Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/YZ8SYqSbQ7au3Ra_DdBpOHp3pCE.roa
File: YZ8SYqSbQ7au3Ra_DdBpOHp3pCE.roa (raw, json)
Hash identifier: qQawbRKwJEn0yqtdZReISJefNw4vaoFFXhbCz1pJOFY=
Subject key identifier: 61:9F:12:62:A4:9B:43:B6:AE:DD:16:BF:0D:D0:69:38:7A:77:A4:21
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 01856FE6EB7616355EA02255F2E2C67D2F7C
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/YZ8SYqSbQ7au3Ra_DdBpOHp3pCE.roa
Signing time: Mon 02 Jan 2023 00:34:42 +0000
ROA not before: Mon 02 Jan 2023 00:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39326
IP address blocks: 80.71.0.0/19 maxlen: 24
194.0.77.0/24 maxlen: 24
194.0.78.0/23 maxlen: 24
46.17.56.0/21 maxlen: 24
195.90.121.0/24 maxlen: 24
80.71.27.0/24 maxlen: 24
195.90.120.0/23 maxlen: 24
93.89.80.0/20 maxlen: 24
185.75.28.0/22 maxlen: 24
185.75.30.0/24 maxlen: 24
217.196.224.0/19 maxlen: 24
77.75.104.0/21 maxlen: 24
89.248.16.0/20 maxlen: 24
37.46.200.0/21 maxlen: 24
195.238.232.0/24 maxlen: 24
2a01:348:62::/48 maxlen: 48
2a01:348::/32 maxlen: 32
2a01:348:fab::/48 maxlen: 48
2001:a08::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:eb:76:16:35:5e:a0:22:55:f2:e2:c6:7d:2f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 2 00:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619f1262a49b43b6aedd16bf0dd069387a77a421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ab:42:99:60:c6:22:7f:e2:46:3e:3d:3b:73:
01:9e:c9:33:ae:5c:2f:a4:6b:81:c9:09:52:55:f9:
31:9b:3b:e9:e4:be:43:01:19:ed:63:d7:cc:11:8c:
9f:45:0f:6a:7c:54:7e:cb:cf:54:fd:1e:c4:0b:cb:
fc:4b:f3:5d:a5:13:ca:f0:4e:38:ce:af:06:29:34:
bc:9b:97:10:ae:a1:49:91:13:8b:eb:0e:54:93:1e:
cf:ea:c3:5b:0c:a7:de:d0:b9:d0:30:19:51:3a:20:
47:2d:1c:a7:98:ee:d0:be:10:0e:1d:c0:4a:8f:da:
bf:48:aa:1e:c5:96:8d:1d:22:98:24:66:c5:75:39:
f6:e5:2c:4d:c1:aa:1f:81:24:4a:a6:3c:b8:98:bb:
ac:c0:1e:ea:49:96:47:db:97:ff:0a:00:0e:23:fd:
5e:b3:d2:74:b3:8d:41:a7:6a:22:25:7a:a9:23:03:
2d:13:59:72:75:1e:2a:d1:50:db:86:67:93:c5:ba:
4b:2f:90:9c:00:04:ea:b6:58:01:b1:7f:36:0d:08:
4d:18:c2:64:b7:e7:83:2c:0c:9e:66:3a:7a:91:f7:
86:1e:12:6f:e2:7f:b7:17:af:cd:25:7a:37:86:68:
4c:19:2d:ae:b7:3e:ad:bb:a4:85:74:a0:55:c0:73:
46:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9F:12:62:A4:9B:43:B6:AE:DD:16:BF:0D:D0:69:38:7A:77:A4:21
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/YZ8SYqSbQ7au3Ra_DdBpOHp3pCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.200.0/21
46.17.56.0/21
77.75.104.0/21
80.71.0.0/19
89.248.16.0/20
93.89.80.0/20
185.75.28.0/22
194.0.77.0-194.0.79.255
195.90.120.0/23
195.238.232.0/24
217.196.224.0/19
IPv6:
2001:a08::/32
2a01:348::/32
Signature Algorithm: sha256WithRSAEncryption
b9:16:82:64:f4:33:4d:cc:40:14:49:9c:c5:f4:44:28:a6:a4:
90:1d:7a:a1:24:d0:60:a6:70:0d:6b:76:4b:22:5b:cd:00:b5:
e9:f4:0a:9d:48:69:60:1d:c0:9e:ea:08:34:7b:dc:a3:ac:af:
5d:d7:43:61:dc:36:1a:bf:9f:c8:cf:77:89:44:47:ae:ff:8e:
04:ff:e1:65:15:f0:0a:e6:10:27:01:27:60:c7:e6:52:3b:85:
76:85:f8:7c:d8:fe:b9:f3:b2:21:75:f4:fa:05:02:3b:56:0a:
ff:35:49:ee:a6:aa:51:02:e2:e5:89:82:38:16:95:e3:5c:40:
c6:13:db:89:18:e1:95:fd:42:7b:f5:44:4d:3d:22:a0:cf:38:
aa:29:a0:3e:86:a2:f8:9d:9e:20:70:91:de:6a:9e:50:7e:54:
35:e4:65:8a:ee:62:f4:b7:dc:04:cc:8c:a3:60:87:7f:06:38:
d1:03:0d:bd:3e:ae:7d:88:c1:f6:32:e6:64:07:54:c9:5f:9c:
50:d4:81:2b:31:b1:fa:7c:ac:e8:50:ab:61:e7:31:76:2d:31:
ac:00:7e:f6:8c:c1:9d:f4:2b:f2:38:e4:9a:ba:4f:62:fd:43:
b4:ed:b5:f9:b8:2d:74:20:b2:bc:c9:69:ca:ca:1a:d5:78:33:
8d:c1:61:30
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVv5ut2FjVeoCJV8uLGfS98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjMwMTAyMDAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlmMTI2MmE0OWI0M2I2YWVkZDE2YmYwZGQwNjkzODdhNzdhNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkatCmWDGIn/iRj49O3MBnskzrlwv
pGuByQlSVfkxmzvp5L5DARntY9fMEYyfRQ9qfFR+y89U/R7EC8v8S/NdpRPK8E44
zq8GKTS8m5cQrqFJkROL6w5Ukx7P6sNbDKfe0LnQMBlROiBHLRynmO7QvhAOHcBK
j9q/SKoexZaNHSKYJGbFdTn25SxNwaofgSRKpjy4mLuswB7qSZZH25f/CgAOI/1e
s9J0s41Bp2oiJXqpIwMtE1lydR4q0VDbhmeTxbpLL5CcAATqtlgBsX82DQhNGMJk
t+eDLAyeZjp6kfeGHhJv4n+3F6/NJXo3hmhMGS2utz6tu6SFdKBVwHNGIQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGGfEmKkm0O2rt0Wvw3QaTh6d6QhMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvWVo4U1lxU2JRN2F1M1JhX0RkQnBPSHAzcENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDJS7IAwQD
LhE4AwQDTUtoAwQFUEcAAwQEWfgQAwQEXVlQAwQCuUscMAwDBADCAE0DBATCAEAD
BAHDWngDBADD7ugDBAXZxOAwFAQCAAIwDgMFACABCggDBQAqAQNIMA0GCSqGSIb3
DQEBCwUAA4IBAQC5FoJk9DNNzEAUSZzF9EQopqSQHXqhJNBgpnANa3ZLIlvNALXp
9AqdSGlgHcCe6gg0e9yjrK9d10Nh3DYav5/Iz3eJREeu/44E/+FlFfAK5hAnASdg
x+ZSO4V2hfh82P6587IhdfT6BQI7Vgr/NUnupqpRAuLliYI4FpXjXEDGE9uJGOGV
/UJ79URNPSKgzziqKaA+hqL4nZ4gcJHeap5QflQ15GWK7mL0t9wEzIyjYId/BjjR
Aw29Pq59iMH2MuZkB1TJX5xQ1IErMbH6fKzoUKth5zF2LTGsAH72jMGd9CvyOOSa
uk9i/UO07bX5uC10ILK8yWnKyhrVeDONwWEw
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:29 2024 by rpki-client on console.sobornost.net