Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mFIut4iQwIJEkFx6wogSKkYEagg.roa
File: mFIut4iQwIJEkFx6wogSKkYEagg.roa (raw, json)
Hash identifier: akBzTTTVxJsXOJNrA6wiuwB0lD2xImjHGRHvgsy9g/Q=
Subject key identifier: 98:52:2E:B7:88:90:C0:82:44:90:5C:7A:C2:88:12:2A:46:04:6A:08
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188FD284C3B2EE6679F7DE24AD56468F21E
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mFIut4iQwIJEkFx6wogSKkYEagg.roa
Signing time: Tue 27 Jun 2023 14:00:56 +0000
ROA not before: Tue 27 Jun 2023 14:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 79.173.192.0/18 maxlen: 24
185.98.220.0/22 maxlen: 24
92.253.0.0/17 maxlen: 24
217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.160.0/19 maxlen: 24
94.249.0.0/17 maxlen: 24
37.202.64.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:28:4c:3b:2e:e6:67:9f:7d:e2:4a:d5:64:68:f2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 27 14:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98522eb78890c08244905c7ac288122a46046a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:cc:32:02:0f:18:dd:32:19:8a:01:1e:7b:
81:ef:ea:0e:ef:51:c0:d3:07:05:29:6c:d6:f4:9f:
94:f2:35:c1:19:66:d1:ed:11:b5:cc:86:fb:33:f2:
95:8b:fa:6c:2b:83:5c:2e:de:2f:b1:a1:de:9f:ee:
dd:cc:45:91:9d:ac:d1:07:5f:95:56:94:86:bd:b4:
cd:7b:3d:5c:2b:de:a0:ae:a3:62:95:11:ea:83:54:
e7:86:62:5c:5f:2e:c2:7f:e5:94:10:71:30:c7:30:
17:73:a7:d7:35:c0:90:6f:e6:92:47:1c:13:b8:fe:
d6:52:c5:e3:a6:05:89:9e:50:61:bd:38:57:53:73:
2f:4a:e9:e8:3f:e5:06:af:e8:59:ed:6b:1e:2a:06:
86:13:bd:90:e8:cc:0b:ca:c9:4a:3b:b8:46:4d:a4:
ea:09:18:28:83:54:3a:91:44:b5:a6:6a:cd:f6:51:
6f:f6:ab:bf:68:95:1c:5f:54:09:66:56:96:90:ee:
b1:35:92:79:d2:79:41:77:8f:84:94:eb:ea:99:08:
19:09:97:cd:6e:8c:0c:1a:18:9b:dd:85:b9:b2:f2:
67:79:f6:5e:91:b0:70:61:4b:45:79:22:93:73:45:
5f:e0:5f:a4:94:cd:f7:36:ec:de:e9:d4:41:78:56:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:52:2E:B7:88:90:C0:82:44:90:5C:7A:C2:88:12:2A:46:04:6A:08
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/mFIut4iQwIJEkFx6wogSKkYEagg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
79.173.192.0/18
92.253.0.0/17
94.249.0.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:4a:a1:d3:05:9e:74:67:75:33:20:15:5c:ac:38:7d:b8:59:
2e:19:7f:64:86:8b:ee:da:c3:8f:a8:0f:61:b4:7e:be:28:88:
fb:ba:c5:fd:bd:82:2d:d7:a2:93:d5:29:e7:5a:59:fa:8e:f5:
ba:3b:24:3b:06:32:af:2d:56:66:04:84:00:3c:8c:85:96:db:
2c:49:e2:03:ad:5c:35:f5:62:c5:67:c5:fb:8b:4f:c1:0d:de:
88:f2:95:26:57:71:a4:51:da:8b:eb:d1:49:00:a4:8e:56:db:
75:08:6a:6d:0b:1f:15:f5:b7:d5:8c:5f:b9:4e:ae:db:ff:fe:
5e:b9:55:9c:23:82:52:9a:52:f3:35:a2:a6:19:a1:6e:23:b4:
82:32:e2:19:da:a5:74:50:5a:12:85:cf:5a:52:25:e2:76:59:
64:e3:c3:c9:e1:58:98:cc:69:6c:f6:d2:01:79:e7:d1:15:c6:
73:16:ae:ef:83:dc:a9:1c:fc:74:4c:97:ee:04:c6:20:38:bc:
09:45:19:0b:35:24:60:2d:81:51:e9:9d:19:bd:bc:11:03:89:
a7:a8:1d:3e:13:5f:66:db:62:2a:7f:8d:4e:85:ba:15:05:f9:
ea:4b:ad:22:cc:8c:69:10:16:74:1f:b0:f4:6c:a2:c8:38:3b:
bd:cd:a6:08
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYj9KEw7LuZnn33iStVkaPIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNjI3MTQwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUyMmViNzg4OTBjMDgyNDQ5MDVjN2FjMjg4MTIyYTQ2MDQ2YTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9fMMgIPGN0yGYoBHnuB7+oO71HA
0wcFKWzW9J+U8jXBGWbR7RG1zIb7M/KVi/psK4NcLt4vsaHen+7dzEWRnazRB1+V
VpSGvbTNez1cK96grqNilRHqg1TnhmJcXy7Cf+WUEHEwxzAXc6fXNcCQb+aSRxwT
uP7WUsXjpgWJnlBhvThXU3MvSunoP+UGr+hZ7WseKgaGE72Q6MwLyslKO7hGTaTq
CRgog1Q6kUS1pmrN9lFv9qu/aJUcX1QJZlaWkO6xNZJ50nlBd4+ElOvqmQgZCZfN
bowMGhib3YW5svJnefZekbBwYUtFeSKTc0Vf4F+klM33Nuze6dRBeFbbgwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJhSLreIkMCCRJBcesKIEipGBGoIMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvbUZJdXQ0aVF3SUpFa0Z4NndvZ1NLa1lFYWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQGJcpAAwQG
T63AAwQHXP0AAwQHXvkAAwQCuWLcAwQFwqWAAwQF1bqgAwQE2RcgMA0GCSqGSIb3
DQEBCwUAA4IBAQCkSqHTBZ50Z3UzIBVcrDh9uFkuGX9khovu2sOPqA9htH6+KIj7
usX9vYIt16KT1SnnWln6jvW6OyQ7BjKvLVZmBIQAPIyFltssSeIDrVw19WLFZ8X7
i0/BDd6I8pUmV3GkUdqL69FJAKSOVtt1CGptCx8V9bfVjF+5Tq7b//5euVWcI4JS
mlLzNaKmGaFuI7SCMuIZ2qV0UFoShc9aUiXidllk48PJ4ViYzGls9tIBeefRFcZz
Fq7vg9ypHPx0TJfuBMYgOLwJRRkLNSRgLYFR6Z0ZvbwRA4mnqB0+E19m22Iqf41O
hboVBfnqS60izIxpEBZ0H7D0bKLIODu9zaYI
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net