Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/8AktKlAzgbSoQAP855w4xXwALbQ.roa
File: 8AktKlAzgbSoQAP855w4xXwALbQ.roa (raw, json)
Hash identifier: dJJcPKfV6tb1/KzxTeDKcKwElkmWIjS2N4dXv4LFE18=
Subject key identifier: F0:09:2D:2A:50:33:81:B4:A8:40:03:FC:E7:9C:38:C5:7C:00:2D:B4
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 01884CDEB9022EC552082BF11148B051749E
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/8AktKlAzgbSoQAP855w4xXwALbQ.roa
Signing time: Wed 24 May 2023 08:27:24 +0000
ROA not before: Wed 24 May 2023 08:27:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47297
IP address blocks: 93.184.176.0/20 maxlen: 24
31.25.45.0/24 maxlen: 24
31.25.46.0/23 maxlen: 24
37.60.168.0/21 maxlen: 24
37.228.176.0/20 maxlen: 24
185.6.96.0/22 maxlen: 24
2a03:b880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:de:b9:02:2e:c5:52:08:2b:f1:11:48:b0:51:74:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: May 24 08:27:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0092d2a503381b4a84003fce79c38c57c002db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1e:43:39:33:30:0a:95:26:6f:4f:a3:24:a8:
43:05:9f:f7:fd:c6:29:c2:df:96:43:c9:9e:e3:47:
18:ec:a9:e0:7b:3b:eb:f0:b0:1f:a0:96:63:3f:01:
72:b1:1c:4a:4e:41:74:8d:43:15:7d:6d:72:1e:14:
9b:53:13:71:c3:77:34:36:dc:a8:d1:f7:78:93:cf:
00:11:9b:ff:99:76:21:13:b3:ad:0b:fc:85:a9:e1:
15:49:76:95:a9:bd:2e:0f:7c:92:12:d1:e4:29:b3:
fc:b4:ec:d9:e0:f6:7c:a7:a5:70:e8:b5:33:e5:a1:
36:5c:5b:df:fd:94:96:89:64:46:48:a9:b0:31:de:
d7:4c:fc:e3:3a:49:b2:87:66:dc:0a:6f:08:58:d3:
8e:b5:38:5b:54:5a:9a:62:10:d2:c0:5c:64:ec:0a:
3c:50:9f:c7:a7:8e:d3:43:5b:ae:a7:22:ee:9b:1e:
1e:de:b9:0c:5b:a0:2e:a0:c2:b6:11:a8:a2:82:36:
d7:30:2e:c9:6b:fe:9b:12:fa:35:9e:2e:e2:cc:da:
9e:d9:e9:4e:46:f8:a0:44:a8:66:bf:72:c7:79:85:
4a:39:7c:15:77:f6:b4:56:d2:ae:6f:e9:7b:4b:3d:
21:d6:d1:19:cf:e1:31:80:d3:11:92:fa:51:4e:7a:
d6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:09:2D:2A:50:33:81:B4:A8:40:03:FC:E7:9C:38:C5:7C:00:2D:B4
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/8AktKlAzgbSoQAP855w4xXwALbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.45.0-31.25.47.255
37.60.168.0/21
37.228.176.0/20
93.184.176.0/20
185.6.96.0/22
IPv6:
2a03:b880::/29
Signature Algorithm: sha256WithRSAEncryption
58:7b:95:88:4d:b9:5d:a2:51:28:cb:e8:8f:d5:d0:18:87:eb:
54:da:96:3f:07:8e:0d:f5:03:5b:f3:e5:f7:4d:fe:b0:53:ee:
9c:36:35:d1:42:cd:7e:78:1e:e2:a2:50:d6:5c:07:3d:b5:18:
0f:dd:4c:ce:dc:9e:78:f9:dd:86:f3:86:c9:b4:97:11:9a:d0:
c2:2b:9a:0a:58:c9:4a:21:19:7b:b7:3b:20:dd:f6:6e:62:f8:
0c:05:bf:6c:3f:05:94:82:d0:1c:01:3b:db:2f:91:f1:cc:d2:
8f:e3:42:c4:2f:aa:88:79:7d:6a:ac:7f:dd:44:d9:75:36:6a:
fd:96:fe:7d:ef:2e:96:08:c3:c3:25:7a:41:75:eb:64:1d:10:
7a:15:a2:b6:83:af:10:be:f5:c8:82:e4:c5:f4:a3:0a:d6:cd:
c5:0b:d5:40:c3:19:42:6a:e1:cf:e5:15:b4:2b:0c:66:cd:2a:
14:67:22:69:51:a8:a7:25:38:63:aa:aa:42:31:4e:0b:8a:27:
61:e3:88:78:f3:c7:56:ec:03:95:ab:f3:c5:41:ae:59:ca:49:
5d:a0:2d:ed:9d:d7:1c:40:2d:f9:2a:f9:29:52:45:5e:a0:4e:
0e:88:cd:f4:a1:2a:1f:b0:32:4a:ac:e7:f5:db:43:b7:5a:e3:
ba:21:55:ed
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYhM3rkCLsVSCCvxEUiwUXSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjMwNTI0MDgyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDA5MmQyYTUwMzM4MWI0YTg0MDAzZmNlNzljMzhjNTdjMDAyZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh5DOTMwCpUmb0+jJKhDBZ/3/cYp
wt+WQ8me40cY7Kngezvr8LAfoJZjPwFysRxKTkF0jUMVfW1yHhSbUxNxw3c0Ntyo
0fd4k88AEZv/mXYhE7OtC/yFqeEVSXaVqb0uD3ySEtHkKbP8tOzZ4PZ8p6Vw6LUz
5aE2XFvf/ZSWiWRGSKmwMd7XTPzjOkmyh2bcCm8IWNOOtThbVFqaYhDSwFxk7Ao8
UJ/Hp47TQ1uupyLumx4e3rkMW6AuoMK2EaiigjbXMC7Ja/6bEvo1ni7izNqe2elO
RvigRKhmv3LHeYVKOXwVd/a0VtKub+l7Sz0h1tEZz+ExgNMRkvpRTnrWGwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPAJLSpQM4G0qEAD/OecOMV8AC20MB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvOEFrdEtsQXpnYlNvUUFQODU1dzR4WHdBTGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAAfGS0D
BAQfGSADBAMlPKgDBAQl5LADBARduLADBAK5BmAwDQQCAAIwBwMFAyoDuIAwDQYJ
KoZIhvcNAQELBQADggEBAFh7lYhNuV2iUSjL6I/V0BiH61Talj8Hjg31A1vz5fdN
/rBT7pw2NdFCzX54HuKiUNZcBz21GA/dTM7cnnj53Ybzhsm0lxGa0MIrmgpYyUoh
GXu3OyDd9m5i+AwFv2w/BZSC0BwBO9svkfHM0o/jQsQvqoh5fWqsf91E2XU2av2W
/n3vLpYIw8MlekF162QdEHoVoraDrxC+9ciC5MX0owrWzcUL1UDDGUJq4c/lFbQr
DGbNKhRnImlRqKclOGOqqkIxTguKJ2HjiHjzx1bsA5Wr88VBrlnKSV2gLe2d1xxA
Lfkq+SlSRV6gTg6IzfShKh+wMkqs5/XbQ7da47ohVe0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:17 2023 by rpki-client on console.sobornost.net