Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KLEgRWkzR7dOCwry3nyRBG3lQcI.roa
File: KLEgRWkzR7dOCwry3nyRBG3lQcI.roa (raw, json)
Hash identifier: GWs27CSv3P681kw3o2WjOvabw5a1ti0GRZeG1JGsb6A=
Subject key identifier: 28:B1:20:45:69:33:47:B7:4E:0B:0A:F2:DE:7C:91:04:6D:E5:41:C2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018BB8844175F1510ED81EDF8202DB88AD09
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KLEgRWkzR7dOCwry3nyRBG3lQcI.roa
Signing time: Fri 10 Nov 2023 09:15:57 +0000
ROA not before: Fri 10 Nov 2023 09:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:84:41:75:f1:51:0e:d8:1e:df:82:02:db:88:ad:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 10 09:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b12045693347b74e0b0af2de7c91046de541c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:23:5f:06:ef:9a:4e:32:c0:4a:d7:55:bc:36:
24:84:23:73:1a:f1:68:64:eb:d1:d7:15:d7:77:95:
c7:81:dc:49:71:13:e2:23:c6:fb:b5:48:d1:f9:ef:
4d:85:ab:f1:23:6d:4d:75:27:5c:3d:66:44:ba:d7:
d0:19:eb:f4:c7:94:01:6b:b9:03:9f:0a:75:af:9f:
94:98:bc:d5:19:17:67:69:e0:b5:1b:bb:c7:fc:aa:
14:6a:b0:36:b0:51:90:d3:e3:4d:db:3d:9c:aa:4e:
c0:6b:e9:ab:c6:77:19:2f:7b:60:34:a8:84:21:40:
3f:90:fb:a8:4d:be:0a:92:55:a1:0f:2e:85:74:a6:
45:dd:e5:9f:0f:ce:c5:ea:d7:0a:6c:8f:fb:8d:3b:
66:30:87:a9:0a:67:7a:a2:33:7a:f3:e6:c2:1e:60:
a8:13:28:0c:f2:b8:95:b0:4b:45:1e:cd:e0:cd:50:
17:71:3c:69:d1:9e:fc:91:ed:72:48:d8:77:75:cd:
16:50:ab:d3:4e:4c:da:85:1a:2d:d9:dc:25:6d:40:
72:18:32:7e:27:5e:7e:7d:cf:20:ad:7e:73:87:06:
5d:2c:7d:a6:12:cc:c9:b0:af:7c:6c:a9:6b:86:fe:
8c:d4:4a:ca:56:58:48:c5:21:e9:47:ef:d0:fe:eb:
d5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B1:20:45:69:33:47:B7:4E:0B:0A:F2:DE:7C:91:04:6D:E5:41:C2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KLEgRWkzR7dOCwry3nyRBG3lQcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.112.0/23
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
75:84:2c:d9:ad:90:2c:d0:89:83:c3:0c:3c:a3:ac:02:b3:1c:
d7:20:76:ad:8f:79:42:1d:a7:d2:5b:7d:1b:6c:e4:43:7a:7e:
e4:9d:3f:20:9d:bd:1a:d4:57:80:bb:25:4a:a4:eb:da:10:4e:
00:06:5e:07:aa:9a:e3:e2:6a:54:d9:49:80:33:b8:0e:83:8b:
2d:95:60:95:8c:b3:a1:f2:35:4b:0c:a3:a9:da:df:23:82:6b:
33:d8:5b:0c:db:8a:69:4c:78:c9:a9:51:33:36:32:09:11:a5:
97:01:32:2c:72:50:12:f3:13:3d:ad:64:25:71:26:78:b7:0e:
91:9f:6a:0b:16:26:9b:89:66:ee:d8:12:2a:ba:57:d0:b7:99:
d8:58:7b:85:9b:0b:12:8e:88:e5:fc:91:f0:61:33:85:d6:52:
bf:f0:8c:9f:19:7b:ae:2f:22:b0:f3:9e:5e:ab:4d:25:ac:35:
5e:70:37:e0:7f:d4:5f:39:a9:e8:0c:24:71:58:fc:d4:3d:69:
76:7e:2a:83:aa:34:5d:73:de:45:ef:02:74:a8:0c:b9:ac:70:
e7:c0:1e:ba:cb:7b:91:a7:ad:bb:b3:68:80:f6:36:65:1c:4f:
f7:e7:a9:72:05:54:d9:29:81:7a:a5:5d:38:1d:28:b3:2f:b9:
b4:64:a0:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu4hEF18VEO2B7fggLbiK0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTEwMDkxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIxMjA0NTY5MzM0N2I3NGUwYjBhZjJkZTdjOTEwNDZkZTU0MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiNfBu+aTjLAStdVvDYkhCNzGvFo
ZOvR1xXXd5XHgdxJcRPiI8b7tUjR+e9NhavxI21NdSdcPWZEutfQGev0x5QBa7kD
nwp1r5+UmLzVGRdnaeC1G7vH/KoUarA2sFGQ0+NN2z2cqk7Aa+mrxncZL3tgNKiE
IUA/kPuoTb4KklWhDy6FdKZF3eWfD87F6tcKbI/7jTtmMIepCmd6ojN68+bCHmCo
EygM8riVsEtFHs3gzVAXcTxp0Z78ke1ySNh3dc0WUKvTTkzahRot2dwlbUByGDJ+
J15+fc8grX5zhwZdLH2mEszJsK98bKlrhv6M1ErKVlhIxSHpR+/Q/uvVyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCixIEVpM0e3TgsK8t58kQRt5UHCMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS0xFZ1JXa3pSN2RPQ3dyeTNueVJCRzNsUWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQB
bUhwAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQB1hCzZrZAs0ImDwww8o6wCsxzX
IHatj3lCHafSW30bbORDen7knT8gnb0a1FeAuyVKpOvaEE4ABl4Hqprj4mpU2UmA
M7gOg4stlWCVjLOh8jVLDKOp2t8jgmsz2FsM24ppTHjJqVEzNjIJEaWXATIsclAS
8xM9rWQlcSZ4tw6Rn2oLFiabiWbu2BIqulfQt5nYWHuFmwsSjojl/JHwYTOF1lK/
8IyfGXuuLyKw855eq00lrDVecDfgf9RfOanoDCRxWPzUPWl2fiqDqjRdc95F7wJ0
qAy5rHDnwB66y3uRp627s2iA9jZlHE/356lyBVTZKYF6pV04HSizL7m0ZKBq
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net