Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/ltPki0nD-xKkSEDb8Jyev3mmkho.roa
File: ltPki0nD-xKkSEDb8Jyev3mmkho.roa (raw, json)
Hash identifier: vhc9uojp5dn65wnUehqZFdylGZ3cSZJUW3EH08ydoGE=
Subject key identifier: 96:D3:E4:8B:49:C3:FB:12:A4:48:40:DB:F0:9C:9E:BF:79:A6:92:1A
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 0185E28CD1076C4DD9062CA6321FB7B9B814
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/ltPki0nD-xKkSEDb8Jyev3mmkho.roa
Signing time: Tue 24 Jan 2023 06:52:37 +0000
ROA not before: Tue 24 Jan 2023 06:52:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.84.0/24 maxlen: 24
89.250.85.0/24 maxlen: 24
89.250.82.0/24 maxlen: 24
89.250.83.0/24 maxlen: 24
89.250.81.0/24 maxlen: 24
89.250.80.0/20 maxlen: 24
89.250.86.0/24 maxlen: 24
89.250.87.0/24 maxlen: 24
89.250.91.0/24 maxlen: 24
89.250.89.0/24 maxlen: 24
89.250.90.0/24 maxlen: 24
89.250.88.0/24 maxlen: 24
89.250.93.0/24 maxlen: 24
89.250.94.0/24 maxlen: 24
89.250.92.0/24 maxlen: 24
89.250.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:8c:d1:07:6c:4d:d9:06:2c:a6:32:1f:b7:b9:b8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Jan 24 06:52:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96d3e48b49c3fb12a44840dbf09c9ebf79a6921a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:d2:b3:7a:55:34:dd:9b:d3:b9:2a:ed:4e:
ea:3a:33:53:13:ce:5c:ac:63:ac:33:5f:e0:9c:d4:
16:bc:e7:4a:3b:d8:52:2c:43:83:e6:72:b4:84:3c:
1d:cc:1c:96:ca:53:ea:25:64:cc:7c:df:f2:94:b8:
7e:81:53:ac:ae:a8:ed:5f:4c:fe:e9:e5:03:1f:65:
0c:70:4b:7e:b9:a9:c6:4b:87:e9:49:bb:eb:7f:6d:
fa:71:45:bb:96:4a:c3:0d:c3:ee:3e:71:ba:5e:00:
6f:e9:7c:c8:c1:68:01:df:be:2b:a8:72:32:24:03:
a5:a8:67:15:e0:41:03:9b:cf:34:55:03:ce:92:91:
6d:f5:21:ae:36:2a:58:cc:f3:f0:71:8d:f5:4d:90:
c0:7b:d6:73:64:df:ff:6b:f4:01:bf:da:bb:29:a7:
d8:06:31:c0:73:1f:44:1e:f1:73:a3:81:2c:bd:9c:
5a:bb:0f:ab:11:7f:2a:a2:76:9a:d4:e0:41:ba:4c:
f8:d2:ed:7f:f2:5f:36:0c:54:2a:43:9c:9e:a0:f8:
74:77:4a:87:8e:13:c6:4f:6c:59:15:68:db:22:72:
e5:0d:24:1d:a3:70:0a:ed:50:1f:a9:8a:a0:84:c9:
2e:59:bd:1d:ac:6c:2c:cc:60:13:c1:33:24:16:79:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D3:E4:8B:49:C3:FB:12:A4:48:40:DB:F0:9C:9E:BF:79:A6:92:1A
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/ltPki0nD-xKkSEDb8Jyev3mmkho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
69:b1:3e:d1:d7:57:36:cf:63:94:40:c7:95:b8:7f:47:f5:80:
bd:ed:14:2c:e1:21:74:f7:f8:b5:8c:f2:9d:a0:12:c6:62:63:
af:f4:1b:93:b1:15:d2:33:9b:9f:24:97:98:f6:ea:29:33:78:
a3:f3:33:65:aa:b3:27:e5:10:59:d9:97:9a:61:ae:99:73:0f:
91:fa:92:f2:6c:98:e4:69:d5:45:15:61:ac:4b:da:f3:c8:ea:
cc:25:9c:0a:02:7c:79:50:c0:5a:7b:42:df:1c:30:a8:71:e0:
de:5a:ca:cb:c8:b1:c9:2e:3b:ae:ec:b8:41:3c:60:8b:5b:fc:
48:9a:7f:ca:dc:5a:bf:11:e6:be:dd:04:dd:c0:1a:2e:2c:58:
04:4e:cd:57:02:b3:58:8c:dc:99:05:6f:a7:7f:4d:05:43:43:
1d:40:05:b8:a5:dd:1b:2b:c0:05:9b:99:64:05:bc:34:41:98:
fa:df:76:ad:be:0b:01:af:38:44:90:ec:29:1a:4b:7c:c4:d6:
dc:72:40:6d:3c:4d:58:b8:09:c6:4a:bf:2a:e7:ad:72:f3:59:
20:7d:b2:bc:64:3c:fa:5b:54:fb:e5:a7:79:b8:07:b1:00:b1:
06:73:65:21:fc:4e:74:f4:b4:71:35:4d:2d:d7:3b:18:9b:83:
01:21:4d:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXijNEHbE3ZBiymMh+3ubgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjMwMTI0MDY1MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQzZTQ4YjQ5YzNmYjEyYTQ0ODQwZGJmMDljOWViZjc5YTY5MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPfSs3pVNN2b07kq7U7qOjNTE85c
rGOsM1/gnNQWvOdKO9hSLEOD5nK0hDwdzByWylPqJWTMfN/ylLh+gVOsrqjtX0z+
6eUDH2UMcEt+uanGS4fpSbvrf236cUW7lkrDDcPuPnG6XgBv6XzIwWgB374rqHIy
JAOlqGcV4EEDm880VQPOkpFt9SGuNipYzPPwcY31TZDAe9ZzZN//a/QBv9q7KafY
BjHAcx9EHvFzo4EsvZxauw+rEX8qonaa1OBBukz40u1/8l82DFQqQ5yeoPh0d0qH
jhPGT2xZFWjbInLlDSQdo3AK7VAfqYqghMkuWb0drGwszGATwTMkFnkqnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbT5ItJw/sSpEhA2/Ccnr95ppIaMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvbHRQa2kwbkQteEtrU0VEYjhKeWV2M21ta2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBpsT7R11c2z2OUQMeVuH9H9YC97RQs4SF09/i1jPKd
oBLGYmOv9BuTsRXSM5ufJJeY9uopM3ij8zNlqrMn5RBZ2ZeaYa6Zcw+R+pLybJjk
adVFFWGsS9rzyOrMJZwKAnx5UMBae0LfHDCoceDeWsrLyLHJLjuu7LhBPGCLW/xI
mn/K3Fq/Eea+3QTdwBouLFgETs1XArNYjNyZBW+nf00FQ0MdQAW4pd0bK8AFm5lk
Bbw0QZj633atvgsBrzhEkOwpGkt8xNbcckBtPE1YuAnGSr8q561y81kgfbK8ZDz6
W1T75ad5uAexALEGc2Uh/E509LRxNU0t1zsYm4MBIU0a
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:54 2024 by rpki-client on console.sobornost.net