Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/1uYPphf0E6G9rEqAIkMyAqQCCeQ.roa
File: 1uYPphf0E6G9rEqAIkMyAqQCCeQ.roa (raw, json)
Hash identifier: 7MngrAi4hh3iaHHy4tn9vGW3+EwBpfOzIuW17YAdA6E=
Subject key identifier: D6:E6:0F:A6:17:F4:13:A1:BD:AC:4A:80:22:43:32:02:A4:02:09:E4
Certificate issuer: /CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Certificate serial: 01857246C2963D4659BA987449C1A57B069B
Authority key identifier: A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/1uYPphf0E6G9rEqAIkMyAqQCCeQ.roa
Signing time: Mon 02 Jan 2023 11:38:38 +0000
ROA not before: Mon 02 Jan 2023 11:38:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50324
IP address blocks: 89.39.128.0/21 maxlen: 32
178.19.208.0/20 maxlen: 32
185.28.184.0/22 maxlen: 32
176.126.216.0/22 maxlen: 32
2a04:a40::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c2:96:3d:46:59:ba:98:74:49:c1:a5:7b:06:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Validity
Not Before: Jan 2 11:38:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6e60fa617f413a1bdac4a8022433202a40209e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:64:48:ab:49:7f:d2:56:1b:78:b9:4a:71:
9b:68:b4:f0:a9:9c:6f:0c:f0:e3:cf:94:da:06:22:
09:a6:d8:ef:8d:ae:2e:53:e1:db:a3:7a:65:4c:6d:
dd:b6:25:22:5c:11:e6:2d:82:08:00:3d:1f:be:e0:
3b:68:7d:7c:c5:2b:e7:98:d2:0f:27:10:d9:e1:f4:
1f:57:8c:c3:01:f0:d9:3b:e7:e0:8c:9f:a6:51:32:
82:73:c3:b3:f4:b3:0a:d9:02:84:83:18:45:8b:8e:
9b:04:8d:1f:21:4c:77:16:60:d9:8b:61:a6:35:11:
6f:1d:a3:cc:83:9d:30:01:3b:0a:d7:35:fd:25:35:
3c:ef:da:34:5d:4b:88:6d:3e:86:fa:90:77:03:af:
c5:4f:b3:75:36:8f:b8:70:e9:4d:49:12:f5:2e:e9:
52:e6:a4:9a:73:70:bd:62:8f:58:59:62:d6:b7:47:
fd:80:e5:44:0a:af:22:b4:e5:e7:7f:5a:48:c9:ca:
3f:bd:d6:5a:76:e2:ee:11:b0:e8:ff:ce:bd:a9:9c:
80:ba:3e:13:a1:cc:40:fa:0c:1f:be:dc:b2:24:ed:
ee:19:76:46:75:8d:b3:c4:2e:f3:7b:be:f2:23:fd:
94:4d:02:e3:b7:69:7e:b0:64:2b:ca:2a:15:53:90:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E6:0F:A6:17:F4:13:A1:BD:AC:4A:80:22:43:32:02:A4:02:09:E4
X509v3 Authority Key Identifier:
keyid:A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/1uYPphf0E6G9rEqAIkMyAqQCCeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/ppTwBfWXfDI-zb6pxfjMo2nmXGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.128.0/21
176.126.216.0/22
178.19.208.0/20
185.28.184.0/22
IPv6:
2a04:a40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:1d:d9:c7:2f:c6:e9:a6:32:d9:ac:5e:5e:9a:54:43:95:14:
6b:86:90:a6:48:80:0c:49:f5:3b:aa:02:00:f2:5c:dc:ad:e8:
26:a8:87:87:c4:ff:77:10:dc:6f:35:b9:06:36:53:9a:d3:8f:
71:3c:76:ac:4b:bf:d8:ac:d8:dc:08:af:0c:50:3c:2e:a1:97:
c5:f0:ad:0e:d6:84:50:aa:96:ad:8d:65:d1:76:55:6c:3f:46:
63:63:16:df:46:aa:74:b0:42:b5:39:28:d7:b4:4f:69:22:a7:
25:a5:61:3c:9d:3e:91:5f:ed:5e:ad:e2:16:a5:48:78:f7:79:
66:b7:d2:b6:32:b1:13:9b:0a:3b:d1:8e:d4:0b:64:4c:fd:61:
a0:2a:c2:c4:33:f8:82:b1:7b:4e:40:05:86:53:81:4e:12:c7:
e1:f5:16:bc:ae:c6:5b:bf:a4:94:8d:9a:6b:36:24:f7:00:6a:
db:61:4a:f8:f4:76:c5:12:e6:80:1f:1d:c9:27:65:a5:d8:31:
5c:81:54:6d:f9:2b:5f:36:03:c5:a8:1b:ca:23:17:ce:36:e7:
df:6f:00:7f:f3:69:98:ca:22:02:51:b9:73:21:81:14:23:f2:
18:50:14:c3:07:7c:ed:ab:7c:90:7d:92:92:8f:e2:c6:6f:62:
bb:80:af:54
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyRsKWPUZZuph0ScGlewabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTRmMDA1ZjU5NzdjMzIzZWNkYmVhOWM1ZjhjY2EzNjll
NjVjNjcwHhcNMjMwMTAyMTEzODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU2MGZhNjE3ZjQxM2ExYmRhYzRhODAyMjQzMzIwMmE0MDIwOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgVkSKtJf9JWG3i5SnGbaLTwqZxv
DPDjz5TaBiIJptjvja4uU+Hbo3plTG3dtiUiXBHmLYIIAD0fvuA7aH18xSvnmNIP
JxDZ4fQfV4zDAfDZO+fgjJ+mUTKCc8Oz9LMK2QKEgxhFi46bBI0fIUx3FmDZi2Gm
NRFvHaPMg50wATsK1zX9JTU879o0XUuIbT6G+pB3A6/FT7N1No+4cOlNSRL1LulS
5qSac3C9Yo9YWWLWt0f9gOVECq8itOXnf1pIyco/vdZaduLuEbDo/869qZyAuj4T
ocxA+gwfvtyyJO3uGXZGdY2zxC7ze77yI/2UTQLjt2l+sGQryioVU5DwCwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNbmD6YX9BOhvaxKgCJDMgKkAgnkMB8GA1UdIwQY
MBaAFKaU8AX1l3wyPs2+qcX4zKNp5lxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAt
MWI1MjdjZTE2NTExLzEvMXVZUHBoZjBFNkc5ckVxQUlrTXlBcVFDQ2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAtMWI1MjdjZTE2NTEx
LzEvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDWSeAAwQC
sH7YAwQEshPQAwQCuRy4MA0EAgACMAcDBQMqBApAMA0GCSqGSIb3DQEBCwUAA4IB
AQAfHdnHL8bppjLZrF5emlRDlRRrhpCmSIAMSfU7qgIA8lzcregmqIeHxP93ENxv
NbkGNlOa049xPHasS7/YrNjcCK8MUDwuoZfF8K0O1oRQqpatjWXRdlVsP0ZjYxbf
Rqp0sEK1OSjXtE9pIqclpWE8nT6RX+1ereIWpUh493lmt9K2MrETmwo70Y7UC2RM
/WGgKsLEM/iCsXtOQAWGU4FOEsfh9Ra8rsZbv6SUjZprNiT3AGrbYUr49HbFEuaA
Hx3JJ2Wl2DFcgVRt+StfNgPFqBvKIxfONuffbwB/82mYyiICUblzIYEUI/IYUBTD
B3ztq3yQfZKSj+LGb2K7gK9U
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:11 2024 by rpki-client on console.sobornost.net