Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/q23xBdPcFoZ8RYn0s2Ds7D-uPu8.roa
File: q23xBdPcFoZ8RYn0s2Ds7D-uPu8.roa (raw, json)
Hash identifier: Qu5r0QAIwsbnE7lqFVPFULUG1PA2aORzbLciuY+T0iA=
Subject key identifier: AB:6D:F1:05:D3:DC:16:86:7C:45:89:F4:B3:60:EC:EC:3F:AE:3E:EF
Certificate issuer: /CN=4d13128815103574417ca7a70412da3ab3b84511
Certificate serial: 01856D540816344E264032D0416DFFBBE7B3
Authority key identifier: 4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/q23xBdPcFoZ8RYn0s2Ds7D-uPu8.roa
Signing time: Sun 01 Jan 2023 12:35:01 +0000
ROA not before: Sun 01 Jan 2023 12:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8587
IP address blocks: 91.209.14.0/24 maxlen: 24
91.209.22.0/24 maxlen: 24
91.209.21.0/24 maxlen: 24
195.114.224.0/20 maxlen: 20
212.104.210.0/24 maxlen: 24
91.208.251.0/24 maxlen: 24
94.247.72.0/21 maxlen: 21
2a02:ca0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:08:16:34:4e:26:40:32:d0:41:6d:ff:bb:e7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d13128815103574417ca7a70412da3ab3b84511
Validity
Not Before: Jan 1 12:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab6df105d3dc16867c4589f4b360ecec3fae3eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:40:e7:9a:b8:6c:a7:33:cd:dc:4f:2c:35:da:
13:6a:50:61:01:31:ee:1d:05:5b:c2:1d:20:48:1e:
dc:4c:b6:6d:21:86:6d:52:cf:61:a1:a5:84:4d:cf:
66:1e:95:b3:35:6e:c1:3d:f2:00:cb:f5:be:2a:40:
53:64:25:62:46:96:c0:7f:80:cd:ac:1f:b9:13:3f:
0d:f7:e7:b4:47:b1:dd:6e:93:07:87:36:c2:ce:5c:
0c:a4:df:53:cf:c3:8a:35:00:f4:9f:53:db:ef:79:
1a:8c:c4:5d:f6:da:fd:e8:21:8a:52:45:b5:19:9f:
5c:56:1d:9a:c1:f3:e6:7e:f4:00:31:13:a3:e8:8f:
9b:c7:c4:c1:f8:71:86:32:51:e4:c1:47:52:15:18:
84:66:38:fd:71:53:58:93:d7:06:43:6a:cc:25:da:
fe:aa:8c:5a:73:31:a4:c9:be:69:d3:21:11:fa:6d:
0f:ae:df:95:1b:f3:c6:41:c5:25:e9:1e:15:6b:a3:
90:26:83:8a:08:9c:af:79:b6:04:f5:fe:54:aa:7f:
e0:3f:14:1a:30:32:26:f5:18:36:b3:e4:2e:ec:e1:
43:89:85:63:7e:4c:5b:59:7d:03:27:73:26:1f:8e:
1f:00:1d:f1:a7:c7:3b:24:95:54:9b:08:7a:4e:2f:
c4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6D:F1:05:D3:DC:16:86:7C:45:89:F4:B3:60:EC:EC:3F:AE:3E:EF
X509v3 Authority Key Identifier:
keyid:4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/q23xBdPcFoZ8RYn0s2Ds7D-uPu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.251.0/24
91.209.14.0/24
91.209.21.0-91.209.22.255
94.247.72.0/21
195.114.224.0/20
212.104.210.0/24
IPv6:
2a02:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
32:e8:07:0c:ac:c6:04:7e:82:de:85:ab:3c:7a:d1:6d:71:dd:
d7:72:2e:fa:04:95:cf:c6:96:9c:f4:48:5f:83:cb:ac:21:3b:
29:c7:5c:97:1a:3b:8c:30:f4:4f:d6:f2:33:53:40:84:70:00:
d6:8c:02:df:16:9d:1a:29:f9:52:06:8d:03:cd:d3:3d:df:ef:
e7:57:27:5c:e6:5d:85:e3:44:05:72:22:2b:42:ac:e6:e3:42:
e5:e4:2c:bd:89:52:1a:d7:6f:bd:85:71:89:47:f0:64:4f:72:
59:16:39:38:62:95:98:87:56:2b:80:58:83:a0:52:77:2b:82:
10:d3:5b:a7:29:e0:fb:43:f0:c9:e0:cb:b6:a1:ab:c1:52:39:
cc:2e:97:ae:b8:d4:13:ba:ee:29:7a:e9:92:c4:6f:b8:a3:2c:
e3:67:66:97:ad:a1:da:f8:a2:e0:d0:59:64:e3:db:83:1a:fe:
26:30:e0:63:d7:6e:2e:a1:f2:a3:88:35:71:65:36:fe:d6:2d:
d7:1c:48:1e:52:e9:84:6d:4c:74:ec:07:ef:00:b0:a1:cc:a9:
3e:ae:2a:17:a2:43:b6:cd:5e:06:5a:bc:b7:8d:15:dd:08:75:
42:1a:dc:21:63:30:86:f2:33:e2:2a:5c:5c:4b:9a:db:bd:8d:
a0:d5:8e:bf
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVtVAgWNE4mQDLQQW3/u+ezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTMxMjg4MTUxMDM1NzQ0MTdjYTdhNzA0MTJkYTNhYjNi
ODQ1MTEwHhcNMjMwMTAxMTIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZkZjEwNWQzZGMxNjg2N2M0NTg5ZjRiMzYwZWNlYzNmYWUzZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EDnmrhspzPN3E8sNdoTalBhATHu
HQVbwh0gSB7cTLZtIYZtUs9hoaWETc9mHpWzNW7BPfIAy/W+KkBTZCViRpbAf4DN
rB+5Ez8N9+e0R7HdbpMHhzbCzlwMpN9Tz8OKNQD0n1Pb73kajMRd9tr96CGKUkW1
GZ9cVh2awfPmfvQAMROj6I+bx8TB+HGGMlHkwUdSFRiEZjj9cVNYk9cGQ2rMJdr+
qoxaczGkyb5p0yER+m0Prt+VG/PGQcUl6R4Va6OQJoOKCJyvebYE9f5Uqn/gPxQa
MDIm9Rg2s+Qu7OFDiYVjfkxbWX0DJ3MmH44fAB3xp8c7JJVUmwh6Ti/EAQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKtt8QXT3BaGfEWJ9LNg7Ow/rj7vMB8GA1UdIwQY
MBaAFE0TEogVEDV0QXynpwQS2jqzuEURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMt
ZjU1ZWE0OGNlNzVhLzEvcTIzeEJkUGNGb1o4UlluMHMyRHM3RC11UHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMtZjU1ZWE0OGNlNzVh
LzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQAW9D7AwQA
W9EOMAwDBABb0RUDBABb0RYDBANe90gDBATDcuADBADUaNIwDQQCAAIwBwMFACoC
DKAwDQYJKoZIhvcNAQELBQADggEBADLoBwysxgR+gt6Fqzx60W1x3ddyLvoElc/G
lpz0SF+Dy6whOynHXJcaO4ww9E/W8jNTQIRwANaMAt8WnRop+VIGjQPN0z3f7+dX
J1zmXYXjRAVyIitCrObjQuXkLL2JUhrXb72FcYlH8GRPclkWOThilZiHViuAWIOg
UncrghDTW6cp4PtD8Mngy7ahq8FSOcwul6641BO67il66ZLEb7ijLONnZpetodr4
ouDQWWTj24Ma/iYw4GPXbi6h8qOINXFlNv7WLdccSB5S6YRtTHTsB+8AsKHMqT6u
KheiQ7bNXgZavLeNFd0IdUIa3CFjMIbyM+IqXFxLmtu9jaDVjr8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:00:58 2024 by rpki-client on console.sobornost.net