Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/OvY0E-3VjSSpnjg1kI1UGojKSBA.roa
File: OvY0E-3VjSSpnjg1kI1UGojKSBA.roa (raw, json)
Hash identifier: f6GWW2UEeqJm1LnfUytcgVbwqP1+5llArhmBY95zNuI=
Subject key identifier: 3A:F6:34:13:ED:D5:8D:24:A9:9E:38:35:90:8D:54:1A:88:CA:48:10
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 0189511A6701B59108E6E7E6C32C92FFDC2E
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/OvY0E-3VjSSpnjg1kI1UGojKSBA.roa
Signing time: Thu 13 Jul 2023 21:13:51 +0000
ROA not before: Thu 13 Jul 2023 21:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.179.0/24 maxlen: 24
89.252.178.0/24 maxlen: 24
89.252.186.0/24 maxlen: 24
89.252.181.0/24 maxlen: 24
89.252.180.0/24 maxlen: 24
89.252.187.0/24 maxlen: 24
185.106.211.0/24 maxlen: 24
185.106.210.0/24 maxlen: 24
185.106.209.0/24 maxlen: 24
185.106.208.0/24 maxlen: 24
45.84.188.0/24 maxlen: 24
45.84.191.0/24 maxlen: 24
45.84.190.0/24 maxlen: 24
2a06:41c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:51:1a:67:01:b5:91:08:e6:e7:e6:c3:2c:92:ff:dc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Jul 13 21:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3af63413edd58d24a99e3835908d541a88ca4810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:41:74:90:29:31:aa:65:1c:24:f0:02:21:4c:
fb:0a:f8:1d:0c:23:39:0d:5f:35:1f:cc:5c:63:52:
c5:f3:50:05:af:e0:39:6c:d8:ce:8f:55:27:2f:32:
3a:dc:e6:a8:35:9e:59:5f:ff:72:25:2e:1f:79:8a:
13:83:bd:41:91:59:21:20:03:99:f3:49:17:fa:07:
2c:4f:6b:0c:e8:40:3e:76:22:e8:dd:bd:a1:75:cb:
04:88:23:03:be:bb:dd:1a:dd:4b:44:57:a1:95:00:
9c:bf:72:ae:0e:72:ec:8f:3b:cd:cf:12:ff:7e:06:
3a:0b:b1:2f:65:e1:00:ca:17:a6:98:18:05:94:d3:
e9:7c:1e:0b:ed:33:d0:10:e5:77:aa:50:c9:64:4c:
89:1c:88:4e:e6:19:bf:c4:23:60:e5:66:b7:95:19:
3d:6b:36:fe:15:88:03:bf:ef:c0:5d:b5:7f:a2:58:
61:ad:84:66:91:f5:a2:e2:f3:e5:06:8d:19:3c:9f:
98:65:ee:8f:b4:24:7e:22:ea:d0:10:a7:3c:7c:3f:
6c:b5:5f:73:43:9d:f4:a9:50:76:cd:f1:27:91:97:
10:7b:4f:cf:ea:15:6d:8e:d3:4b:32:b1:62:b6:d6:
f5:3a:c4:6f:99:66:ea:3c:40:5c:b1:97:46:e7:80:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F6:34:13:ED:D5:8D:24:A9:9E:38:35:90:8D:54:1A:88:CA:48:10
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/OvY0E-3VjSSpnjg1kI1UGojKSBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.188.0/24
45.84.190.0/23
89.252.178.0-89.252.181.255
89.252.186.0/23
185.106.208.0/22
IPv6:
2a06:41c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
9e:45:fd:83:5f:ad:dc:57:29:ca:6a:9f:92:cd:2d:9c:ab:48:
e8:48:36:20:18:b7:88:e7:46:b3:1e:13:c3:c3:14:b7:6e:98:
f9:9d:ec:c2:7a:77:a3:44:1c:23:89:a3:49:96:3b:45:05:55:
d0:9f:51:91:14:45:a6:60:18:7e:9f:36:48:28:50:41:e8:68:
c5:28:81:71:22:a0:13:f4:5e:e3:f9:70:95:df:13:ab:40:4a:
80:ef:5b:2f:8d:1f:83:c8:e0:84:a9:b8:d8:60:fa:67:ac:1a:
0e:a4:b6:05:7e:05:0d:da:60:66:86:e9:7a:ff:f7:e0:2b:2a:
11:96:cb:c7:b8:a9:03:d3:5c:61:11:6b:2f:33:fb:aa:a9:1b:
7e:8e:b5:59:46:e6:aa:35:33:90:9b:0f:22:9d:61:e3:06:bd:
90:74:16:c9:55:7a:24:c8:1b:9f:94:54:05:b3:0d:b5:9c:22:
f5:c7:64:f6:61:2c:9d:0e:f7:91:c5:db:d1:17:64:2c:0d:f5:
34:1f:c9:00:5c:e2:7f:1e:2a:8b:bf:b8:40:b8:44:12:13:68:
af:cc:78:5b:2b:13:fe:28:18:fc:80:a5:10:0c:68:bc:f1:17:
91:85:8a:51:35:31:27:f1:a0:b6:0b:b3:06:ce:67:5d:4a:8e:
e4:11:57:f9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYlRGmcBtZEI5ufmwyyS/9wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjMwNzEzMjExMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY2MzQxM2VkZDU4ZDI0YTk5ZTM4MzU5MDhkNTQxYTg4Y2E0ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEF0kCkxqmUcJPACIUz7CvgdDCM5
DV81H8xcY1LF81AFr+A5bNjOj1UnLzI63OaoNZ5ZX/9yJS4feYoTg71BkVkhIAOZ
80kX+gcsT2sM6EA+diLo3b2hdcsEiCMDvrvdGt1LRFehlQCcv3KuDnLsjzvNzxL/
fgY6C7EvZeEAyhemmBgFlNPpfB4L7TPQEOV3qlDJZEyJHIhO5hm/xCNg5Wa3lRk9
azb+FYgDv+/AXbV/olhhrYRmkfWi4vPlBo0ZPJ+YZe6PtCR+IurQEKc8fD9stV9z
Q530qVB2zfEnkZcQe0/P6hVtjtNLMrFittb1OsRvmWbqPEBcsZdG54DRVwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFDr2NBPt1Y0kqZ44NZCNVBqIykgQMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvT3ZZMEUtM1ZqU1NwbmpnMWtJMVVHb2pLU0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQALVS8AwQB
LVS+MAwDBAFZ/LIDBAFZ/LQDBAFZ/LoDBAK5atAwDwQCAAIwCQMHACoGQcAAATAN
BgkqhkiG9w0BAQsFAAOCAQEAnkX9g1+t3Fcpymqfks0tnKtI6Eg2IBi3iOdGsx4T
w8MUt26Y+Z3swnp3o0QcI4mjSZY7RQVV0J9RkRRFpmAYfp82SChQQehoxSiBcSKg
E/Re4/lwld8Tq0BKgO9bL40fg8jghKm42GD6Z6waDqS2BX4FDdpgZobpev/34Csq
EZbLx7ipA9NcYRFrLzP7qqkbfo61WUbmqjUzkJsPIp1h4wa9kHQWyVV6JMgbn5RU
BbMNtZwi9cdk9mEsnQ73kcXb0RdkLA31NB/JAFzifx4qi7+4QLhEEhNor8x4WysT
/igY/IClEAxovPEXkYWKUTUxJ/GgtguzBs5nXUqO5BFX+Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net