Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/XrTFU9MD1FMW0rZuSXbA-5mG74c.roa
File: XrTFU9MD1FMW0rZuSXbA-5mG74c.roa (raw, json)
Hash identifier: sUsIczTtXBMTIyMUY/ThxyiYjHsUrqpwlWAE1biuAmU=
Subject key identifier: 5E:B4:C5:53:D3:03:D4:53:16:D2:B6:6E:49:76:C0:FB:99:86:EF:87
Certificate issuer: /CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Certificate serial: 0186EA114BFC863802323D6DC933DC66ED0F
Authority key identifier: AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/XrTFU9MD1FMW0rZuSXbA-5mG74c.roa
Signing time: Thu 16 Mar 2023 10:57:27 +0000
ROA not before: Thu 16 Mar 2023 10:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29104
IP address blocks: 192.54.144.0/24 maxlen: 24
185.116.132.0/22 maxlen: 22
185.116.134.0/24 maxlen: 24
37.35.0.0/21 maxlen: 21
193.56.125.0/24 maxlen: 24
193.56.124.0/23 maxlen: 23
193.56.124.0/24 maxlen: 24
37.35.6.0/24 maxlen: 24
193.56.130.0/23 maxlen: 23
193.56.130.0/24 maxlen: 24
193.56.131.0/24 maxlen: 24
2a00:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:11:4b:fc:86:38:02:32:3d:6d:c9:33:dc:66:ed:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Validity
Not Before: Mar 16 10:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eb4c553d303d45316d2b66e4976c0fb9986ef87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:f1:34:61:c7:88:8b:58:e2:a4:f8:6e:7f:
61:ad:a3:ae:64:64:0f:2c:d4:a2:3b:6a:b6:2e:c5:
21:f1:be:0d:ca:a1:fc:42:8d:a5:e5:35:1c:af:13:
b2:1f:a8:8b:7a:77:7d:04:c0:57:4f:58:7a:8e:09:
09:4b:fd:e4:5d:39:56:30:86:06:c0:53:43:c0:b9:
a9:92:3b:c2:cc:9f:f8:97:3f:dc:6d:4b:a4:65:bc:
d9:65:71:30:78:42:2b:8e:e0:01:e9:42:5d:31:42:
3d:33:ee:3f:9b:95:6a:c7:96:04:14:f1:66:f8:40:
36:2b:0c:95:0b:93:80:8a:62:89:73:ca:29:39:27:
eb:bf:33:2c:b6:95:77:42:72:4b:f0:8a:e1:f2:8a:
ef:7c:ea:c8:47:89:00:3e:f6:6f:6d:8b:98:e8:2f:
36:c9:2c:13:88:28:af:e4:84:1f:93:76:54:c3:d5:
fc:cd:ae:d8:c5:f2:7b:69:98:82:1e:88:76:ba:88:
4a:d5:2a:44:a8:2b:6a:42:94:b0:cb:ac:cc:fa:97:
be:ef:d5:80:da:7d:fc:a9:f0:f2:35:b3:41:f4:d7:
16:3e:f1:a9:a2:d7:df:c2:25:ca:56:fe:70:4f:95:
c7:4c:d2:34:cf:f7:af:11:c2:ae:14:b4:82:4e:5a:
09:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B4:C5:53:D3:03:D4:53:16:D2:B6:6E:49:76:C0:FB:99:86:EF:87
X509v3 Authority Key Identifier:
keyid:AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/XrTFU9MD1FMW0rZuSXbA-5mG74c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.0.0/21
185.116.132.0/22
192.54.144.0/24
193.56.124.0/23
193.56.130.0/23
IPv6:
2a00:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
22:28:3d:33:bb:62:d8:f2:3d:59:e3:b2:f7:ed:e1:21:ed:3f:
b9:b3:7a:bf:b8:45:07:cc:21:34:91:44:b6:19:0e:9d:fe:52:
36:18:ba:3e:ba:68:6a:40:32:3f:08:4f:61:87:82:38:c7:a9:
dc:05:a4:2d:d7:c2:87:df:cb:ea:a0:b3:cd:12:6e:cf:61:7c:
54:ec:0f:e8:98:46:4f:4d:1e:37:f3:39:e0:bc:e8:80:27:65:
63:29:17:03:a2:a4:d4:92:a1:8a:25:da:af:a1:4c:bb:79:6d:
6e:19:2d:0d:51:69:e8:8b:f3:fe:dd:ce:77:9e:59:05:60:40:
3d:21:46:67:3d:91:e3:63:9f:62:80:77:61:e9:eb:08:cf:45:
5e:6d:d9:98:5c:bc:a9:b3:66:70:fc:93:e4:8b:fd:5d:12:71:
60:b4:49:a3:e6:5c:ac:91:29:e6:39:38:38:cb:e5:68:ef:52:
fc:e2:b2:9c:ef:20:ec:e0:35:d6:2e:fe:35:98:c3:3c:47:2c:
6c:a4:52:e4:c7:0d:1b:3b:e3:63:ad:e3:42:53:30:6b:69:6f:
63:81:ba:bc:c2:d4:5c:63:18:a2:36:80:83:f8:38:7c:fe:7a:
57:cd:9e:39:05:d9:d6:7b:d6:d1:84:62:b5:5c:c3:c1:21:4b:
ab:2f:da:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYbqEUv8hjgCMj1tyTPcZu0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWUyZWZjZGMyMTNhYzViMWIwODc5ZDkyMmExNzhiODUw
ZjQ1MWYwHhcNMjMwMzE2MTA1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI0YzU1M2QzMDNkNDUzMTZkMmI2NmU0OTc2YzBmYjk5ODZlZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZPxNGHHiItY4qT4bn9hraOuZGQP
LNSiO2q2LsUh8b4NyqH8Qo2l5TUcrxOyH6iLend9BMBXT1h6jgkJS/3kXTlWMIYG
wFNDwLmpkjvCzJ/4lz/cbUukZbzZZXEweEIrjuAB6UJdMUI9M+4/m5Vqx5YEFPFm
+EA2KwyVC5OAimKJc8opOSfrvzMstpV3QnJL8Irh8orvfOrIR4kAPvZvbYuY6C82
ySwTiCiv5IQfk3ZUw9X8za7YxfJ7aZiCHoh2uohK1SpEqCtqQpSwy6zM+pe+79WA
2n38qfDyNbNB9NcWPvGpotffwiXKVv5wT5XHTNI0z/evEcKuFLSCTloJswIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF60xVPTA9RTFtK2bkl2wPuZhu+HMB8GA1UdIwQY
MBaAFKyeLvzcITrFsbCHnZIqF4uFD0UfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEt
N2M3YmYyNzE3NWM1LzEvWHJURlU5TUQxRk1XMHJadVNYYkEtNW1HNzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEtN2M3YmYyNzE3NWM1
LzEvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJSMAAwQC
uXSEAwQAwDaQAwQBwTh8AwQBwTiCMA0EAgACMAcDBQAqAE9AMA0GCSqGSIb3DQEB
CwUAA4IBAQAiKD0zu2LY8j1Z47L37eEh7T+5s3q/uEUHzCE0kUS2GQ6d/lI2GLo+
umhqQDI/CE9hh4I4x6ncBaQt18KH38vqoLPNEm7PYXxU7A/omEZPTR438zngvOiA
J2VjKRcDoqTUkqGKJdqvoUy7eW1uGS0NUWnoi/P+3c53nlkFYEA9IUZnPZHjY59i
gHdh6esIz0VebdmYXLyps2Zw/JPki/1dEnFgtEmj5lyskSnmOTg4y+Vo71L84rKc
7yDs4DXWLv41mMM8RyxspFLkxw0bO+NjreNCUzBraW9jgbq8wtRcYxiiNoCD+Dh8
/npXzZ45BdnWe9bRhGK1XMPBIUurL9qq
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net