Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/bF2lC95X7syoU2k4HvxEfXUQMmE.roa
File: bF2lC95X7syoU2k4HvxEfXUQMmE.roa (raw, json)
Hash identifier: y9CHfrVfHsMT1VwAXQ0b052QPCYYKoOFI8+CMDX8/zg=
Subject key identifier: 6C:5D:A5:0B:DE:57:EE:CC:A8:53:69:38:1E:FC:44:7D:75:10:32:61
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 0185700B92F92C3D953D11851D97BC45FD9E
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/bF2lC95X7syoU2k4HvxEfXUQMmE.roa
Signing time: Mon 02 Jan 2023 01:14:44 +0000
ROA not before: Mon 02 Jan 2023 01:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21437
IP address blocks: 81.17.128.0/24 maxlen: 24
81.17.132.0/24 maxlen: 24
81.17.131.0/24 maxlen: 24
81.17.135.0/24 maxlen: 24
81.17.134.0/24 maxlen: 24
81.17.139.0/24 maxlen: 32
81.17.133.0/24 maxlen: 24
81.17.138.0/24 maxlen: 24
81.17.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:92:f9:2c:3d:95:3d:11:85:1d:97:bc:45:fd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Jan 2 01:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c5da50bde57eecca85369381efc447d75103261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:ba:05:f0:cc:32:96:0f:4f:1b:b4:44:97:
de:83:23:0d:d0:26:dc:27:21:5a:90:38:61:23:f6:
a7:b5:57:08:56:58:36:84:49:19:b0:79:0b:32:03:
6b:e0:da:88:a5:77:4b:02:b0:78:43:50:97:dc:c3:
c2:db:32:a3:d8:8e:7c:ba:4a:cd:45:7e:24:b2:4e:
d0:fb:f4:91:f2:18:80:94:96:65:95:93:7e:2d:3c:
52:52:b2:0f:be:58:19:c6:47:a5:27:e2:f4:50:2a:
05:5d:3a:c7:6a:9a:75:11:25:8a:7f:5b:3b:5f:aa:
45:8a:d9:3b:b2:a0:ee:e7:ba:0a:04:9d:6a:4a:d2:
33:55:a8:e0:13:0d:3d:41:0d:09:8b:38:a1:6e:db:
c5:f3:7d:06:38:23:12:ea:4e:3a:99:6c:51:b6:b3:
63:46:17:2f:3f:e8:b7:b6:89:ad:19:70:c3:31:e9:
6f:8a:71:68:d4:53:4a:cc:94:63:0c:ab:06:59:bc:
a4:41:40:07:84:4f:81:d5:31:dc:d2:e4:b4:ec:37:
76:33:ce:e6:9b:aa:9f:25:81:4c:09:b6:3f:ef:a4:
cc:47:5c:b5:d5:7f:3e:0e:a0:1c:4b:2f:29:08:82:
f7:26:f5:3a:bd:f3:7d:46:97:75:8a:c1:99:6e:86:
1d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5D:A5:0B:DE:57:EE:CC:A8:53:69:38:1E:FC:44:7D:75:10:32:61
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/bF2lC95X7syoU2k4HvxEfXUQMmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.128.0/24
81.17.131.0-81.17.136.255
81.17.138.0/23
Signature Algorithm: sha256WithRSAEncryption
35:84:b2:8f:de:83:b5:ef:1e:30:23:ef:8b:eb:6e:54:a8:88:
ab:5c:a3:8c:f3:d7:e2:e2:d7:73:1f:ae:c7:e8:f1:68:d4:e5:
66:8c:87:46:ef:4f:81:4e:4c:31:64:e9:67:ba:73:b6:52:aa:
65:90:0b:e8:50:54:89:cb:7d:bb:8b:ae:7d:e6:5a:47:e0:b7:
e8:cc:ab:a1:6c:a0:54:c2:27:3d:2f:0c:50:12:c1:b8:70:ff:
89:35:9d:45:64:86:5c:ce:5f:8e:7d:ae:fe:21:42:74:dc:ef:
c4:4a:ad:39:e0:e0:dd:3d:48:02:fa:68:d7:b6:8c:2e:69:93:
74:83:d3:5a:2d:c3:eb:21:a3:bd:84:e5:c8:22:be:a7:e4:89:
82:6c:9d:52:ef:0d:b0:a8:f9:fa:b7:6c:52:be:e2:99:cb:65:
fb:f5:a7:6f:c2:71:0c:50:00:24:e7:52:a9:0c:6b:a0:72:8d:
27:4e:8d:27:8b:3a:54:91:f8:41:1a:a7:01:93:2d:c4:5e:e6:
70:26:37:9b:09:04:7b:ae:c2:0d:34:e1:a1:3f:84:ba:3f:e6:
99:d5:6f:1c:91:87:9d:f2:0b:1e:94:98:7e:b8:60:dd:d7:84:
ba:47:6d:77:cb:e9:1f:58:f5:e2:d1:ce:43:f7:69:f5:91:e3:
ed:d9:13:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwC5L5LD2VPRGFHZe8Rf2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTc0YzI4NzhkNmI1MzYxMzliODk1ZjA4YzljNmRiMThl
MTJhOWIwHhcNMjMwMTAyMDExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVkYTUwYmRlNTdlZWNjYTg1MzY5MzgxZWZjNDQ3ZDc1MTAzMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqam6BfDMMpYPTxu0RJfegyMN0Cbc
JyFakDhhI/antVcIVlg2hEkZsHkLMgNr4NqIpXdLArB4Q1CX3MPC2zKj2I58ukrN
RX4ksk7Q+/SR8hiAlJZllZN+LTxSUrIPvlgZxkelJ+L0UCoFXTrHapp1ESWKf1s7
X6pFitk7sqDu57oKBJ1qStIzVajgEw09QQ0JizihbtvF830GOCMS6k46mWxRtrNj
RhcvP+i3tomtGXDDMelvinFo1FNKzJRjDKsGWbykQUAHhE+B1THc0uS07Dd2M87m
m6qfJYFMCbY/76TMR1y11X8+DqAcSy8pCIL3JvU6vfN9Rpd1isGZboYdLQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGxdpQveV+7MqFNpOB78RH11EDJhMB8GA1UdIwQY
MBaAFOBXTCh41rU2E5uJXwjJxtsY4SqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUt
NDQ2MDE5OTY2YTE5LzEvYkYybEM5NVg3c3lvVTJrNEh2eEVmWFVRTW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUtNDQ2MDE5OTY2YTE5
LzEvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURGAMAwD
BABREYMDBABREYgDBAFREYowDQYJKoZIhvcNAQELBQADggEBADWEso/eg7XvHjAj
74vrblSoiKtco4zz1+Li13Mfrsfo8WjU5WaMh0bvT4FOTDFk6We6c7ZSqmWQC+hQ
VInLfbuLrn3mWkfgt+jMq6FsoFTCJz0vDFASwbhw/4k1nUVkhlzOX459rv4hQnTc
78RKrTng4N09SAL6aNe2jC5pk3SD01otw+sho72E5cgivqfkiYJsnVLvDbCo+fq3
bFK+4pnLZfv1p2/CcQxQACTnUqkMa6ByjSdOjSeLOlSR+EEapwGTLcRe5nAmN5sJ
BHuuwg004aE/hLo/5pnVbxyRh53yCx6UmH64YN3XhLpHbXfL6R9Y9eLRzkP3afWR
4+3ZE4Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:55 2024 by rpki-client on console.sobornost.net