Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/FibHZefNtwqGd8sk_hidNVttFuM.roa
File: FibHZefNtwqGd8sk_hidNVttFuM.roa (raw, json)
Hash identifier: ZQGJU923HvwkyY7D8KO7XggqasKuF4wJYdp8BNH/vws=
Subject key identifier: 16:26:C7:65:E7:CD:B7:0A:86:77:CB:24:FE:18:9D:35:5B:6D:16:E3
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 018C622B2E8C4977A94EE7EF98D7AEA56109
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/FibHZefNtwqGd8sk_hidNVttFuM.roa
Signing time: Wed 13 Dec 2023 07:54:06 +0000
ROA not before: Wed 13 Dec 2023 07:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.179.0/24 maxlen: 24
89.252.178.0/24 maxlen: 24
89.252.186.0/24 maxlen: 24
89.252.185.0/24 maxlen: 24
89.252.182.0/24 maxlen: 24
89.252.181.0/24 maxlen: 24
89.252.180.0/24 maxlen: 24
89.252.187.0/24 maxlen: 24
185.106.211.0/24 maxlen: 24
185.106.210.0/24 maxlen: 24
185.106.209.0/24 maxlen: 24
185.106.208.0/24 maxlen: 24
45.84.188.0/24 maxlen: 24
45.84.191.0/24 maxlen: 24
45.84.190.0/24 maxlen: 24
2a06:41c0:1::/48 maxlen: 48
2a06:41c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:2b:2e:8c:49:77:a9:4e:e7:ef:98:d7:ae:a5:61:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Dec 13 07:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1626c765e7cdb70a8677cb24fe189d355b6d16e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:70:25:c2:ff:31:77:d2:d8:06:34:33:dd:
59:fa:e5:e3:b8:f7:c9:61:19:03:8d:2d:3f:64:4f:
3c:00:34:85:7f:16:5e:65:2e:35:80:91:6f:f6:2f:
1f:6a:01:da:a6:e3:9c:a2:1a:e7:da:71:aa:19:01:
67:d8:53:1c:f7:1e:7d:b3:fe:20:64:52:d0:e6:5b:
59:ac:57:85:28:77:2b:cb:82:20:6f:5f:dd:4f:18:
58:da:92:71:fc:bf:33:d5:84:09:f9:14:b5:33:00:
34:ca:ff:5e:42:04:a8:e5:ee:9b:0c:98:12:76:ee:
15:28:d8:3e:86:64:78:03:56:fa:d3:59:f3:36:08:
57:02:04:17:f5:4a:e0:15:e6:ea:d8:c0:a4:3a:17:
9b:7d:43:01:a3:2b:62:0e:61:94:30:87:6b:d0:47:
2e:1a:37:84:bb:c4:ad:88:81:8a:fc:f2:8a:8d:54:
84:ed:04:9b:69:9e:b5:52:30:d5:1e:82:42:98:af:
7a:71:53:8e:a9:db:5b:ec:74:57:76:ef:fa:57:05:
56:60:af:4a:77:9e:6c:77:69:6e:70:62:ab:9f:34:
fa:34:ce:20:7f:98:81:f9:4a:8c:dd:f3:3b:87:bd:
e9:81:99:65:3a:c7:2e:47:37:8e:65:4f:43:08:10:
17:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:26:C7:65:E7:CD:B7:0A:86:77:CB:24:FE:18:9D:35:5B:6D:16:E3
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/FibHZefNtwqGd8sk_hidNVttFuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.188.0/24
45.84.190.0/23
89.252.178.0-89.252.182.255
89.252.185.0-89.252.187.255
185.106.208.0/22
IPv6:
2a06:41c0::/47
Signature Algorithm: sha256WithRSAEncryption
4b:db:52:5f:83:e1:69:45:37:21:e5:7b:c9:b0:a9:55:cf:eb:
94:a0:67:0a:5a:d0:1b:9c:fa:e0:05:55:2a:05:9f:62:7d:b9:
8a:59:52:17:1c:19:8f:6e:ba:dd:b5:6d:27:8b:62:80:2f:63:
57:bf:15:0c:a8:53:94:2e:f1:ce:ae:49:79:b7:51:b1:d2:78:
5c:87:3f:f6:e3:35:2b:2d:4d:30:35:a2:08:69:98:a9:0f:2d:
93:62:95:a5:06:db:f0:7e:19:f1:9a:a8:86:3d:69:f4:f2:f2:
56:2d:c7:60:a2:f8:ff:9c:95:4e:69:40:8f:6f:ae:0e:82:aa:
b4:a1:ec:ec:44:e8:e5:fa:79:26:1c:4d:16:23:96:39:c5:f6:
36:ac:04:68:2d:5e:c6:32:a1:55:9c:65:90:c4:a6:7a:16:67:
cc:d8:3c:3a:13:a8:b0:8a:a6:ac:2b:82:05:9c:c7:30:e3:e9:
87:5e:ef:5b:a6:0a:b1:7a:9a:cb:52:7d:6b:ad:63:8e:99:d9:
4c:b1:d8:cd:45:ee:69:d5:d3:b4:53:ce:d3:0e:e9:12:5f:a5:
89:4c:60:27:38:a4:29:71:a9:4c:78:58:54:dd:09:5e:63:f6:
b3:e9:a2:1d:dc:87:a7:bc:95:96:04:ac:26:61:0f:71:7a:3c:
58:00:ed:4a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYxiKy6MSXepTufvmNeupWEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjMxMjEzMDc1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjI2Yzc2NWU3Y2RiNzBhODY3N2NiMjRmZTE4OWQzNTViNmQxNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq1wJcL/MXfS2AY0M91Z+uXjuPfJ
YRkDjS0/ZE88ADSFfxZeZS41gJFv9i8fagHapuOcohrn2nGqGQFn2FMc9x59s/4g
ZFLQ5ltZrFeFKHcry4Igb1/dTxhY2pJx/L8z1YQJ+RS1MwA0yv9eQgSo5e6bDJgS
du4VKNg+hmR4A1b601nzNghXAgQX9UrgFebq2MCkOhebfUMBoytiDmGUMIdr0Ecu
GjeEu8StiIGK/PKKjVSE7QSbaZ61UjDVHoJCmK96cVOOqdtb7HRXdu/6VwVWYK9K
d55sd2lucGKrnzT6NM4gf5iB+UqM3fM7h73pgZllOscuRzeOZU9DCBAXBQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBYmx2XnzbcKhnfLJP4YnTVbbRbjMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvRmliSFplZk50d3FHZDhza19oaWROVnR0RnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwQALVS8AwQB
LVS+MAwDBAFZ/LIDBABZ/LYwDAMEAFn8uQMEAln8uAMEArlq0DAPBAIAAjAJAwcB
KgZBwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBL21Jfg+FpRTch5XvJsKlVz+uUoGcK
WtAbnPrgBVUqBZ9ifbmKWVIXHBmPbrrdtW0ni2KAL2NXvxUMqFOULvHOrkl5t1Gx
0nhchz/24zUrLU0wNaIIaZipDy2TYpWlBtvwfhnxmqiGPWn08vJWLcdgovj/nJVO
aUCPb64Ogqq0oezsROjl+nkmHE0WI5Y5xfY2rARoLV7GMqFVnGWQxKZ6FmfM2Dw6
E6iwiqasK4IFnMcw4+mHXu9bpgqxeprLUn1rrWOOmdlMsdjNRe5p1dO0U87TDukS
X6WJTGAnOKQpcalMeFhU3QleY/az6aId3IenvJWWBKwmYQ9xejxYAO1K
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net