e1:41:74:1a:e5:6a:c8:3e:61:
70:77:e7:cd:1d:35:09:fb:5d:e4:df:ff:06:20:c9:
26:aa:3c:df:82:df:22:a3:04:53:fa:35:89:85:19:
18:7f:40:b4:c0:12:48:15:8c:9c:71:36:aa:4c:aa:
57:3f:8f:e2:eb:8f:ae:e2:b4:8c:77:c9:c6:15:0c:
c4:a9:6b:01:75:35:03:b7:bb:c8:c5:e3:da:06:57:
d8:ee:da:80:71:36:77:d6:9d:40:88:f8:95:9a:01:
05:72:0d:b6:57:d0:3d:34:42:9e:2c:e1:61:04:a3:
34:64:40:b0:b1:9d:30:9d:ba:62:3c:fe:af:3f:dc:
50:83:3a:d4:82:7c:3a:67:6b:dd:59:18:2a:c3:d3:
bb:50:2f:d2:17:f5:b0:68:8b:8c:12:ee:61:d6:2d:
fc:d8:a6:ed:98:ef:f6:f9:f3:c2:0d:d4:45:c1:f8:
14:4f:6c:bb:fb:7a:26:4e:45:20:54:50:7c:c9:3e:
5a:1d:99:20:46:4f:bf:85:93:91:d0:8f:46:c3:22:
d0:ee:21:29:74:17:35:bf:c8:91:09:dc:db:90:05:
1b:d7:3d:30:f4:a6:a5:db:85:9e:e7:34:36:65:a2:
2b:86:bc:6c:35:b3:90:ae:c4:1c:d6:a4:22:45:75:
f0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0E:0B:C2:BE:81:E5:43:00:28:C8:40:A2:0E:2A:2C:F5:43:E1:54
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JQ4Lwr6B5UMAKMhAog4qLPVD4VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.16.0/24
77.81.178.0/23
85.204.138.0/24
86.106.170.0/24
93.114.96.0/24
93.115.246.0/24
IPv6:
2a04:fee3::/32
Signature Algorithm: sha256WithRSAEncryption
1f:75:37:e8:88:9f:c6:a0:06:fa:69:aa:5e:68:8a:ea:1d:bd:
49:d4:9f:59:ad:d2:e3:ba:b8:2a:a2:79:c4:ca:e7:2a:cc:73:
65:df:d0:05:0e:97:1b:3c:4d:d6:c7:32:49:37:95:40:67:64:
74:d3:ce:f3:34:2c:3f:93:e7:cd:f1:a8:ec:dd:2d:78:25:6f:
a9:58:31:81:5a:af:a4:7f:71:92:00:3c:b6:7d:31:26:9c:5d:
c2:41:44:02:cb:c3:3d:18:33:02:d7:42:68:a9:fd:c1:b5:d3:
04:c2:f6:4c:80:7b:f4:bd:9e:b3:85:97:0b:1a:62:59:d6:9d:
84:7d:d0:8e:08:c5:11:63:a1:3a:04:4f:e6:fc:43:fd:db:1f:
6c:d4:fa:1b:77:f0:94:6e:77:1a:8c:d6:d1:34:ff:0d:0a:2b:
7e:2e:93:d5:72:90:69:9e:9a:96:a7:32:cb:8f:4a:d4:ba:82:
5a:2c:fe:e7:a1:51:a7:cf:6f:dc:b1:40:0d:4c:e0:16:5d:03:
7f:6c:0a:05:e2:a8:0e:43:3e:e7:88:7e:d1:25:c1:92:04:db:
e7:e0:f2:2d:fe:b1:a4:1e:7b:0f:97:ca:05:8e:5c:46:da:a1:
42:54:f4:2e:e4:ae:00:b2:7b:21:25:14:a7:4d:d8:67:3a:94:
7b:7b:3d:a5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVuQd2Z/csWDduuHYiyEikRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBlMGJjMmJlODFlNTQzMDAyOGM4NDBhMjBlMmEyY2Y1NDNlMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx0BFAzhQXQa5WrIPmFwd+fNHTUJ
+13k3/8GIMkmqjzfgt8iowRT+jWJhRkYf0C0wBJIFYyccTaqTKpXP4/i64+u4rSM
d8nGFQzEqWsBdTUDt7vIxePaBlfY7tqAcTZ31p1AiPiVmgEFcg22V9A9NEKeLOFh
BKM0ZECwsZ0wnbpiPP6vP9xQgzrUgnw6Z2vdWRgqw9O7UC/SF/WwaIuMEu5h1i38
2KbtmO/2+fPCDdRFwfgUT2y7+3omTkUgVFB8yT5aHZkgRk+/hZOR0I9GwyLQ7iEp
dBc1v8iRCdzbkAUb1z0w9Kal24We5zQ2ZaIrhrxsNbOQrsQc1qQiRXXwfwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCUOC8K+geVDACjIQKIOKiz1Q+FUMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvSlE0THdyNkI1VU1BS01oQW9nNHFMUFZENFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw4QAwQB
TVGyAwQAVcyKAwQAVmqqAwQAXXJgAwQAXXP2MA0EAgACMAcDBQAqBP7jMA0GCSqG
SIb3DQEBCwUAA4IBAQAfdTfoiJ/GoAb6aapeaIrqHb1J1J9ZrdLjurgqonnEyucq
zHNl39AFDpcbPE3WxzJJN5VAZ2R0087zNCw/k+fN8ajs3S14JW+pWDGBWq+kf3GS
ADy2fTEmnF3CQUQCy8M9GDMC10Joqf3BtdMEwvZMgHv0vZ6zhZcLGmJZ1p2EfdCO
CMURY6E6BE/m/EP92x9s1Pobd/CUbncajNbRNP8NCit+LpPVcpBpnpqWpzLLj0rU
uoJaLP7noVGnz2/csUANTOAWXQN/bAoF4qgOQz7niH7RJcGSBNvn4PIt/rGkHnsP
l8oFjlxG2qFCVPQu5K4AsnshJRSnTdhnOpR7ez2l
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:10 2024 by rpki-client on console.sobornost.net