Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/c_S7AU8X3GQMGjgo7Er2nxgjOo8.roa
File: c_S7AU8X3GQMGjgo7Er2nxgjOo8.roa (raw, json)
Hash identifier: VnZyjRitYVY/+C4XTcYI95BEOX+GWDk+uFap/i3XVQc=
Subject key identifier: 73:F4:BB:01:4F:17:DC:64:0C:1A:38:28:EC:4A:F6:9F:18:23:3A:8F
Certificate issuer: /CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Certificate serial: 01856CEF2E36AAC8717387183B6DC536E1D0
Authority key identifier: A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/c_S7AU8X3GQMGjgo7Er2nxgjOo8.roa
Signing time: Sun 01 Jan 2023 10:44:52 +0000
ROA not before: Sun 01 Jan 2023 10:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 185.39.220.0/22 maxlen: 24
91.151.16.0/21 maxlen: 24
178.250.8.0/21 maxlen: 24
37.228.152.0/21 maxlen: 24
85.158.176.0/21 maxlen: 24
185.61.40.0/22 maxlen: 24
77.75.248.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:2e:36:aa:c8:71:73:87:18:3b:6d:c5:36:e1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e786e4809373c1985455858c6b02b30a71ad1b
Validity
Not Before: Jan 1 10:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73f4bb014f17dc640c1a3828ec4af69f18233a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f7:12:a5:0e:51:a7:96:3e:be:8a:d8:e9:7a:
85:ad:26:1b:d6:59:a2:f4:0f:d9:c4:e6:c5:8c:88:
d4:d5:59:53:56:e8:23:28:94:36:3b:c5:cd:2a:d7:
db:93:d1:9b:ad:05:cf:b5:a6:9a:47:44:b2:0a:64:
8c:be:87:0e:0e:57:fa:36:cd:cf:32:83:a9:72:03:
78:ed:c5:c4:3f:f6:14:c8:6c:d6:15:39:1a:00:62:
f3:1a:04:5a:65:89:d3:13:61:ff:15:59:3d:32:68:
f1:40:91:fd:b6:fa:ae:8e:3a:bf:16:55:77:c9:9b:
e0:05:4c:04:17:7d:3d:85:d2:1b:6c:b4:d6:eb:ae:
c0:ac:ba:98:db:71:0d:f6:d3:c1:7f:82:c4:82:ac:
82:a8:a5:14:bd:e7:89:77:ca:c4:61:d1:29:b7:8e:
fb:f0:1e:d0:83:b6:15:bc:84:d1:39:a6:6c:24:7f:
1e:fe:f7:78:90:e9:f2:3e:14:9c:fc:88:ff:8c:19:
f2:21:cd:a8:0a:ab:a0:a8:b0:18:d4:12:d5:94:a6:
67:8a:12:f9:1f:69:89:91:57:e1:69:1e:e7:d5:c2:
2a:7b:71:17:b3:38:bb:c1:2e:ef:15:59:02:41:38:
f7:95:7e:03:41:a8:7a:20:7a:40:83:dc:83:70:20:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F4:BB:01:4F:17:DC:64:0C:1A:38:28:EC:4A:F6:9F:18:23:3A:8F
X509v3 Authority Key Identifier:
keyid:A4:E7:86:E4:80:93:73:C1:98:54:55:85:8C:6B:02:B3:0A:71:AD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeG5ICTc8GYVFWFjGsCswpxrRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/c_S7AU8X3GQMGjgo7Er2nxgjOo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/3ce395-67da-4161-aef1-f6697bfd2d4f/1/pOeG5ICTc8GYVFWFjGsCswpxrRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.152.0/21
77.75.248.0/21
85.158.176.0/21
91.151.16.0/21
178.250.8.0/21
185.39.220.0/22
185.61.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:4d:1f:4c:96:8c:91:54:05:c8:01:db:98:ae:1a:e9:63:5e:
a1:5e:a8:11:1e:87:50:23:21:8d:15:a6:8d:d0:72:6c:f7:04:
49:4b:7a:29:14:49:38:de:0d:ab:40:57:9e:a2:ba:f2:ea:1c:
03:ef:d3:44:bc:eb:76:9a:3b:2a:f4:64:b7:82:11:a0:8e:aa:
ad:51:ce:bb:e4:57:2e:48:43:8e:88:67:fe:d0:f6:a4:2c:e4:
ce:7f:0f:f6:53:b5:76:74:57:bc:44:9f:a0:15:bb:69:73:4d:
49:84:e1:96:50:e6:0e:f5:cd:7c:14:2c:94:ea:e8:78:5a:1a:
bf:91:44:3e:ef:7a:b8:88:37:76:29:91:0c:0f:3e:6b:c8:96:
cc:04:31:b6:07:61:16:fb:aa:c0:d0:3b:7d:9e:f3:7a:74:6c:
2f:fe:ea:f9:64:e1:2c:d8:16:2e:8a:37:bc:73:50:bd:01:bd:
cb:a6:a2:a8:71:da:04:2f:13:7a:01:a6:b6:41:84:5f:23:e2:
bf:d7:3f:11:6e:07:4b:b7:84:22:76:b8:d4:6c:3d:0d:59:0d:
30:ef:88:a9:7a:56:86:10:cc:f4:99:34:44:b8:92:50:80:50:
07:d8:61:fb:16:b1:5c:7b:c4:21:d2:5b:e3:1d:2e:bc:b6:c7:
19:57:0f:64
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVs7y42qshxc4cYO23FNuHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc4NmU0ODA5MzczYzE5ODU0NTU4NThjNmIwMmIzMGE3
MWFkMWIwHhcNMjMwMTAxMTA0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y0YmIwMTRmMTdkYzY0MGMxYTM4MjhlYzRhZjY5ZjE4MjMzYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fcSpQ5Rp5Y+vorY6XqFrSYb1lmi
9A/ZxObFjIjU1VlTVugjKJQ2O8XNKtfbk9GbrQXPtaaaR0SyCmSMvocODlf6Ns3P
MoOpcgN47cXEP/YUyGzWFTkaAGLzGgRaZYnTE2H/FVk9MmjxQJH9tvqujjq/FlV3
yZvgBUwEF309hdIbbLTW667ArLqY23EN9tPBf4LEgqyCqKUUveeJd8rEYdEpt477
8B7Qg7YVvITROaZsJH8e/vd4kOnyPhSc/Ij/jBnyIc2oCqugqLAY1BLVlKZnihL5
H2mJkVfhaR7n1cIqe3EXszi7wS7vFVkCQTj3lX4DQah6IHpAg9yDcCBPEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHP0uwFPF9xkDBo4KOxK9p8YIzqPMB8GA1UdIwQY
MBaAFKTnhuSAk3PBmFRVhYxrArMKca0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEt
ZjY2OTdiZmQyZDRmLzEvY19TN0FVOFgzR1FNR2pnbzdFcjJueGdqT284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8zY2UzOTUtNjdkYS00MTYxLWFlZjEtZjY2OTdiZmQyZDRm
LzEvcE9lRzVJQ1RjOEdZVkZXRmpHc0Nzd3B4clJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJeSYAwQD
TUv4AwQDVZ6wAwQDW5cQAwQDsvoIAwQCuSfcAwQCuT0oMA0GCSqGSIb3DQEBCwUA
A4IBAQAcTR9MloyRVAXIAduYrhrpY16hXqgRHodQIyGNFaaN0HJs9wRJS3opFEk4
3g2rQFeeorry6hwD79NEvOt2mjsq9GS3ghGgjqqtUc675FcuSEOOiGf+0PakLOTO
fw/2U7V2dFe8RJ+gFbtpc01JhOGWUOYO9c18FCyU6uh4Whq/kUQ+73q4iDd2KZEM
Dz5ryJbMBDG2B2EW+6rA0Dt9nvN6dGwv/ur5ZOEs2BYuije8c1C9Ab3LpqKocdoE
LxN6Aaa2QYRfI+K/1z8RbgdLt4QidrjUbD0NWQ0w74ipelaGEMz0mTREuJJQgFAH
2GH7FrFce8Qh0lvjHS68tscZVw9k
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:51 2024 by rpki-client on console.sobornost.net