Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yMO7do4iPONPq4GHuDFwwgDRiA4.roa
File: yMO7do4iPONPq4GHuDFwwgDRiA4.roa (raw, json)
Hash identifier: DLbotBGIdDTkAx8v5dMJHMTb+iIQFRxwuylZ2WuBPjU=
Subject key identifier: C8:C3:BB:76:8E:22:3C:E3:4F:AB:81:87:B8:31:70:C2:00:D1:88:0E
Certificate issuer: /CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Certificate serial: 01856E41D576806A99E12E2A54DCBC88903C
Authority key identifier: 60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yMO7do4iPONPq4GHuDFwwgDRiA4.roa
Signing time: Sun 01 Jan 2023 16:54:46 +0000
ROA not before: Sun 01 Jan 2023 16:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57133
IP address blocks: 185.130.137.0/24 maxlen: 24
185.130.139.0/24 maxlen: 24
185.130.136.0/24 maxlen: 24
185.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d5:76:80:6a:99:e1:2e:2a:54:dc:bc:88:90:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Validity
Not Before: Jan 1 16:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8c3bb768e223ce34fab8187b83170c200d1880e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f9:59:b0:a9:9e:75:05:8f:4b:be:a8:03:e1:
0b:fc:a6:2e:25:c7:aa:4a:80:4c:9f:52:85:48:7c:
c5:d9:2b:e2:93:ec:18:0a:61:f3:98:d2:36:99:85:
43:81:29:fa:f7:ca:c5:eb:0d:89:b0:72:c0:ea:b4:
32:c1:ef:e2:ad:de:26:c8:3b:35:69:03:f5:35:0d:
d0:69:e7:ed:bd:1e:de:81:2d:ff:fa:74:26:62:30:
7b:02:18:43:46:bd:51:ab:70:35:79:ff:3d:f1:0c:
46:51:2a:8a:1d:ca:86:0a:58:16:c1:a2:53:d6:cf:
b9:7e:d2:d3:24:14:08:13:2a:f6:d2:c8:71:cd:75:
9d:94:34:98:de:f6:86:d8:10:d7:5c:0c:53:87:85:
16:15:a8:e4:1e:b2:cb:15:3c:53:47:b7:11:50:30:
38:9f:35:f6:59:d9:8a:95:52:4c:b2:b7:e1:fe:64:
26:e0:3d:da:d5:89:9b:fd:47:73:25:1b:69:dc:8c:
aa:61:3d:a9:62:89:13:fd:fc:63:a4:30:b1:d0:a2:
40:f6:4b:19:f0:10:48:0f:6a:7a:ec:93:bd:fb:2b:
db:6f:a1:6e:13:1a:ac:2a:88:c1:78:04:dc:c1:22:
7b:f8:5a:b5:a2:9a:fa:c6:02:d9:e0:04:b9:73:24:
65:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C3:BB:76:8E:22:3C:E3:4F:AB:81:87:B8:31:70:C2:00:D1:88:0E
X509v3 Authority Key Identifier:
keyid:60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yMO7do4iPONPq4GHuDFwwgDRiA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.136.0/22
Signature Algorithm: sha256WithRSAEncryption
93:66:78:15:69:81:a7:90:ab:cd:ca:9e:04:e5:a9:ff:42:f0:
8d:2a:2a:f0:86:70:73:b3:fe:3a:d5:2b:e3:fd:30:b8:dd:c0:
6b:2c:64:d5:75:04:e5:c8:63:fb:ae:14:e8:56:65:39:5a:96:
4f:b4:7e:c1:82:a8:36:1e:db:71:16:37:15:67:ca:20:68:a8:
43:4f:c0:5c:ae:34:8d:98:57:c8:f5:e3:b9:db:f4:55:a3:48:
b1:74:00:e6:0d:f0:ed:98:97:a9:21:c6:30:18:4f:2b:e6:60:
25:28:20:05:f0:d7:d5:67:bc:c3:9e:1e:05:9f:ec:76:33:57:
19:55:99:d6:5e:51:6e:79:84:5c:4a:b4:d4:8b:a0:e1:2c:ae:
4f:d0:0b:1f:c3:7d:52:e8:95:67:4d:85:c4:b3:e7:07:6c:42:
c4:a1:e5:40:dd:4e:bc:58:7f:e4:35:51:42:70:ee:07:62:a4:
a4:f7:83:f5:8b:3e:cb:59:46:47:48:80:15:63:8e:18:9c:56:
75:0b:8b:81:26:4b:69:da:3d:0f:3b:a7:48:7f:2a:c3:92:de:
53:4c:9d:05:fd:2d:26:d3:14:fc:81:ed:ce:fe:9b:19:3d:98:
7a:b7:4c:67:e4:c1:8e:48:58:8f:f7:8d:ec:55:0e:a8:ef:67:
69:99:da:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQdV2gGqZ4S4qVNy8iJA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzhkNTc3NDdmNzI5NzAwZWYyZjU2MTRmNmRmZGVjOGQx
MTlmMmQwHhcNMjMwMTAxMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGMzYmI3NjhlMjIzY2UzNGZhYjgxODdiODMxNzBjMjAwZDE4ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/lZsKmedQWPS76oA+EL/KYuJceq
SoBMn1KFSHzF2Svik+wYCmHzmNI2mYVDgSn698rF6w2JsHLA6rQywe/ird4myDs1
aQP1NQ3QaeftvR7egS3/+nQmYjB7AhhDRr1Rq3A1ef898QxGUSqKHcqGClgWwaJT
1s+5ftLTJBQIEyr20shxzXWdlDSY3vaG2BDXXAxTh4UWFajkHrLLFTxTR7cRUDA4
nzX2WdmKlVJMsrfh/mQm4D3a1Ymb/UdzJRtp3IyqYT2pYokT/fxjpDCx0KJA9ksZ
8BBID2p67JO9+yvbb6FuExqsKojBeATcwSJ7+Fq1opr6xgLZ4AS5cyRlIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjDu3aOIjzjT6uBh7gxcMIA0YgOMB8GA1UdIwQY
MBaAFGDI1XdH9ylwDvL1YU9t/eyNEZ8tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgt
ZDc1ZjU5NWZhN2MzLzEveU1PN2RvNGlQT05QcTRHSHVERnd3Z0RSaUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgtZDc1ZjU5NWZhN2Mz
LzEvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCTZngVaYGnkKvNyp4E5an/QvCNKirwhnBzs/461Svj
/TC43cBrLGTVdQTlyGP7rhToVmU5WpZPtH7Bgqg2HttxFjcVZ8ogaKhDT8BcrjSN
mFfI9eO52/RVo0ixdADmDfDtmJepIcYwGE8r5mAlKCAF8NfVZ7zDnh4Fn+x2M1cZ
VZnWXlFueYRcSrTUi6DhLK5P0Asfw31S6JVnTYXEs+cHbELEoeVA3U68WH/kNVFC
cO4HYqSk94P1iz7LWUZHSIAVY44YnFZ1C4uBJktp2j0PO6dIfyrDkt5TTJ0F/S0m
0xT8ge3O/psZPZh6t0xn5MGOSFiP943sVQ6o72dpmdo8
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net