Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/ouwaebFIswKRtGN-aflNBlzURHk.roa
File: ouwaebFIswKRtGN-aflNBlzURHk.roa (raw, json)
Hash identifier: OIxD970ZYs18t/ls05xl4pyGTR7Ui0or4NVXbCXXjoQ=
Subject key identifier: A2:EC:1A:79:B1:48:B3:02:91:B4:63:7E:69:F9:4D:06:5C:D4:44:79
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 018C67B46B1A8D3D352B92FBAA75DF85810A
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/ouwaebFIswKRtGN-aflNBlzURHk.roa
Signing time: Thu 14 Dec 2023 09:42:06 +0000
ROA not before: Thu 14 Dec 2023 09:42:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41528
IP address blocks: 109.235.175.0/24 maxlen: 24
109.235.174.0/24 maxlen: 24
109.235.174.0/23 maxlen: 23
185.71.158.0/24 maxlen: 24
2a00:1968::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:b4:6b:1a:8d:3d:35:2b:92:fb:aa:75:df:85:81:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Dec 14 09:42:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2ec1a79b148b30291b4637e69f94d065cd44479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:28:be:92:b4:07:18:b3:52:c5:18:0f:39:1f:
cd:fb:dd:c3:b5:8b:6f:5e:25:83:86:34:46:da:ab:
3b:32:26:26:eb:87:ba:5c:5e:0d:72:66:3b:b0:59:
64:b2:94:c5:76:10:8f:cc:6f:eb:d7:b1:20:4a:04:
0a:5e:a5:6f:87:62:ca:e5:c6:1e:03:dc:10:5c:af:
5f:62:f3:e0:eb:c8:9a:27:44:c1:fe:24:43:a5:da:
8e:6c:20:03:f7:bd:5f:70:88:2b:a5:a6:7a:49:64:
de:6d:e3:6d:db:66:99:fb:4e:74:f9:37:08:69:cf:
9f:7e:ae:b8:6b:8a:bb:ab:c4:9e:75:a1:36:76:55:
0e:68:43:2e:5f:2f:20:e6:27:74:65:8b:04:bc:66:
de:67:e0:6a:47:17:6a:17:88:a0:9e:05:1c:6e:3e:
61:4b:2f:13:84:6e:4d:6c:82:d0:d3:74:59:ab:91:
80:41:73:32:ae:97:6e:29:62:0b:10:cb:0a:90:ae:
c9:bd:b5:b2:b9:1e:45:de:22:cd:7c:f1:27:24:33:
77:82:ab:75:a0:7c:1d:f9:c5:dc:64:f4:89:1b:1d:
55:8e:09:19:fb:1e:cb:89:0c:4c:cf:da:1a:69:90:
40:e1:82:04:88:dd:ed:58:75:b4:ac:f3:9e:28:83:
45:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EC:1A:79:B1:48:B3:02:91:B4:63:7E:69:F9:4D:06:5C:D4:44:79
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/ouwaebFIswKRtGN-aflNBlzURHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.174.0/23
185.71.158.0/24
IPv6:
2a00:1968::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ef:97:ab:4b:05:d8:02:f0:ad:47:69:5e:69:4e:e4:5c:59:
05:57:56:e8:e8:35:4a:8b:bd:63:bc:4a:26:78:e8:57:04:e3:
70:52:7d:11:e6:d4:cd:95:fd:6c:31:06:89:cb:e8:9e:0b:14:
56:77:79:b8:df:80:1f:7f:ef:b4:14:6a:6d:90:cd:6f:dc:99:
0e:77:d0:9e:aa:fd:a0:c4:05:56:69:87:4e:09:4c:82:06:7e:
83:70:44:04:58:51:08:4c:48:04:b0:de:55:b9:72:73:65:b5:
8a:1c:13:18:5d:41:2d:03:9e:ff:c5:85:da:35:a1:7f:dd:58:
74:fb:bd:c0:5b:17:a7:6e:c6:cb:31:fe:01:a7:df:46:e5:15:
2d:56:b2:2d:3b:a9:38:91:76:b5:3f:0a:42:85:bb:1f:c0:10:
cc:87:f8:69:a3:87:65:11:a7:ad:a7:d5:39:b3:5c:f3:34:58:
d7:64:98:6d:b9:e9:79:76:50:25:0b:48:fd:97:7b:7d:a0:53:
76:90:d8:b6:68:9f:70:aa:d9:0b:a6:37:1d:87:4a:c3:cc:bd:
2e:66:eb:dc:74:d2:61:ea:cd:1b:05:71:96:7b:7f:a5:1a:d2:
84:f9:6a:ae:ce:8f:fc:9a:06:8e:9d:58:af:cd:4f:cb:c9:05:
cd:ec:3a:57
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYxntGsajT01K5L7qnXfhYEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjMxMjE0MDk0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVjMWE3OWIxNDhiMzAyOTFiNDYzN2U2OWY5NGQwNjVjZDQ0NDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCi+krQHGLNSxRgPOR/N+93DtYtv
XiWDhjRG2qs7MiYm64e6XF4NcmY7sFlkspTFdhCPzG/r17EgSgQKXqVvh2LK5cYe
A9wQXK9fYvPg68iaJ0TB/iRDpdqObCAD971fcIgrpaZ6SWTebeNt22aZ+050+TcI
ac+ffq64a4q7q8SedaE2dlUOaEMuXy8g5id0ZYsEvGbeZ+BqRxdqF4igngUcbj5h
Sy8ThG5NbILQ03RZq5GAQXMyrpduKWILEMsKkK7JvbWyuR5F3iLNfPEnJDN3gqt1
oHwd+cXcZPSJGx1VjgkZ+x7LiQxMz9oaaZBA4YIEiN3tWHW0rPOeKINF8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKLsGnmxSLMCkbRjfmn5TQZc1ER5MB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvb3V3YWViRklzd0tSdEdOLWFmbE5CbHpVUkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBbeuuAwQA
uUeeMA8EAgACMAkDBwAqABloAAAwDQYJKoZIhvcNAQELBQADggEBAJ3vl6tLBdgC
8K1HaV5pTuRcWQVXVujoNUqLvWO8SiZ46FcE43BSfRHm1M2V/WwxBonL6J4LFFZ3
ebjfgB9/77QUam2QzW/cmQ530J6q/aDEBVZph04JTIIGfoNwRARYUQhMSASw3lW5
cnNltYocExhdQS0Dnv/Fhdo1oX/dWHT7vcBbF6duxssx/gGn30blFS1Wsi07qTiR
drU/CkKFux/AEMyH+Gmjh2URp62n1TmzXPM0WNdkmG256Xl2UCULSP2Xe32gU3aQ
2LZon3Cq2QumNx2HSsPMvS5m69x00mHqzRsFcZZ7f6Ua0oT5aq7Oj/yaBo6dWK/N
T8vJBc3sOlc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:50 2024 by rpki-client on console.sobornost.net