Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/6jli8UPCkgfGgVjE-dbfpOyyu1A.roa
File: 6jli8UPCkgfGgVjE-dbfpOyyu1A.roa (raw, json)
Hash identifier: FxEw12P92dp4xTIzl8MnR1Ht+GIGG/6RbwrCn1B+7JU=
Subject key identifier: EA:39:62:F1:43:C2:92:07:C6:81:58:C4:F9:D6:DF:A4:EC:B2:BB:50
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 01856E790BC449A4E2931C317B6103A14F9E
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/6jli8UPCkgfGgVjE-dbfpOyyu1A.roa
Signing time: Sun 01 Jan 2023 17:55:04 +0000
ROA not before: Sun 01 Jan 2023 17:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25335
IP address blocks: 185.105.56.0/23 maxlen: 23
185.105.58.0/23 maxlen: 23
185.122.130.0/23 maxlen: 23
185.116.172.0/23 maxlen: 23
185.130.36.0/23 maxlen: 23
185.127.56.0/23 maxlen: 23
185.130.38.0/23 maxlen: 23
185.116.175.0/24 maxlen: 24
185.127.58.0/23 maxlen: 23
185.129.10.0/23 maxlen: 23
185.129.8.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:0b:c4:49:a4:e2:93:1c:31:7b:61:03:a1:4f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 1 17:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea3962f143c29207c68158c4f9d6dfa4ecb2bb50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:eb:0c:6f:a7:00:c1:52:21:42:0f:bb:8e:f5:
04:26:40:20:8d:e5:d1:4f:e7:6d:89:90:62:ff:bd:
27:28:3a:77:75:6f:1c:75:37:e1:98:3b:c8:54:02:
ca:01:0f:8c:24:81:20:77:cc:be:88:ee:27:96:96:
37:1c:32:de:48:2d:0b:4b:64:cf:c6:63:a0:ac:94:
41:56:c0:e9:72:05:a1:97:3b:bf:46:bb:55:d7:1d:
a9:be:6f:b9:49:4c:c7:16:0c:f2:ba:0d:b1:e8:46:
ba:8b:ee:0f:2a:5c:a5:b3:4f:b5:53:f5:87:42:ac:
c2:ab:43:24:01:ad:9e:f7:7f:e7:99:16:29:a1:94:
99:58:30:e1:16:88:b3:e7:9f:07:cb:92:d1:a6:f3:
26:f1:d6:98:d0:16:b4:75:99:d2:3d:0d:f6:d9:8e:
ce:4b:03:a0:68:19:4d:8e:73:e5:04:43:45:7f:f9:
ba:c6:47:c1:d8:a2:c1:50:a5:89:eb:8c:72:1e:d7:
30:52:71:c7:37:8b:12:94:5c:22:78:ff:9a:96:31:
bf:11:10:47:0e:d0:2b:bc:71:f8:0c:37:38:d8:67:
4c:7e:32:15:40:a3:10:89:9e:93:eb:19:c6:11:43:
5e:34:fe:4f:a1:66:d7:cd:c2:76:39:24:1c:c1:4c:
97:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:39:62:F1:43:C2:92:07:C6:81:58:C4:F9:D6:DF:A4:EC:B2:BB:50
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/6jli8UPCkgfGgVjE-dbfpOyyu1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.56.0/22
185.116.172.0/23
185.116.175.0/24
185.122.130.0/23
185.127.56.0/22
185.129.8.0/22
185.130.36.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:44:cb:aa:80:f7:d7:45:45:37:6f:04:ee:5b:01:fd:f7:42:
00:26:eb:85:91:fc:4f:fa:7b:a6:60:8f:06:98:4e:51:40:30:
ec:78:1b:94:c7:3b:b1:91:31:76:7e:7d:5a:4c:f1:4f:bc:03:
64:cb:76:e6:4f:a2:ad:01:b9:4b:dc:3d:d8:4b:d0:9c:1d:c2:
65:fb:c7:b5:01:d8:45:d6:3e:a4:dc:72:11:1f:b1:12:80:a3:
0c:53:5e:f2:ab:50:d4:80:f9:48:aa:9d:3e:a4:ac:66:77:2e:
27:96:4f:5f:de:34:43:25:ae:d7:7d:66:39:75:67:80:66:40:
7d:1d:c6:e2:c6:1f:fc:69:0e:2b:30:e8:d3:00:eb:26:0a:fc:
53:11:ad:27:5c:dc:c9:91:2a:39:fd:16:6f:d1:16:6f:6a:0e:
d2:9a:ce:72:ee:e6:b0:68:3b:81:88:9a:82:77:71:ae:dd:8e:
17:aa:c6:59:4e:62:d3:fd:3d:74:2d:f9:99:64:3c:ef:0f:c9:
11:71:6f:bd:96:85:41:e2:15:ec:85:12:5d:e5:3c:56:ba:91:
e8:97:bc:8c:8e:e7:f7:7b:90:b2:46:4a:6c:0c:55:72:b1:5f:
00:bd:c2:56:50:2e:2f:ed:17:56:10:67:b8:ae:16:9f:eb:60:
64:97:fc:2e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVueQvESaTikxwxe2EDoU+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwMTAxMTc1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM5NjJmMTQzYzI5MjA3YzY4MTU4YzRmOWQ2ZGZhNGVjYjJiYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOsMb6cAwVIhQg+7jvUEJkAgjeXR
T+dtiZBi/70nKDp3dW8cdTfhmDvIVALKAQ+MJIEgd8y+iO4nlpY3HDLeSC0LS2TP
xmOgrJRBVsDpcgWhlzu/RrtV1x2pvm+5SUzHFgzyug2x6Ea6i+4PKlyls0+1U/WH
QqzCq0MkAa2e93/nmRYpoZSZWDDhFoiz558Hy5LRpvMm8daY0Ba0dZnSPQ322Y7O
SwOgaBlNjnPlBENFf/m6xkfB2KLBUKWJ64xyHtcwUnHHN4sSlFwieP+aljG/ERBH
DtArvHH4DDc42GdMfjIVQKMQiZ6T6xnGEUNeNP5PoWbXzcJ2OSQcwUyX9wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOo5YvFDwpIHxoFYxPnW36TssrtQMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvNmpsaThVUENrZ2ZHZ1ZqRS1kYmZwT3l5dTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCuWk4AwQB
uXSsAwQAuXSvAwQBuXqCAwQCuX84AwQCuYEIAwQCuYIkMA0GCSqGSIb3DQEBCwUA
A4IBAQCuRMuqgPfXRUU3bwTuWwH990IAJuuFkfxP+numYI8GmE5RQDDseBuUxzux
kTF2fn1aTPFPvANky3bmT6KtAblL3D3YS9CcHcJl+8e1AdhF1j6k3HIRH7ESgKMM
U17yq1DUgPlIqp0+pKxmdy4nlk9f3jRDJa7XfWY5dWeAZkB9Hcbixh/8aQ4rMOjT
AOsmCvxTEa0nXNzJkSo5/RZv0RZvag7Sms5y7uawaDuBiJqCd3Gu3Y4XqsZZTmLT
/T10LfmZZDzvD8kRcW+9loVB4hXshRJd5TxWupHol7yMjuf3e5CyRkpsDFVysV8A
vcJWUC4v7RdWEGe4rhaf62Bkl/wu
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:54 2023 by rpki-client on console.sobornost.net