Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/mOG8Yvzf3ExYc4xnhtsYV5cMFjQ.roa
File: mOG8Yvzf3ExYc4xnhtsYV5cMFjQ.roa (raw, json)
Hash identifier: tNYVYJuV4LUdUWOaj9Sa6bGgZYiHBLviL/ryRqE9Hv8=
Subject key identifier: 98:E1:BC:62:FC:DF:DC:4C:58:73:8C:67:86:DB:18:57:97:0C:16:34
Certificate issuer: /CN=8e55ca00bb616fdc4747cbfa4b54456c23f37284
Certificate serial: 01856C4A6CA418C7F029D5843CD594A7617D
Authority key identifier: 8E:55:CA:00:BB:61:6F:DC:47:47:CB:FA:4B:54:45:6C:23:F3:72:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlXKALthb9xHR8v6S1RFbCPzcoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/mOG8Yvzf3ExYc4xnhtsYV5cMFjQ.roa
Signing time: Sun 01 Jan 2023 07:44:54 +0000
ROA not before: Sun 01 Jan 2023 07:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203201
IP address blocks: 185.142.152.0/24 maxlen: 24
185.142.152.0/23 maxlen: 23
185.142.152.0/22 maxlen: 22
185.142.153.0/24 maxlen: 24
185.142.154.0/24 maxlen: 24
185.142.154.0/23 maxlen: 23
185.142.155.0/24 maxlen: 24
185.145.192.0/24 maxlen: 24
185.145.192.0/22 maxlen: 24
185.145.192.0/23 maxlen: 23
185.145.194.0/23 maxlen: 23
185.145.193.0/24 maxlen: 24
185.145.194.0/24 maxlen: 24
185.145.195.0/24 maxlen: 24
78.142.240.0/24 maxlen: 24
2a07:2e80::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6c:a4:18:c7:f0:29:d5:84:3c:d5:94:a7:61:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e55ca00bb616fdc4747cbfa4b54456c23f37284
Validity
Not Before: Jan 1 07:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98e1bc62fcdfdc4c58738c6786db1857970c1634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:77:7b:e9:d2:64:9a:e9:1e:90:69:12:99:
40:83:e2:74:05:07:b5:f3:5d:4e:84:9c:78:af:e4:
d8:0a:25:80:f5:a5:50:1f:8a:8e:08:de:ff:23:4f:
49:61:a2:af:d3:6c:db:0c:37:bd:9f:2e:32:ea:3d:
94:e2:d3:b8:64:76:4e:9e:ce:67:1d:f7:0b:76:d8:
2d:5a:36:f1:9a:56:51:35:2a:dc:f3:31:6b:bc:a6:
af:de:1b:f4:c3:e1:7a:13:18:a5:32:80:ae:9c:32:
6d:e0:97:fa:08:b0:4c:91:9a:d4:d9:32:65:48:72:
15:20:ee:37:0d:4c:2d:87:75:8c:35:3d:e5:c3:08:
ce:98:8e:7c:b6:9a:64:7e:4d:94:95:f3:d1:30:fd:
89:f8:d8:6a:34:a0:82:45:49:c9:0b:5b:78:1d:88:
5b:e1:b8:52:c3:b5:a2:52:36:03:b9:00:84:d8:f9:
32:f8:7a:23:c1:37:a5:e9:3c:c6:63:48:57:59:ea:
21:f5:88:67:37:c0:ba:05:12:ab:53:b4:82:a0:86:
cd:b1:b1:72:85:f6:9e:42:94:0b:2a:64:96:14:03:
ce:24:70:02:dd:14:1f:dd:c8:69:e5:82:1a:f9:15:
dc:28:bf:68:2e:a6:cb:fb:32:ef:24:ad:57:74:21:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E1:BC:62:FC:DF:DC:4C:58:73:8C:67:86:DB:18:57:97:0C:16:34
X509v3 Authority Key Identifier:
keyid:8E:55:CA:00:BB:61:6F:DC:47:47:CB:FA:4B:54:45:6C:23:F3:72:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlXKALthb9xHR8v6S1RFbCPzcoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/mOG8Yvzf3ExYc4xnhtsYV5cMFjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f14ddb-db59-485c-9944-e7115ba4208f/1/jlXKALthb9xHR8v6S1RFbCPzcoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.240.0/24
185.142.152.0/22
185.145.192.0/22
IPv6:
2a07:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
45:c5:b8:46:59:e7:71:4f:14:e3:58:be:7a:5d:5c:31:00:3d:
f9:dc:2a:04:5c:9a:1e:9f:58:0d:e2:55:69:dc:72:4f:10:31:
1e:44:72:a5:1f:8c:a8:7a:ee:93:36:7d:8f:fb:7b:3b:ab:1b:
c8:01:8e:01:80:71:da:48:f8:7c:57:9f:36:0d:42:16:bf:4c:
a2:36:49:2e:ed:e3:11:1b:b1:fe:59:d8:e4:d1:e7:72:fe:33:
0f:0d:6e:a6:38:e6:8c:04:95:c7:ce:ec:22:43:bc:e4:73:25:
24:ff:ce:d7:54:ba:ed:76:83:15:34:26:e8:a9:69:0f:14:f0:
2d:58:63:e6:ca:26:8c:9a:6e:c2:f4:3b:d2:d4:7e:85:fb:81:
c5:d4:9b:68:4a:8d:48:fb:5d:69:5a:d7:f1:56:14:25:c5:5b:
4f:57:a1:fc:3f:c1:f6:9a:66:5e:17:41:3b:6c:2e:0c:6f:0d:
38:17:91:50:db:94:22:c6:52:5f:9a:8f:31:33:c0:e5:6a:44:
ab:10:75:05:0d:8e:8b:fe:15:87:e4:c7:f6:4a:2b:3e:3c:8b:
42:8c:5d:e9:54:ae:da:b8:0a:68:26:89:fd:4d:3f:53:6d:45:
39:36:c8:07:ef:6c:a3:1b:60:2e:b3:cd:3c:83:f3:3a:52:62:
70:53:af:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsSmykGMfwKdWEPNWUp2F9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNTVjYTAwYmI2MTZmZGM0NzQ3Y2JmYTRiNTQ0NTZjMjNm
MzcyODQwHhcNMjMwMTAxMDc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGUxYmM2MmZjZGZkYzRjNTg3MzhjNjc4NmRiMTg1Nzk3MGMxNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwF3e+nSZJrpHpBpEplAg+J0BQe1
811OhJx4r+TYCiWA9aVQH4qOCN7/I09JYaKv02zbDDe9ny4y6j2U4tO4ZHZOns5n
HfcLdtgtWjbxmlZRNSrc8zFrvKav3hv0w+F6ExilMoCunDJt4Jf6CLBMkZrU2TJl
SHIVIO43DUwth3WMNT3lwwjOmI58tppkfk2UlfPRMP2J+NhqNKCCRUnJC1t4HYhb
4bhSw7WiUjYDuQCE2Pky+HojwTel6TzGY0hXWeoh9YhnN8C6BRKrU7SCoIbNsbFy
hfaeQpQLKmSWFAPOJHAC3RQf3chp5YIa+RXcKL9oLqbL+zLvJK1XdCGN/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJjhvGL839xMWHOMZ4bbGFeXDBY0MB8GA1UdIwQY
MBaAFI5VygC7YW/cR0fL+ktURWwj83KEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamxYS0FMdGhiOXhIUjh2NlMxUkZiQ1B6Y29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mMTRkZGItZGI1OS00ODVjLTk5NDQt
ZTcxMTViYTQyMDhmLzEvbU9HOFl2emYzRXhZYzR4bmh0c1lWNWNNRmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9mMTRkZGItZGI1OS00ODVjLTk5NDQtZTcxMTViYTQyMDhm
LzEvamxYS0FMdGhiOXhIUjh2NlMxUkZiQ1B6Y29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQATo7wAwQC
uY6YAwQCuZHAMA0EAgACMAcDBQMqBy6AMA0GCSqGSIb3DQEBCwUAA4IBAQBFxbhG
WedxTxTjWL56XVwxAD353CoEXJoen1gN4lVp3HJPEDEeRHKlH4yoeu6TNn2P+3s7
qxvIAY4BgHHaSPh8V582DUIWv0yiNkku7eMRG7H+Wdjk0edy/jMPDW6mOOaMBJXH
zuwiQ7zkcyUk/87XVLrtdoMVNCboqWkPFPAtWGPmyiaMmm7C9DvS1H6F+4HF1Jto
So1I+11pWtfxVhQlxVtPV6H8P8H2mmZeF0E7bC4Mbw04F5FQ25QixlJfmo8xM8Dl
akSrEHUFDY6L/hWH5Mf2Sis+PItCjF3pVK7auApoJon9TT9TbUU5NsgH72yjG2Au
s808g/M6UmJwU69Z
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:33 2023 by rpki-client on console.sobornost.net