Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/vw7fby-dtaJenl7q7SzL0wcfIYw.roa
File: vw7fby-dtaJenl7q7SzL0wcfIYw.roa (raw, json)
Hash identifier: MlYQtYutCq4FgE/lcG6XLZMZouwmApmvVA6ZLpuHWlE=
Subject key identifier: BF:0E:DF:6F:2F:9D:B5:A2:5E:9E:5E:EA:ED:2C:CB:D3:07:1F:21:8C
Certificate issuer: /CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Certificate serial: 01857102C8067CF3CC6E56A144A7CCE1AD27
Authority key identifier: F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/vw7fby-dtaJenl7q7SzL0wcfIYw.roa
Signing time: Mon 02 Jan 2023 05:44:45 +0000
ROA not before: Mon 02 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 188.244.110.0/24 maxlen: 24
188.244.111.0/24 maxlen: 24
188.244.108.0/24 maxlen: 24
188.244.109.0/24 maxlen: 24
164.138.240.0/24 maxlen: 24
164.138.243.0/24 maxlen: 24
164.138.244.0/24 maxlen: 24
164.138.245.0/24 maxlen: 24
164.138.241.0/24 maxlen: 24
164.138.242.0/24 maxlen: 24
164.138.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:c8:06:7c:f3:cc:6e:56:a1:44:a7:cc:e1:ad:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Validity
Not Before: Jan 2 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf0edf6f2f9db5a25e9e5eeaed2ccbd3071f218c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4f:90:b9:0c:b6:81:4c:f1:f3:62:ad:35:68:
af:5e:60:01:3f:af:66:03:38:9a:0e:79:36:17:43:
a4:a2:7b:3e:1e:e8:02:90:55:79:83:7e:8c:9d:5f:
da:42:65:fb:ce:85:d7:15:8c:b0:c4:97:7d:0f:0d:
37:ae:29:f5:c9:0f:57:94:f0:da:8d:cb:3a:23:ac:
08:a7:a2:83:a7:2a:b1:e7:17:0f:31:4f:7e:8a:97:
f2:5b:8c:34:ee:86:1d:a2:3c:85:7e:e1:7d:5c:bc:
d9:b4:c2:a9:7f:2b:16:3f:d4:42:45:1a:d3:da:ff:
e9:07:80:de:25:2a:85:e0:e7:43:75:40:f1:69:b5:
d0:61:48:6f:f0:a5:b6:56:4b:a2:68:a9:e1:27:77:
a0:95:27:5a:5b:a1:87:64:a6:3e:05:b8:13:f1:8c:
4f:b9:f8:f8:3f:cb:f4:95:e8:8a:78:04:30:37:b2:
73:fe:31:31:10:47:d2:95:89:e6:b4:d5:01:7b:ed:
d9:21:88:83:bf:8c:f1:5c:44:c6:df:74:13:a0:e6:
f9:78:c2:92:83:8c:47:0a:31:cf:22:96:dd:a4:cd:
75:52:0d:d2:76:d6:d5:d5:cb:e3:a3:57:99:47:25:
57:36:12:b0:f9:b9:52:c9:a2:57:5d:78:84:d3:ee:
72:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:0E:DF:6F:2F:9D:B5:A2:5E:9E:5E:EA:ED:2C:CB:D3:07:1F:21:8C
X509v3 Authority Key Identifier:
keyid:F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/vw7fby-dtaJenl7q7SzL0wcfIYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/85SkZHKLgoVtwrlVzK6atbplOcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.240.0-164.138.245.255
164.138.247.0/24
188.244.108.0/22
Signature Algorithm: sha256WithRSAEncryption
94:79:79:26:0f:b2:7d:d0:be:c7:e0:27:cb:09:6c:de:2b:82:
54:9b:c1:d7:29:40:0b:37:d7:89:99:9d:f5:40:65:6f:6a:59:
29:f8:2e:cf:d6:15:fc:ba:d0:de:a7:4f:11:1a:e0:62:68:50:
73:41:08:ca:e8:39:fd:4d:8a:ec:ea:c9:39:69:0a:71:f7:ad:
62:3a:d5:13:be:81:97:6c:ff:41:bc:94:8b:10:50:81:47:de:
0c:21:2f:37:68:7a:ca:0f:88:74:26:e6:b6:5a:fa:65:8f:4b:
1e:3b:cc:07:30:fb:dd:ea:f4:04:2a:46:91:ff:2c:9e:1c:32:
7d:cf:76:21:32:4a:f7:65:b0:d2:64:1f:c9:a8:75:32:b7:2b:
76:70:62:4b:e9:00:69:2d:be:a9:c8:12:4b:8b:a3:42:18:b6:
0d:40:4c:c8:5d:4b:e8:57:76:bc:e3:40:92:71:57:ce:fc:e1:
22:66:24:f6:60:e5:e5:28:d2:0b:d0:ea:06:ad:1a:7e:ba:2a:
eb:e1:95:74:23:64:bf:ad:67:d6:26:55:97:f5:b5:ed:45:c5:
26:fd:1d:a5:35:12:52:5f:a2:07:00:07:79:e7:12:18:a6:57:
dd:b8:f6:1e:f0:e7:f2:c8:c9:df:be:38:0b:f8:7f:31:1d:0f:
42:0f:88:f6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxAsgGfPPMblahRKfM4a0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOTRhNDY0NzI4YjgyODU2ZGMyYjk1NWNjYWU5YWI1YmE2
NTM5YzgwHhcNMjMwMTAyMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjBlZGY2ZjJmOWRiNWEyNWU5ZTVlZWFlZDJjY2JkMzA3MWYyMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU+QuQy2gUzx82KtNWivXmABP69m
AziaDnk2F0Okons+HugCkFV5g36MnV/aQmX7zoXXFYywxJd9Dw03rin1yQ9XlPDa
jcs6I6wIp6KDpyqx5xcPMU9+ipfyW4w07oYdojyFfuF9XLzZtMKpfysWP9RCRRrT
2v/pB4DeJSqF4OdDdUDxabXQYUhv8KW2VkuiaKnhJ3eglSdaW6GHZKY+BbgT8YxP
ufj4P8v0leiKeAQwN7Jz/jExEEfSlYnmtNUBe+3ZIYiDv4zxXETG33QToOb5eMKS
g4xHCjHPIpbdpM11Ug3SdtbV1cvjo1eZRyVXNhKw+blSyaJXXXiE0+5ybQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL8O328vnbWiXp5e6u0sy9MHHyGMMB8GA1UdIwQY
MBaAFPOUpGRyi4KFbcK5VcyumrW6ZTnIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODVTa1pIS0xnb1Z0d3JsVnpLNmF0YnBsT2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi83ZGI4MGMtNTExMy00ZTgzLWIyYzgt
ZjI2NjRkMTkyMWQzLzEvdnc3ZmJ5LWR0YUplbmw3cTdTekwwd2NmSVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi83ZGI4MGMtNTExMy00ZTgzLWIyYzgtZjI2NjRkMTkyMWQz
LzEvODVTa1pIS0xnb1Z0d3JsVnpLNmF0YnBsT2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBASkivAD
BAGkivQDBACkivcDBAK89GwwDQYJKoZIhvcNAQELBQADggEBAJR5eSYPsn3Qvsfg
J8sJbN4rglSbwdcpQAs314mZnfVAZW9qWSn4Ls/WFfy60N6nTxEa4GJoUHNBCMro
Of1NiuzqyTlpCnH3rWI61RO+gZds/0G8lIsQUIFH3gwhLzdoesoPiHQm5rZa+mWP
Sx47zAcw+93q9AQqRpH/LJ4cMn3PdiEySvdlsNJkH8modTK3K3ZwYkvpAGktvqnI
EkuLo0IYtg1ATMhdS+hXdrzjQJJxV8784SJmJPZg5eUo0gvQ6gatGn66KuvhlXQj
ZL+tZ9YmVZf1te1FxSb9HaU1ElJfogcAB3nnEhimV9249h7w5/LIyd++OAv4fzEd
D0IPiPY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:37:12 2024 by rpki-client on console.sobornost.net