Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/HmiqdBILtA9_0_XXgN6y5bhKWtw.roa
File: HmiqdBILtA9_0_XXgN6y5bhKWtw.roa (raw, json)
Hash identifier: atYLFqmtr/byGK6hzmyH9NMIdnOrbPL7fARdNSPbsbw=
Subject key identifier: 1E:68:AA:74:12:0B:B4:0F:7F:D3:F5:D7:80:DE:B2:E5:B8:4A:5A:DC
Certificate issuer: /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial: 0189685116DC57D7994F8099EA0CB90F4B16
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/HmiqdBILtA9_0_XXgN6y5bhKWtw.roa
Signing time: Tue 18 Jul 2023 09:24:51 +0000
ROA not before: Tue 18 Jul 2023 09:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13273
IP address blocks: 185.114.208.0/22 maxlen: 24
195.54.62.0/23 maxlen: 24
91.216.209.0/24 maxlen: 24
213.162.32.0/19 maxlen: 24
213.162.32.0/20 maxlen: 24
213.91.0.0/18 maxlen: 24
185.21.152.0/22 maxlen: 24
213.162.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:51:16:dc:57:d7:99:4f:80:99:ea:0c:b9:0f:4b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Validity
Not Before: Jul 18 09:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e68aa74120bb40f7fd3f5d780deb2e5b84a5adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:10:94:29:66:6b:95:4f:84:66:4e:62:98:91:
0f:47:20:ba:52:09:ca:1a:7d:f6:ca:99:34:84:14:
06:2a:bb:c4:f2:11:52:13:78:29:10:ea:d9:3e:1e:
db:11:99:11:0f:23:3c:d1:8c:5b:e5:df:aa:3c:59:
95:ab:df:a3:8a:9c:30:a7:ff:c4:23:04:58:8c:2b:
ff:32:c0:94:40:c2:f4:32:8d:92:4a:a0:a5:e6:5e:
35:62:9a:53:ab:bc:33:bd:87:01:6f:4b:89:a0:26:
ae:36:7e:cf:29:2c:19:7e:8a:99:12:18:5f:82:21:
91:77:50:8e:48:57:d4:12:a4:a0:73:94:f3:b2:4e:
2e:d8:06:50:0b:db:eb:81:92:3c:65:86:69:dd:ca:
60:10:18:eb:d6:9d:6c:0d:19:7a:d7:49:90:d7:5d:
ce:6c:8e:33:69:82:fd:8e:f7:09:7f:58:d2:15:86:
7b:86:50:da:87:c9:2d:b1:0c:21:1e:7e:2a:06:7e:
37:88:4b:c9:3a:de:f8:13:20:01:52:10:a2:68:5e:
30:11:af:3f:be:df:ad:2e:56:78:eb:24:82:4b:b6:
ea:26:2b:2b:47:92:33:4e:ba:a0:94:77:37:77:0a:
bc:6e:a6:43:9e:b2:5e:a9:8b:76:dc:49:61:c6:54:
22:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:68:AA:74:12:0B:B4:0F:7F:D3:F5:D7:80:DE:B2:E5:B8:4A:5A:DC
X509v3 Authority Key Identifier:
keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/HmiqdBILtA9_0_XXgN6y5bhKWtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
185.114.208.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/19
Signature Algorithm: sha256WithRSAEncryption
65:e6:b4:5e:dd:b6:b0:54:84:93:39:42:cf:39:e5:78:39:43:
98:26:00:7d:2b:d3:90:6c:69:fc:2e:f2:e1:96:0a:f2:8d:fc:
06:a4:91:80:9d:ec:f5:0e:d4:a3:15:8f:b1:f9:d1:b7:89:8e:
6a:ea:4b:f8:a2:e2:ef:81:4a:54:e6:64:64:18:91:e1:f2:c5:
05:8d:5c:25:e8:9b:02:42:72:f7:f9:55:0d:9d:0b:e8:0d:7b:
78:be:fa:f6:8f:7f:20:7f:04:b5:89:ae:bf:11:b0:70:78:aa:
18:4a:55:75:98:90:8d:3f:7c:95:ea:20:d6:2e:29:94:61:cb:
a9:fe:e4:90:d8:bd:31:16:78:50:27:f6:9c:e8:dd:7f:22:6f:
6e:33:0a:13:cb:02:e5:2b:64:28:20:f6:99:f6:af:c8:bd:7d:
ed:45:5e:1d:68:60:ca:11:60:c6:a4:d2:e2:b5:96:0d:c6:8b:
41:07:0f:74:44:cb:0c:12:a6:ff:77:4a:70:ac:e9:ec:3d:12:
96:11:be:76:44:46:28:ec:26:f8:a9:8a:b6:8d:1f:71:8d:40:
6b:fd:69:75:33:9a:a5:c0:61:e6:5b:39:1e:55:c5:6b:d1:9a:
d4:e1:bc:c2:9e:92:b5:da:56:ab:c9:f5:3d:1d:d1:cc:84:c6:
fa:7f:a5:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYloURbcV9eZT4CZ6gy5D0sWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjMwNzE4MDkyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY4YWE3NDEyMGJiNDBmN2ZkM2Y1ZDc4MGRlYjJlNWI4NGE1YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhCUKWZrlU+EZk5imJEPRyC6UgnK
Gn32ypk0hBQGKrvE8hFSE3gpEOrZPh7bEZkRDyM80Yxb5d+qPFmVq9+jipwwp//E
IwRYjCv/MsCUQML0Mo2SSqCl5l41YppTq7wzvYcBb0uJoCauNn7PKSwZfoqZEhhf
giGRd1COSFfUEqSgc5Tzsk4u2AZQC9vrgZI8ZYZp3cpgEBjr1p1sDRl610mQ113O
bI4zaYL9jvcJf1jSFYZ7hlDah8ktsQwhHn4qBn43iEvJOt74EyABUhCiaF4wEa8/
vt+tLlZ46ySCS7bqJisrR5IzTrqglHc3dwq8bqZDnrJeqYt23ElhxlQigwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB5oqnQSC7QPf9P114DesuW4SlrcMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvSG1pcWRCSUx0QTlfMF9YWGdONnk1YmhLV3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9jRAwQC
uRWYAwQCuXLQAwQBwzY+AwQG1VsAAwQF1aIgMA0GCSqGSIb3DQEBCwUAA4IBAQBl
5rRe3bawVISTOULPOeV4OUOYJgB9K9OQbGn8LvLhlgryjfwGpJGAnez1DtSjFY+x
+dG3iY5q6kv4ouLvgUpU5mRkGJHh8sUFjVwl6JsCQnL3+VUNnQvoDXt4vvr2j38g
fwS1ia6/EbBweKoYSlV1mJCNP3yV6iDWLimUYcup/uSQ2L0xFnhQJ/ac6N1/Im9u
MwoTywLlK2QoIPaZ9q/IvX3tRV4daGDKEWDGpNLitZYNxotBBw90RMsMEqb/d0pw
rOnsPRKWEb52REYo7Cb4qYq2jR9xjUBr/Wl1M5qlwGHmWzkeVcVr0ZrU4bzCnpK1
2laryfU9HdHMhMb6f6Wv
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:51 2024 by rpki-client on console.sobornost.net