Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/si3SU3NSdGdkvUtWT2OBgkFtMH8.roa
File: si3SU3NSdGdkvUtWT2OBgkFtMH8.roa (raw, json)
Hash identifier: 7ClERk+4992W89oOCWF5RtA6+6KbSIHVbtMAlc2CLyk=
Subject key identifier: B2:2D:D2:53:73:52:74:67:64:BD:4B:56:4F:63:81:82:41:6D:30:7F
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 01856E6FB704E70E400C73FFB545C746A376
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/si3SU3NSdGdkvUtWT2OBgkFtMH8.roa
Signing time: Sun 01 Jan 2023 17:44:53 +0000
ROA not before: Sun 01 Jan 2023 17:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197133
IP address blocks: 217.114.200.0/21 maxlen: 24
194.69.194.0/23 maxlen: 24
194.143.132.0/23 maxlen: 24
193.202.121.0/24 maxlen: 24
185.114.128.0/22 maxlen: 24
185.32.102.0/24 maxlen: 24
178.248.208.0/21 maxlen: 24
185.32.100.0/23 maxlen: 24
91.197.136.0/22 maxlen: 24
178.251.248.0/21 maxlen: 24
2a02:1740::/32 maxlen: 48
2a03:d280::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b7:04:e7:0e:40:0c:73:ff:b5:45:c7:46:a3:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jan 1 17:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b22dd2537352746764bd4b564f638182416d307f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c4:bc:1f:ea:43:a8:38:ef:99:98:69:66:d6:
85:6f:01:f9:10:51:1b:4f:94:a9:fa:5a:e7:86:24:
2b:d1:e3:6c:cf:80:8e:a9:36:1c:e4:86:ea:8a:b2:
e6:e1:23:ac:51:bc:4d:e1:75:13:7d:31:9a:99:4a:
dd:7f:da:40:a7:44:9c:56:55:46:6c:e0:e8:c1:37:
59:03:8b:4c:7b:d6:ff:bf:fb:b3:5c:d5:88:c9:82:
6b:24:86:c2:cf:d2:f6:90:fb:30:6d:4a:57:75:50:
b3:43:27:2f:63:ac:3e:4d:47:f0:62:78:14:ac:5d:
ce:86:1f:b4:54:39:19:f6:7f:c7:45:31:0c:04:7e:
d2:ba:43:33:c0:65:c9:16:67:de:53:82:e4:a6:f6:
26:2f:03:ed:83:ae:c6:0a:11:1b:64:9a:d1:d0:d8:
86:70:37:b0:3b:6f:90:8f:4d:94:d7:e9:b2:78:ae:
04:c6:e8:68:07:b6:f7:c0:b5:60:d1:42:56:7f:3b:
26:04:04:81:6d:76:5e:b6:4b:98:18:b2:26:3e:b7:
15:6e:3f:09:5d:45:cf:95:1a:11:b0:55:9e:a5:ab:
1c:a0:a1:9c:f9:99:96:09:e6:f3:a8:6e:5a:61:6c:
0b:2f:b5:e7:cb:54:0c:ab:44:00:65:66:d6:92:74:
de:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2D:D2:53:73:52:74:67:64:BD:4B:56:4F:63:81:82:41:6D:30:7F
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/si3SU3NSdGdkvUtWT2OBgkFtMH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.136.0/22
178.248.208.0/21
178.251.248.0/21
185.32.100.0-185.32.102.255
185.114.128.0/22
193.202.121.0/24
194.69.194.0/23
194.143.132.0/23
217.114.200.0/21
IPv6:
2a02:1740::/32
2a03:d280::/32
Signature Algorithm: sha256WithRSAEncryption
99:15:c7:1f:d8:f4:85:18:5a:5f:a6:7b:a3:39:77:cc:38:a2:
69:5d:b1:c2:dd:94:ea:cf:1f:60:46:7b:27:d4:32:35:18:67:
6c:97:35:8f:48:1b:d2:ae:2c:33:be:ad:75:25:ba:61:12:d0:
3f:65:60:e9:43:22:1d:32:5e:0a:4a:87:a0:0f:e5:7b:68:df:
33:cc:33:e0:dc:74:00:46:7b:32:dd:f3:b5:33:7f:94:fe:07:
fc:65:5c:95:57:b9:ce:1c:4a:6e:cb:2b:7d:e2:39:91:e8:c0:
1d:42:d8:84:8b:5e:0e:57:ae:d2:b2:e8:0e:e1:c2:82:b5:cb:
90:19:bf:ae:9f:08:60:8a:85:2e:a3:73:65:f0:3e:ab:a1:54:
3c:ec:96:4c:de:62:eb:0a:e0:a0:d7:22:4a:4d:d7:c8:02:45:
72:09:14:78:11:8e:f8:62:0d:62:d3:52:5f:a8:1b:5f:fc:bd:
60:48:3d:3c:e5:36:c4:ee:05:48:37:00:34:0b:00:70:46:f7:
eb:51:0d:45:f7:59:62:cb:26:4b:f3:eb:15:bd:b3:11:77:ce:
2c:39:4b:9a:e3:db:91:ac:44:bb:56:6f:ea:55:d3:4f:cd:df:
ab:7b:4f:17:a6:ff:a2:45:d1:a0:1f:3a:3f:fb:25:b3:90:81:
ff:9a:18:45
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVub7cE5w5ADHP/tUXHRqN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjMwMTAxMTc0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJkZDI1MzczNTI3NDY3NjRiZDRiNTY0ZjYzODE4MjQxNmQzMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcS8H+pDqDjvmZhpZtaFbwH5EFEb
T5Sp+lrnhiQr0eNsz4COqTYc5IbqirLm4SOsUbxN4XUTfTGamUrdf9pAp0ScVlVG
bODowTdZA4tMe9b/v/uzXNWIyYJrJIbCz9L2kPswbUpXdVCzQycvY6w+TUfwYngU
rF3Ohh+0VDkZ9n/HRTEMBH7SukMzwGXJFmfeU4LkpvYmLwPtg67GChEbZJrR0NiG
cDewO2+Qj02U1+myeK4ExuhoB7b3wLVg0UJWfzsmBASBbXZetkuYGLImPrcVbj8J
XUXPlRoRsFWepascoKGc+ZmWCebzqG5aYWwLL7Xny1QMq0QAZWbWknTePwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLIt0lNzUnRnZL1LVk9jgYJBbTB/MB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvc2kzU1UzTlNkR2RrdlV0V1QyT0Jna0Z0TUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8WIAwQD
svjQAwQDsvv4MAwDBAK5IGQDBAC5IGYDBAK5coADBADBynkDBAHCRcIDBAHCj4QD
BAPZcsgwFAQCAAIwDgMFACoCF0ADBQAqA9KAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
Fccf2PSFGFpfpnujOXfMOKJpXbHC3ZTqzx9gRnsn1DI1GGdslzWPSBvSriwzvq11
JbphEtA/ZWDpQyIdMl4KSoegD+V7aN8zzDPg3HQARnsy3fO1M3+U/gf8ZVyVV7nO
HEpuyyt94jmR6MAdQtiEi14OV67SsugO4cKCtcuQGb+unwhgioUuo3Nl8D6roVQ8
7JZM3mLrCuCg1yJKTdfIAkVyCRR4EY74Yg1i01JfqBtf/L1gSD085TbE7gVINwA0
CwBwRvfrUQ1F91liyyZL8+sVvbMRd84sOUua49uRrES7Vm/qVdNPzd+re08Xpv+i
RdGgHzo/+yWzkIH/mhhF
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:20 2023 by rpki-client on console.sobornost.net