Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-66QnNWafYI5YjbODtxEA_GVrbI.roa
File: 1-66QnNWafYI5YjbODtxEA_GVrbI.roa (raw, json)
Hash identifier: mTgLvJuj0Y4Wffp/8M/95/6VemdG0zEuGnV5HfYOqEs=
Subject key identifier: FB:AE:90:9C:D5:9A:7D:82:39:62:36:CE:0E:DC:44:03:F1:95:AD:B2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018908594D81822A77D9C1881DDC229F403A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-66QnNWafYI5YjbODtxEA_GVrbI.roa
Signing time: Thu 29 Jun 2023 18:10:17 +0000
ROA not before: Thu 29 Jun 2023 18:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.126.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:08:59:4d:81:82:2a:77:d9:c1:88:1d:dc:22:9f:40:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 29 18:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbae909cd59a7d82396236ce0edc4403f195adb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:27:ed:73:ce:42:72:65:58:ee:22:1b:6e:3d:
b5:d9:1e:4d:53:16:30:0e:61:41:fa:31:10:35:e6:
18:d2:12:99:32:ff:41:38:de:5d:eb:98:b2:85:ea:
ca:8a:17:c0:a7:a2:7f:ad:78:7c:09:62:92:b9:64:
7e:ca:d4:51:8e:3f:a9:ef:c2:de:5f:6c:2b:d5:d0:
e2:ed:39:07:11:84:63:eb:40:ff:63:cd:0a:62:c1:
e8:64:81:91:f3:30:e0:1c:c1:8f:ea:78:ce:f7:a6:
f5:43:59:98:dd:f1:ec:8d:e5:2d:03:5e:1e:53:92:
e6:5c:0b:7f:eb:d3:9a:fa:fe:72:02:ca:5d:18:59:
4b:e1:9b:fa:aa:a9:b0:79:ec:fa:83:4b:42:07:0a:
43:9d:be:97:30:17:55:78:6a:e7:6a:12:05:07:68:
70:d5:c0:80:2e:23:64:17:a1:d8:49:fc:86:6f:d5:
0b:1d:2a:61:46:6d:69:3d:46:08:95:1b:1a:f2:ce:
d0:ca:d9:57:0c:64:bb:33:a9:5a:49:8d:aa:6f:c4:
2a:2e:1d:15:45:b7:d7:21:41:10:4c:63:a5:d5:20:
d3:87:93:c7:65:cb:18:9a:9b:94:50:de:82:1f:70:
74:fc:ae:2b:cf:86:e0:2b:72:af:01:ab:93:cd:3c:
30:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AE:90:9C:D5:9A:7D:82:39:62:36:CE:0E:DC:44:03:F1:95:AD:B2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-66QnNWafYI5YjbODtxEA_GVrbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
109.72.126.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d0:12:2a:24:cb:13:33:fd:ee:d3:6d:d3:c5:ca:61:ae:be:
ec:9f:4d:45:4b:f0:3e:3a:9b:d4:3d:a6:30:a2:70:ef:7d:ba:
c3:3d:2e:a2:8f:8c:da:67:72:1e:a1:25:b9:a5:a4:d7:b6:a0:
a8:43:87:da:40:39:35:1f:97:8c:aa:75:ce:c0:ae:da:73:e7:
7a:e9:46:7b:b2:77:7d:b1:e1:a0:ca:47:50:e7:7b:da:ef:ce:
b7:94:cf:a5:c5:3b:03:27:86:4f:e3:2e:a9:d9:f8:b9:3c:bb:
77:c0:2d:5e:4b:a1:7e:7c:22:c3:2e:9f:19:0a:52:cd:3b:a6:
fe:64:01:f4:18:9b:44:9d:37:61:04:ed:d6:a1:38:ff:93:ab:
de:94:10:71:2d:fe:2c:bc:d4:ce:a4:e7:5e:46:30:b8:8f:f4:
08:ba:e8:d5:9c:be:95:34:fa:31:c9:22:92:1f:0e:24:31:cb:
ad:3f:14:ad:d6:e5:09:15:6e:84:75:45:09:f9:86:4f:37:25:
e1:35:45:84:b7:5d:5c:0b:d8:9e:b1:bd:6a:8a:77:1b:e4:99:
17:c5:1b:dc:23:c7:35:44:eb:db:e4:2a:f1:f0:27:0f:fb:f6:
e5:83:72:da:42:0d:51:e3:d2:ef:35:c6:ca:5f:d0:38:40:2f:
ae:8b:e0:ae
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYkIWU2Bgip32cGIHdwin0A6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjI5MTgxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmFlOTA5Y2Q1OWE3ZDgyMzk2MjM2Y2UwZWRjNDQwM2YxOTVhZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCftc85CcmVY7iIbbj212R5NUxYw
DmFB+jEQNeYY0hKZMv9BON5d65iyherKihfAp6J/rXh8CWKSuWR+ytRRjj+p78Le
X2wr1dDi7TkHEYRj60D/Y80KYsHoZIGR8zDgHMGP6njO96b1Q1mY3fHsjeUtA14e
U5LmXAt/69Oa+v5yAspdGFlL4Zv6qqmweez6g0tCBwpDnb6XMBdVeGrnahIFB2hw
1cCALiNkF6HYSfyGb9ULHSphRm1pPUYIlRsa8s7QytlXDGS7M6laSY2qb8QqLh0V
RbfXIUEQTGOl1SDTh5PHZcsYmpuUUN6CH3B0/K4rz4bgK3KvAauTzTwwxQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPuukJzVmn2COWI2zg7cRAPxla2yMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMS02NlFuTldhZllJNVlqYk9EdHhFQV9HVnJiSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVh
YS8xL21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlm5AAME
Alm5GAMEAm1IdAMEAG1IfjANBgkqhkiG9w0BAQsFAAOCAQEAaNASKiTLEzP97tNt
08XKYa6+7J9NRUvwPjqb1D2mMKJw7326wz0uoo+M2mdyHqEluaWk17agqEOH2kA5
NR+XjKp1zsCu2nPneulGe7J3fbHhoMpHUOd72u/Ot5TPpcU7AyeGT+Muqdn4uTy7
d8AtXkuhfnwiwy6fGQpSzTum/mQB9BibRJ03YQTt1qE4/5Or3pQQcS3+LLzUzqTn
XkYwuI/0CLro1Zy+lTT6Mckikh8OJDHLrT8UrdblCRVuhHVFCfmGTzcl4TVFhLdd
XAvYnrG9aop3G+SZF8Ub3CPHNUTr2+Qq8fAnD/v25YNy2kINUePS7zXGyl/QOEAv
rovgrg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net