Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/uXR0eFkEnSzXnAexxJH2PG5-2sk.roa
File: uXR0eFkEnSzXnAexxJH2PG5-2sk.roa (raw, json)
Hash identifier: KdE8czv17n2VN5xDIo89YLY9t8io8zzoDILgWycNImg=
Subject key identifier: B9:74:74:78:59:04:9D:2C:D7:9C:07:B1:C4:91:F6:3C:6E:7E:DA:C9
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018572E81E637625D49A8B57F6E0DA71F340
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/uXR0eFkEnSzXnAexxJH2PG5-2sk.roa
Signing time: Mon 02 Jan 2023 14:34:52 +0000
ROA not before: Mon 02 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43494
IP address blocks: 185.89.244.0/23 maxlen: 23
185.89.246.0/23 maxlen: 23
212.158.176.0/24 maxlen: 24
78.40.2.0/23 maxlen: 23
78.40.4.0/22 maxlen: 22
185.86.236.0/24 maxlen: 24
185.86.236.0/22 maxlen: 24
2a00:a9c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:1e:63:76:25:d4:9a:8b:57:f6:e0:da:71:f3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 2 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b974747859049d2cd79c07b1c491f63c6e7edac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:44:29:a8:21:8a:1e:4d:93:00:3c:14:c9:
09:76:63:10:f1:be:dd:09:8e:86:64:a9:53:97:e9:
6b:51:52:fb:1e:39:9f:34:df:06:ee:cd:c3:c1:92:
a6:36:45:1a:ae:df:35:af:49:d2:5e:d3:12:c9:c8:
c0:d0:21:27:2e:8c:ef:91:2d:fb:69:3e:10:13:17:
f3:21:c9:3d:de:0b:81:a9:e1:8b:33:60:aa:1c:aa:
43:bd:2b:13:a8:d3:8c:ae:d2:45:31:1c:c9:3b:49:
41:29:ac:d2:e4:2c:5e:72:53:85:8e:73:21:78:40:
d2:a9:f1:7b:e2:14:de:fe:92:2a:48:43:9d:18:93:
ac:1e:e7:5e:e3:e0:cb:6e:51:e3:46:27:5f:d9:6b:
5c:d1:e9:4a:82:65:b4:38:b9:14:3e:1a:c9:94:76:
8f:09:fb:f6:a5:75:d4:41:25:e9:69:ee:ee:ad:94:
b9:ae:f1:71:1d:6b:b3:6c:e0:a2:c0:d5:34:c7:e6:
55:c1:fc:ea:62:97:8d:49:21:38:91:04:42:58:bd:
ff:fa:00:af:e9:ea:30:eb:4f:89:f5:9c:71:06:9f:
e3:1a:da:6d:7d:6d:cf:ac:d4:f9:2f:b0:21:cd:d1:
c0:16:d8:80:75:47:ae:eb:97:7f:e0:11:57:e9:77:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:74:74:78:59:04:9D:2C:D7:9C:07:B1:C4:91:F6:3C:6E:7E:DA:C9
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/uXR0eFkEnSzXnAexxJH2PG5-2sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.2.0-78.40.7.255
185.86.236.0/22
185.89.244.0/22
212.158.176.0/24
IPv6:
2a00:a9c0::/32
Signature Algorithm: sha256WithRSAEncryption
25:8f:1d:b5:65:53:90:cd:c0:4e:ba:05:ff:22:5c:dc:65:7b:
8c:d4:89:2d:5b:45:73:24:6c:e1:4c:ed:54:ad:67:3b:ee:01:
22:e4:4d:ba:54:c3:4c:e8:62:89:f1:a3:38:7a:84:fb:75:33:
af:f7:d8:87:cc:d3:17:12:c3:20:4e:e8:88:0d:d9:bd:03:ac:
f1:b1:be:31:73:98:be:61:d3:d6:d7:bc:85:41:f4:fd:2c:75:
11:9b:c7:b2:0a:ab:3b:2d:a5:1c:4b:d1:4e:cd:72:80:7a:52:
33:77:90:a2:dc:6b:ca:cd:ba:40:b3:6f:fd:13:5e:a8:ee:08:
c3:ac:ef:21:a3:bc:ef:d0:aa:6b:62:b7:2b:22:26:37:2e:a3:
90:24:9b:e2:19:e2:f0:31:85:9d:c0:e9:53:a3:e9:4e:22:f3:
b1:c1:b7:48:a1:38:93:10:5c:29:9f:cf:a2:3b:4f:8d:c1:5d:
0e:68:41:a5:2c:ce:a2:f8:a5:ba:61:f1:4a:91:49:fc:42:d6:
cf:10:54:03:e9:5a:ae:12:a4:6b:b7:f2:ee:cf:bc:14:61:ac:
4f:55:d8:b1:1e:6f:f7:78:ef:83:1c:f0:4d:66:aa:b5:ba:53:
52:c2:79:8e:99:99:5c:b1:80:99:61:ed:21:51:aa:f9:31:01:
b0:9f:bb:46
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVy6B5jdiXUmotX9uDacfNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjMwMTAyMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc0NzQ3ODU5MDQ5ZDJjZDc5YzA3YjFjNDkxZjYzYzZlN2VkYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc9EKaghih5NkwA8FMkJdmMQ8b7d
CY6GZKlTl+lrUVL7HjmfNN8G7s3DwZKmNkUart81r0nSXtMSycjA0CEnLozvkS37
aT4QExfzIck93guBqeGLM2CqHKpDvSsTqNOMrtJFMRzJO0lBKazS5CxeclOFjnMh
eEDSqfF74hTe/pIqSEOdGJOsHude4+DLblHjRidf2Wtc0elKgmW0OLkUPhrJlHaP
Cfv2pXXUQSXpae7urZS5rvFxHWuzbOCiwNU0x+ZVwfzqYpeNSSE4kQRCWL3/+gCv
6eow60+J9ZxxBp/jGtptfW3PrNT5L7AhzdHAFtiAdUeu65d/4BFX6XdApQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLl0dHhZBJ0s15wHscSR9jxuftrJMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvdVhSMGVGa0VuU3pYbkFleHhKSDJQRzUtMnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAFOKAID
BANOKAADBAK5VuwDBAK5WfQDBADUnrAwDQQCAAIwBwMFACoAqcAwDQYJKoZIhvcN
AQELBQADggEBACWPHbVlU5DNwE66Bf8iXNxle4zUiS1bRXMkbOFM7VStZzvuASLk
TbpUw0zoYonxozh6hPt1M6/32IfM0xcSwyBO6IgN2b0DrPGxvjFzmL5h09bXvIVB
9P0sdRGbx7IKqzstpRxL0U7NcoB6UjN3kKLca8rNukCzb/0TXqjuCMOs7yGjvO/Q
qmtitysiJjcuo5Akm+IZ4vAxhZ3A6VOj6U4i87HBt0ihOJMQXCmfz6I7T43BXQ5o
QaUszqL4pbph8UqRSfxC1s8QVAPpWq4SpGu38u7PvBRhrE9V2LEeb/d474Mc8E1m
qrW6U1LCeY6ZmVyxgJlh7SFRqvkxAbCfu0Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:51 2024 by rpki-client on console.sobornost.net