Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/xq8RStXA_oyWS8KvBJH6Q753wBY.roa
File: xq8RStXA_oyWS8KvBJH6Q753wBY.roa (raw, json)
Hash identifier: GJmHSMPUerUCmeEgwyBo6tbCcRgJPzW5Wgs5xFBupk4=
Subject key identifier: C6:AF:11:4A:D5:C0:FE:8C:96:4B:C2:AF:04:91:FA:43:BE:77:C0:16
Certificate issuer: /CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16
Certificate serial: 01856ED4D2DD7DC859F970983F473A5DDD8C
Authority key identifier: 41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/xq8RStXA_oyWS8KvBJH6Q753wBY.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201160
IP address blocks: 185.163.33.0/24 maxlen: 24
185.163.32.0/24 maxlen: 24
185.163.35.0/24 maxlen: 24
185.163.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d2:dd:7d:c8:59:f9:70:98:3f:47:3a:5d:dd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41c8d0241108b01f5eb708fe8bbb847d53a30f16
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6af114ad5c0fe8c964bc2af0491fa43be77c016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:95:98:6b:2e:10:b0:a0:2d:42:c0:b1:c1:
f0:46:e3:37:12:52:a2:73:6b:6c:1a:bf:eb:3b:45:
0b:84:28:a6:25:7a:38:85:76:10:8a:5a:3d:c8:16:
9e:e6:f5:34:e8:dc:24:dc:46:9d:ae:e4:0c:9e:97:
03:75:b2:88:99:50:6f:93:fa:79:78:09:8a:99:ee:
35:00:f3:09:89:6e:61:d3:a5:be:3a:9d:80:7b:9b:
db:ff:ff:5c:44:f2:de:43:b6:5d:f4:3f:63:cc:41:
11:99:48:d3:10:1d:fc:0f:49:d8:6c:76:b1:c2:98:
9d:7b:c4:54:7c:4f:71:81:81:32:f6:89:59:88:2b:
9c:ca:e2:22:7c:9b:85:ee:ab:5f:8d:a4:a0:38:ee:
a7:b7:fa:3e:90:ff:6a:6e:13:2e:1c:80:d3:00:9b:
ef:94:a8:59:d3:e8:d9:e1:0e:67:59:54:e5:dd:7d:
58:b2:b0:1c:69:a9:d6:97:3f:85:2c:8e:54:15:ad:
b6:73:84:4d:fb:b1:af:8e:88:62:52:12:ae:f6:f6:
3f:2a:16:a5:17:85:8a:91:34:0d:75:f5:40:df:eb:
0b:cf:e2:8c:51:65:96:d8:5b:4a:8c:8d:c4:f9:bb:
c1:48:ab:12:eb:30:cd:e2:dd:3f:90:a9:43:f8:32:
0f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AF:11:4A:D5:C0:FE:8C:96:4B:C2:AF:04:91:FA:43:BE:77:C0:16
X509v3 Authority Key Identifier:
keyid:41:C8:D0:24:11:08:B0:1F:5E:B7:08:FE:8B:BB:84:7D:53:A3:0F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcjQJBEIsB9etwj-i7uEfVOjDxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/xq8RStXA_oyWS8KvBJH6Q753wBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/fd7af2-5036-42ac-a3f7-d596ec14ee2e/1/QcjQJBEIsB9etwj-i7uEfVOjDxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.32.0/22
Signature Algorithm: sha256WithRSAEncryption
24:01:06:dd:50:11:10:34:44:fa:8b:12:f7:49:8e:c2:f2:ad:
32:50:88:0a:b9:6c:2a:19:47:ba:1c:f8:47:2b:70:3e:3e:1d:
0d:b7:ab:62:19:22:21:78:09:5b:52:35:0a:ec:c5:e8:98:42:
68:32:c5:cd:ca:40:d1:7a:18:cd:83:45:ce:99:03:c9:54:f8:
0a:99:b5:59:09:eb:74:6b:9a:88:c1:5d:d6:dd:47:11:0e:c6:
bc:9c:92:8a:c4:75:45:41:e2:e2:85:c2:ce:ac:2d:c6:d9:ad:
7b:d1:51:a2:5a:35:a1:97:0a:ee:15:ba:db:7c:b0:9e:d9:73:
de:70:ba:dc:94:d1:62:a5:2b:61:5d:da:cd:a3:46:ca:4a:4c:
2b:49:19:43:1f:31:87:db:ef:58:15:e7:83:e1:bb:5b:c0:f3:
00:2d:04:2d:19:d7:23:2e:a1:f7:0c:0a:ef:e6:44:41:40:92:
57:62:6f:23:b8:c9:ee:4d:f9:8b:94:17:e9:1d:ce:12:99:5e:
c5:41:f7:90:1b:3b:cc:2a:13:ee:f4:6a:71:72:13:80:34:c1:
e9:30:8d:a6:a7:d3:f0:5b:ce:1b:ef:9c:8c:ac:7b:9b:ec:d5:
39:09:f1:32:65:ab:c4:e5:b1:c6:1b:0e:c5:2d:ce:20:08:16:
12:b0:93:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NLdfchZ+XCYP0c6Xd2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzhkMDI0MTEwOGIwMWY1ZWI3MDhmZThiYmI4NDdkNTNh
MzBmMTYwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFmMTE0YWQ1YzBmZThjOTY0YmMyYWYwNDkxZmE0M2JlNzdjMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpCVmGsuELCgLULAscHwRuM3ElKi
c2tsGr/rO0ULhCimJXo4hXYQilo9yBae5vU06Nwk3EadruQMnpcDdbKImVBvk/p5
eAmKme41APMJiW5h06W+Op2Ae5vb//9cRPLeQ7Zd9D9jzEERmUjTEB38D0nYbHax
wpide8RUfE9xgYEy9olZiCucyuIifJuF7qtfjaSgOO6nt/o+kP9qbhMuHIDTAJvv
lKhZ0+jZ4Q5nWVTl3X1YsrAcaanWlz+FLI5UFa22c4RN+7GvjohiUhKu9vY/Khal
F4WKkTQNdfVA3+sLz+KMUWWW2FtKjI3E+bvBSKsS6zDN4t0/kKlD+DIP0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMavEUrVwP6MlkvCrwSR+kO+d8AWMB8GA1UdIwQY
MBaAFEHI0CQRCLAfXrcI/ou7hH1Tow8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjct
ZDU5NmVjMTRlZTJlLzEveHE4UlN0WEFfb3lXUzhLdkJKSDZRNzUzd0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mZDdhZjItNTAzNi00MmFjLWEzZjctZDU5NmVjMTRlZTJl
LzEvUWNqUUpCRUlzQjlldHdqLWk3dUVmVk9qRHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAkAQbdUBEQNET6ixL3SY7C8q0yUIgKuWwqGUe6HPhH
K3A+Ph0Nt6tiGSIheAlbUjUK7MXomEJoMsXNykDRehjNg0XOmQPJVPgKmbVZCet0
a5qIwV3W3UcRDsa8nJKKxHVFQeLihcLOrC3G2a170VGiWjWhlwruFbrbfLCe2XPe
cLrclNFipSthXdrNo0bKSkwrSRlDHzGH2+9YFeeD4btbwPMALQQtGdcjLqH3DArv
5kRBQJJXYm8juMnuTfmLlBfpHc4SmV7FQfeQGzvMKhPu9GpxchOANMHpMI2mp9Pw
W84b75yMrHub7NU5CfEyZavE5bHGGw7FLc4gCBYSsJNY
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:57 2024 by rpki-client on console.sobornost.net