Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/5BgEuY6ouOwwJkWnvU8OP6m4zSA.roa
File: 5BgEuY6ouOwwJkWnvU8OP6m4zSA.roa (raw, json)
Hash identifier: 8QAYTa6wfjPl4mNpUMq+3y8xuZQx6oWCwQBGvNLYE28=
Subject key identifier: E4:18:04:B9:8E:A8:B8:EC:30:26:45:A7:BD:4F:0E:3F:A9:B8:CD:20
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 018A459FF1832F2BB86AE48B74C26753C786
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/5BgEuY6ouOwwJkWnvU8OP6m4zSA.roa
Signing time: Wed 30 Aug 2023 08:47:04 +0000
ROA not before: Wed 30 Aug 2023 08:47:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205892
IP address blocks: 95.129.28.0/22 maxlen: 24
185.190.72.0/22 maxlen: 24
195.158.216.0/22 maxlen: 24
2a0a:540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:9f:f1:83:2f:2b:b8:6a:e4:8b:74:c2:67:53:c7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Aug 30 08:47:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e41804b98ea8b8ec302645a7bd4f0e3fa9b8cd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:aa:30:db:69:5b:b8:0f:7b:dc:14:da:84:
d5:a4:a6:44:ee:52:2f:e5:c5:67:0a:20:b6:cf:e0:
eb:cc:8f:f3:a3:ba:6f:d4:f4:8c:8a:d7:1e:0e:86:
11:7f:73:f4:b3:ad:f4:22:9e:47:5a:26:8c:08:4d:
21:7c:83:34:5b:d0:81:0d:fb:32:be:f7:7a:06:a0:
90:da:de:3e:6c:b3:6f:54:55:ec:df:56:ca:9c:3e:
07:0c:dd:c5:1b:3f:5f:2f:d4:16:03:96:fc:7d:21:
aa:16:94:63:99:cc:f7:f0:8b:4c:7c:6b:f1:d5:fa:
c4:72:62:65:4c:d9:9a:52:ed:97:72:6c:6d:30:0a:
de:bb:33:35:9b:fa:a7:09:99:34:07:9a:e2:f3:df:
16:0d:3f:ca:8d:93:9b:49:e2:8c:97:a2:5d:84:b7:
91:4d:d4:07:1e:81:cb:4b:60:1d:c2:95:34:a6:96:
5b:23:8b:de:4b:a7:f9:47:9f:81:7a:3d:7c:44:a6:
9c:7f:11:cb:30:25:fa:ed:6e:1d:ed:55:bf:1c:cb:
62:42:7d:50:f7:a7:86:ff:95:fe:83:bc:ed:4a:55:
a0:eb:f1:01:05:51:23:96:b7:56:df:3a:1a:32:00:
8a:73:fe:dd:1d:00:76:01:f4:7a:1f:06:4a:b9:fa:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:18:04:B9:8E:A8:B8:EC:30:26:45:A7:BD:4F:0E:3F:A9:B8:CD:20
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/5BgEuY6ouOwwJkWnvU8OP6m4zSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.28.0/22
185.190.72.0/22
195.158.216.0/22
IPv6:
2a0a:540::/29
Signature Algorithm: sha256WithRSAEncryption
80:5b:40:cc:75:21:c9:97:29:d1:ca:74:c5:b3:ec:5e:79:ef:
55:4c:1c:dd:ac:1b:4c:71:e9:b9:94:48:27:28:43:3c:a3:66:
8c:c1:b2:3d:50:5e:1a:c0:4d:62:15:a5:5d:1b:d4:c3:ae:28:
56:38:84:01:25:c0:6d:d1:6d:31:2b:e1:28:cf:51:2a:27:38:
ff:69:10:d0:94:3c:43:83:23:d5:08:ec:d3:9f:f0:73:57:97:
ed:df:38:f5:b4:43:60:b0:32:1d:37:5c:c3:7a:d7:09:a7:24:
88:fa:a7:73:93:a0:92:d8:03:19:0d:f2:39:71:9c:1c:b8:27:
15:af:16:0f:4b:38:2b:1d:90:96:62:61:f9:9d:90:58:82:c1:
9a:65:0d:bb:9a:01:5e:f8:a1:0c:b0:45:08:fb:34:69:08:3d:
14:d6:e0:5f:b1:a6:88:07:a6:17:c8:b8:8f:33:63:92:85:32:
18:e6:52:dd:f4:fb:1a:7d:cd:ec:f8:bc:08:cd:89:6e:2c:0b:
67:a0:8a:e9:89:1a:cf:62:ee:cd:84:6d:45:39:dd:6d:be:53:
77:08:b5:6a:25:12:dc:f9:3b:91:cf:69:12:d0:98:75:79:0a:
10:b1:50:32:4e:60:17:3e:48:84:eb:a4:8b:2a:b0:13:25:20:
bf:a8:ff:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYpFn/GDLyu4auSLdMJnU8eGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjMwODMwMDg0NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE4MDRiOThlYThiOGVjMzAyNjQ1YTdiZDRmMGUzZmE5YjhjZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzCqMNtpW7gPe9wU2oTVpKZE7lIv
5cVnCiC2z+DrzI/zo7pv1PSMitceDoYRf3P0s630Ip5HWiaMCE0hfIM0W9CBDfsy
vvd6BqCQ2t4+bLNvVFXs31bKnD4HDN3FGz9fL9QWA5b8fSGqFpRjmcz38ItMfGvx
1frEcmJlTNmaUu2XcmxtMAreuzM1m/qnCZk0B5ri898WDT/KjZObSeKMl6JdhLeR
TdQHHoHLS2AdwpU0ppZbI4veS6f5R5+Bej18RKacfxHLMCX67W4d7VW/HMtiQn1Q
96eG/5X+g7ztSlWg6/EBBVEjlrdW3zoaMgCKc/7dHQB2AfR6HwZKufro+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOQYBLmOqLjsMCZFp71PDj+puM0gMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvNUJnRXVZNm91T3d3SmtXbnZVOE9QNm00elNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCX4EcAwQC
ub5IAwQCw57YMA0EAgACMAcDBQMqCgVAMA0GCSqGSIb3DQEBCwUAA4IBAQCAW0DM
dSHJlynRynTFs+xeee9VTBzdrBtMcem5lEgnKEM8o2aMwbI9UF4awE1iFaVdG9TD
rihWOIQBJcBt0W0xK+Eoz1EqJzj/aRDQlDxDgyPVCOzTn/BzV5ft3zj1tENgsDId
N1zDetcJpySI+qdzk6CS2AMZDfI5cZwcuCcVrxYPSzgrHZCWYmH5nZBYgsGaZQ27
mgFe+KEMsEUI+zRpCD0U1uBfsaaIB6YXyLiPM2OShTIY5lLd9Psafc3s+LwIzYlu
LAtnoIrpiRrPYu7NhG1FOd1tvlN3CLVqJRLc+TuRz2kS0Jh1eQoQsVAyTmAXPkiE
66SLKrATJSC/qP9h
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:00:59 2024 by rpki-client on console.sobornost.net