Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/Is1Ev8m8lRdc41BjyAEKGd5YTn4.roa
File: Is1Ev8m8lRdc41BjyAEKGd5YTn4.roa (raw, json)
Hash identifier: 4UaB7Ak4BB0EdKnDRjQVRHsxZ5OqdugXYkjiDY8U8HY=
Subject key identifier: 22:CD:44:BF:C9:BC:95:17:5C:E3:50:63:C8:01:0A:19:DE:58:4E:7E
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188FF071C6270BC4D931C1F42F1CBC5AAA4
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/Is1Ev8m8lRdc41BjyAEKGd5YTn4.roa
Signing time: Tue 27 Jun 2023 22:43:56 +0000
ROA not before: Tue 27 Jun 2023 22:43:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 86.108.0.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
185.98.220.0/22 maxlen: 24
92.253.0.0/17 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.160.0/19 maxlen: 24
94.249.0.0/17 maxlen: 24
37.202.64.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:07:1c:62:70:bc:4d:93:1c:1f:42:f1:cb:c5:aa:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 27 22:43:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22cd44bfc9bc95175ce35063c8010a19de584e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:20:4b:b7:3c:47:d5:3c:20:05:35:89:91:2b:
31:80:91:b0:06:c8:89:d3:ac:8d:92:a0:9a:40:71:
0d:b0:36:f4:d3:02:36:2f:31:63:39:83:1c:bd:d5:
17:25:ab:3a:57:09:17:7a:a0:8b:10:e2:48:ff:b1:
62:55:10:a0:07:d3:5b:46:bd:5c:8a:31:1b:ca:62:
db:da:94:6e:f2:5c:0a:62:34:bd:fa:6a:19:09:88:
dc:0d:e7:7e:22:3e:8e:06:e1:83:e9:e2:57:e5:89:
bd:2e:56:9e:97:d1:e6:ed:9a:48:98:c0:b3:82:79:
52:c1:e7:1f:6c:85:d3:cb:1e:36:c0:e1:d2:c7:4d:
ae:92:14:79:6e:5c:f1:a4:55:65:6c:22:4f:cb:63:
fc:f1:19:a9:0b:d1:51:33:1f:54:44:04:b6:ae:86:
a3:7e:9a:05:b7:42:54:18:6a:9b:ce:01:2d:9f:23:
a8:ba:e6:1c:df:99:06:b4:f7:79:8e:b1:5a:a7:b9:
32:ae:0d:77:a7:b5:f9:0e:56:0f:ff:5e:79:71:53:
60:36:fb:25:4d:d5:8c:4d:6b:23:35:1b:5d:ed:56:
89:54:08:f1:05:cf:4d:0f:13:06:0b:28:23:8f:82:
21:f5:cf:bc:e3:fb:e4:a7:b7:71:47:9f:d4:d8:1f:
7e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:CD:44:BF:C9:BC:95:17:5C:E3:50:63:C8:01:0A:19:DE:58:4E:7E
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/Is1Ev8m8lRdc41BjyAEKGd5YTn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
79.173.192.0/18
86.108.0.0/17
92.253.0.0/17
94.249.0.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
36:63:be:38:9b:3a:a3:ca:43:d6:76:b2:ef:83:cb:3b:e8:d6:
f2:3c:1a:6f:d8:60:dd:33:66:48:c4:c1:aa:a5:44:71:58:29:
52:b5:09:3f:9a:59:c0:2c:86:40:25:96:7f:17:ab:59:53:c8:
79:82:81:93:5e:f8:e6:46:c5:68:42:8a:44:41:39:79:d7:17:
16:06:7a:e8:09:3e:3f:9c:11:95:cc:2e:b3:6a:fe:a4:98:c5:
95:7f:4c:b7:00:7f:f9:e1:cf:51:15:9d:05:05:c7:a7:06:f2:
d3:2e:5e:60:5e:9b:2e:4e:0d:de:77:f7:fe:7f:be:0d:bc:52:
33:9b:33:56:85:2a:cd:85:90:da:75:2d:e1:f5:61:b1:72:8b:
db:09:5d:88:c0:ff:d8:94:68:82:8d:61:d1:bc:46:6e:2e:5f:
a7:b4:4c:92:d3:68:e0:23:1a:81:af:f1:ee:98:a3:b7:ca:6e:
af:b8:66:dd:bc:32:fc:33:55:36:8c:7a:f6:5d:75:6a:23:30:
90:29:ef:de:58:e5:c6:de:f3:16:96:7a:81:dc:66:29:8e:7d:
8e:17:1c:1d:d5:84:e6:dc:3b:84:dc:3e:f9:8f:81:cb:ae:f4:
15:c7:9f:76:ba:6c:4a:53:38:9d:23:f1:0f:44:5c:bc:8c:f9:
21:40:37:0a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYj/BxxicLxNkxwfQvHLxaqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNjI3MjI0MzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmNkNDRiZmM5YmM5NTE3NWNlMzUwNjNjODAxMGExOWRlNTg0ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliBLtzxH1TwgBTWJkSsxgJGwBsiJ
06yNkqCaQHENsDb00wI2LzFjOYMcvdUXJas6VwkXeqCLEOJI/7FiVRCgB9NbRr1c
ijEbymLb2pRu8lwKYjS9+moZCYjcDed+Ij6OBuGD6eJX5Ym9Llael9Hm7ZpImMCz
gnlSwecfbIXTyx42wOHSx02ukhR5blzxpFVlbCJPy2P88RmpC9FRMx9URAS2roaj
fpoFt0JUGGqbzgEtnyOouuYc35kGtPd5jrFap7kyrg13p7X5DlYP/155cVNgNvsl
TdWMTWsjNRtd7VaJVAjxBc9NDxMGCygjj4Ih9c+84/vkp7dxR5/U2B9+HwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCLNRL/JvJUXXONQY8gBChneWE5+MB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvSXMxRXY4bThsUmRjNDFCanlBRUtHZDVZVG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQGJcpAAwQG
T63AAwQHVmwAAwQHXP0AAwQHXvkAAwQCuWLcAwQFwqWAAwQF1bqgAwQE2RcgMA0G
CSqGSIb3DQEBCwUAA4IBAQA2Y744mzqjykPWdrLvg8s76NbyPBpv2GDdM2ZIxMGq
pURxWClStQk/mlnALIZAJZZ/F6tZU8h5goGTXvjmRsVoQopEQTl51xcWBnroCT4/
nBGVzC6zav6kmMWVf0y3AH/54c9RFZ0FBcenBvLTLl5gXpsuTg3ed/f+f74NvFIz
mzNWhSrNhZDadS3h9WGxcovbCV2IwP/YlGiCjWHRvEZuLl+ntEyS02jgIxqBr/Hu
mKO3ym6vuGbdvDL8M1U2jHr2XXVqIzCQKe/eWOXG3vMWlnqB3GYpjn2OFxwd1YTm
3DuE3D75j4HLrvQVx592umxKUzidI/EPRFy8jPkhQDcK
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net