Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/6EWvXCSB6Q1OZMSmq7sfe14-nNk.roa
File: 6EWvXCSB6Q1OZMSmq7sfe14-nNk.roa (raw, json)
Hash identifier: g+1Rc1xwrrC5magrsBnZ52jTXjkG30c+EgdCEhy9QU4=
Subject key identifier: E8:45:AF:5C:24:81:E9:0D:4E:64:C4:A6:AB:BB:1F:7B:5E:3E:9C:D9
Certificate issuer: /CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Certificate serial: 0188E2FB56AC7663ACE205A6F75FBFD823B0
Authority key identifier: F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/6EWvXCSB6Q1OZMSmq7sfe14-nNk.roa
Signing time: Thu 22 Jun 2023 12:01:42 +0000
ROA not before: Thu 22 Jun 2023 12:01:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203393
IP address blocks: 185.238.29.0/24 maxlen: 24
185.136.84.0/24 maxlen: 24
185.136.85.0/24 maxlen: 24
185.136.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:fb:56:ac:76:63:ac:e2:05:a6:f7:5f:bf:d8:23:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Validity
Not Before: Jun 22 12:01:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e845af5c2481e90d4e64c4a6abbb1f7b5e3e9cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e2:5f:b5:37:df:eb:2c:44:af:72:5e:6e:22:
c4:92:35:e6:52:a5:89:df:c0:21:a2:e3:ba:ec:b8:
19:eb:60:68:af:ef:40:40:59:36:4a:0a:96:31:6a:
2a:c4:3d:f2:fe:65:76:b9:cd:6e:b1:cd:6b:67:fb:
6f:66:b7:a5:f0:3e:7c:b9:69:bf:82:6c:25:bb:db:
92:d3:3b:f6:8a:59:13:dd:df:83:6b:27:4b:1e:05:
e8:3b:04:be:c1:42:d2:75:f7:5d:50:fe:31:d9:35:
f5:0d:51:4b:92:c6:b2:32:e4:57:9b:2d:aa:a9:de:
24:f7:19:ed:06:91:61:f1:cb:4f:39:5f:3a:8a:45:
c8:db:89:1c:0a:98:d9:d5:63:62:c8:0b:58:31:84:
7c:cd:08:57:68:f7:a3:e1:9a:38:63:3a:b5:57:cf:
13:3f:c4:f9:6f:cd:53:65:2e:51:05:a2:05:13:e8:
86:3a:63:90:76:f9:d4:0a:f0:d3:8a:b8:e1:a7:72:
77:6d:34:54:92:f5:ef:2e:b4:e2:6e:4c:7d:e5:b3:
ba:da:8d:4d:52:9f:c3:e7:2f:2d:0b:6a:1c:33:46:
0c:93:df:4b:3c:4c:81:fe:ee:41:c2:be:e7:51:7b:
0d:bd:4d:a2:93:e6:e1:66:eb:d8:31:b4:d0:8a:0d:
91:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:45:AF:5C:24:81:E9:0D:4E:64:C4:A6:AB:BB:1F:7B:5E:3E:9C:D9
X509v3 Authority Key Identifier:
keyid:F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/6EWvXCSB6Q1OZMSmq7sfe14-nNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/8o4LdYvnOh3b-1F-6LXk-GOiH54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.84.0-185.136.86.255
185.238.29.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8b:11:ec:43:73:36:2f:b2:73:fa:8c:b5:89:ea:7f:ca:73:
6b:eb:e2:c5:ac:6a:db:2a:fe:19:2d:c7:84:77:9d:f2:dd:ab:
b0:bf:9f:d4:e3:58:d9:47:a0:6c:c5:36:20:a9:56:4f:79:2c:
84:30:14:fb:48:52:d0:a4:d5:df:89:eb:fc:fc:26:97:6b:20:
3c:95:cb:ff:1b:e7:cb:b7:37:c7:ab:eb:d9:ad:8e:c5:23:a9:
80:4a:51:5c:b5:12:72:dc:a4:a2:e7:e5:87:64:54:68:15:79:
e3:26:9a:c5:79:98:e4:d6:5f:2d:73:1e:cc:78:32:b2:69:97:
23:63:e0:fd:c3:ce:08:8d:4e:cb:c8:53:32:e3:10:81:eb:2c:
10:dd:60:e5:14:7e:81:82:c1:a7:04:7d:15:67:99:bf:af:11:
56:47:14:85:3b:f9:33:6b:ad:40:78:ba:36:7a:8d:84:56:ed:
da:f4:43:dc:8c:07:7b:af:a8:10:89:24:2c:d7:98:29:3f:90:
4d:9a:3f:19:fc:fa:2f:cc:64:dc:7a:bd:27:f0:3b:08:5d:a4:
5f:01:fd:c8:e8:02:10:d8:1a:50:57:61:02:f3:ec:58:57:30:
ce:14:77:f8:90:a6:a7:30:cd:df:b3:2f:dc:64:43:d2:84:ba:
59:1e:27:b6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYji+1asdmOs4gWm91+/2COwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGUwYjc1OGJlNzNhMWRkYmZiNTE3ZWU4YjVlNGY4NjNh
MjFmOWUwHhcNMjMwNjIyMTIwMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQ1YWY1YzI0ODFlOTBkNGU2NGM0YTZhYmJiMWY3YjVlM2U5Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuJftTff6yxEr3JebiLEkjXmUqWJ
38AhouO67LgZ62Bor+9AQFk2SgqWMWoqxD3y/mV2uc1usc1rZ/tvZrel8D58uWm/
gmwlu9uS0zv2ilkT3d+DaydLHgXoOwS+wULSdfddUP4x2TX1DVFLksayMuRXmy2q
qd4k9xntBpFh8ctPOV86ikXI24kcCpjZ1WNiyAtYMYR8zQhXaPej4Zo4Yzq1V88T
P8T5b81TZS5RBaIFE+iGOmOQdvnUCvDTirjhp3J3bTRUkvXvLrTibkx95bO62o1N
Up/D5y8tC2ocM0YMk99LPEyB/u5Bwr7nUXsNvU2ik+bhZuvYMbTQig2RPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOhFr1wkgekNTmTEpqu7H3tePpzZMB8GA1UdIwQY
MBaAFPKOC3WL5zod2/tRfui15Phjoh+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG80TGRZdm5PaDNiLTFGLTZMWGstR09pSDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wODEyOGEtNjkwYS00ZjA4LTg4NjUt
NjllM2QwODY2ZWY2LzEvNkVXdlhDU0I2UTFPWk1TbXE3c2ZlMTQtbk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wODEyOGEtNjkwYS00ZjA4LTg4NjUtNjllM2QwODY2ZWY2
LzEvOG80TGRZdm5PaDNiLTFGLTZMWGstR09pSDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK5iFQD
BAC5iFYDBAC57h0wDQYJKoZIhvcNAQELBQADggEBACeLEexDczYvsnP6jLWJ6n/K
c2vr4sWsatsq/hktx4R3nfLdq7C/n9TjWNlHoGzFNiCpVk95LIQwFPtIUtCk1d+J
6/z8JpdrIDyVy/8b58u3N8er69mtjsUjqYBKUVy1EnLcpKLn5YdkVGgVeeMmmsV5
mOTWXy1zHsx4MrJplyNj4P3DzgiNTsvIUzLjEIHrLBDdYOUUfoGCwacEfRVnmb+v
EVZHFIU7+TNrrUB4ujZ6jYRW7dr0Q9yMB3uvqBCJJCzXmCk/kE2aPxn8+i/MZNx6
vSfwOwhdpF8B/cjoAhDYGlBXYQLz7FhXMM4Ud/iQpqcwzd+zL9xkQ9KEulkeJ7Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:47 2024 by rpki-client on console.sobornost.net