Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/oSN2B4leMCaTjaQDaHrE9EaxAJ4.roa
File: oSN2B4leMCaTjaQDaHrE9EaxAJ4.roa (raw, json)
Hash identifier: k0pdMCwxc3sXKud06z39XhTeg4JkuTTj0wOLbtEdH/0=
Subject key identifier: A1:23:76:07:89:5E:30:26:93:8D:A4:03:68:7A:C4:F4:46:B1:00:9E
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 018CC56E1F4C83A4CD1589BCCFBA7F881F17
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/oSN2B4leMCaTjaQDaHrE9EaxAJ4.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207147
IP address blocks: 185.178.88.0/22 maxlen: 24
84.247.4.0/22 maxlen: 24
130.0.88.0/22 maxlen: 24
185.194.120.0/22 maxlen: 24
176.223.176.0/22 maxlen: 24
185.237.40.0/22 maxlen: 24
185.164.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 14:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1f:4c:83:a4:cd:15:89:bc:cf:ba:7f:88:1f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1237607895e3026938da403687ac4f446b1009e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:30:39:8f:c0:2e:60:be:2f:9d:47:22:3a:79:
12:62:9a:ab:4e:61:62:8d:90:9e:4e:0e:1a:4a:fb:
9e:b5:e1:b6:54:13:88:ed:da:c8:62:15:0c:99:19:
a6:32:2c:50:0a:46:87:d0:53:64:66:b3:c1:35:4b:
35:16:7b:38:48:fe:0a:44:20:f9:34:2e:41:35:78:
3b:18:61:0a:7c:8e:5d:cf:1b:29:17:3f:bd:8f:76:
56:32:1a:5b:ac:97:0e:40:12:f8:a5:bd:42:20:88:
54:27:cc:1c:8c:d5:e5:c8:af:b5:d2:b5:15:de:06:
45:53:1e:1f:7a:5e:ba:b6:42:68:63:8e:5b:8e:bd:
b3:80:6d:ea:86:26:2b:a7:bf:cc:aa:4a:fd:4a:71:
07:32:39:01:3e:98:fc:8f:1e:56:08:3b:d9:18:fd:
72:37:2f:53:61:c0:37:c4:ad:99:0b:11:d0:78:da:
9c:6f:ae:1d:11:93:d3:ef:98:24:d7:1a:a5:71:b1:
82:ed:a1:d0:8e:ff:9e:fb:9a:63:53:9a:da:05:d9:
d6:aa:53:2b:dc:48:fe:91:16:aa:c1:73:75:8a:ce:
37:ae:31:77:3a:66:96:7c:8e:fa:d6:d7:23:61:8b:
b8:db:ab:30:d7:b3:85:1c:81:48:7c:70:70:ee:52:
0b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:23:76:07:89:5E:30:26:93:8D:A4:03:68:7A:C4:F4:46:B1:00:9E
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/oSN2B4leMCaTjaQDaHrE9EaxAJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.4.0/22
130.0.88.0/22
176.223.176.0/22
185.164.212.0/22
185.178.88.0/22
185.194.120.0/22
185.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:71:34:96:8b:7e:91:96:db:f1:ec:c8:ee:fd:a1:6c:b2:f1:
cf:2f:71:e6:a7:8d:d8:63:de:4a:e0:6c:4e:49:5b:20:24:4e:
fb:c3:9c:e1:c7:57:6c:ad:46:e6:9f:b2:3d:e0:a5:47:e2:9f:
d7:a3:c1:81:b7:83:f0:25:67:8c:ba:34:de:81:cf:94:cd:8e:
0f:a2:80:56:d3:40:15:c6:61:a6:07:e9:51:b1:6b:38:59:43:
ac:99:ba:87:7d:d3:d7:51:d2:90:f3:15:71:ea:16:42:91:a2:
70:1d:f4:7f:e3:8d:74:00:a4:bd:71:e2:ec:1e:8c:ee:df:b6:
9e:47:96:f0:16:61:db:9b:77:a4:39:f4:3a:55:be:fb:6b:db:
6f:61:6c:7a:3f:ef:37:1c:2d:a8:ec:bd:58:3f:e0:30:c5:56:
90:b2:98:db:97:fd:64:2b:63:80:f0:bd:db:f0:19:b9:08:7d:
b1:10:b6:de:37:42:fd:27:26:f9:29:2b:bb:82:8e:c8:26:8b:
47:52:ce:80:73:af:f6:5e:ec:ad:7c:6b:b6:38:a0:a1:18:76:
95:7d:f8:35:7a:bb:b4:f7:01:90:eb:c7:22:5f:ae:c1:d2:80:
fe:f7:b2:ed:33:be:27:0a:fb:f2:f9:57:d1:f7:31:49:91:49:
2d:f7:16:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzFbh9Mg6TNFYm8z7p/iB8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIzNzYwNzg5NWUzMDI2OTM4ZGE0MDM2ODdhYzRmNDQ2YjEwMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zA5j8AuYL4vnUciOnkSYpqrTmFi
jZCeTg4aSvueteG2VBOI7drIYhUMmRmmMixQCkaH0FNkZrPBNUs1Fns4SP4KRCD5
NC5BNXg7GGEKfI5dzxspFz+9j3ZWMhpbrJcOQBL4pb1CIIhUJ8wcjNXlyK+10rUV
3gZFUx4fel66tkJoY45bjr2zgG3qhiYrp7/Mqkr9SnEHMjkBPpj8jx5WCDvZGP1y
Ny9TYcA3xK2ZCxHQeNqcb64dEZPT75gk1xqlcbGC7aHQjv+e+5pjU5raBdnWqlMr
3Ej+kRaqwXN1is43rjF3OmaWfI761tcjYYu426sw17OFHIFIfHBw7lILIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKEjdgeJXjAmk42kA2h6xPRGsQCeMB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEvb1NOMkI0bGVNQ2FUamFRRGFIckU5RWF4QUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVPcEAwQC
ggBYAwQCsN+wAwQCuaTUAwQCubJYAwQCucJ4AwQCue0oMA0GCSqGSIb3DQEBCwUA
A4IBAQB/cTSWi36Rltvx7Mju/aFssvHPL3Hmp43YY95K4GxOSVsgJE77w5zhx1ds
rUbmn7I94KVH4p/Xo8GBt4PwJWeMujTegc+UzY4PooBW00AVxmGmB+lRsWs4WUOs
mbqHfdPXUdKQ8xVx6hZCkaJwHfR/4410AKS9ceLsHozu37aeR5bwFmHbm3ekOfQ6
Vb77a9tvYWx6P+83HC2o7L1YP+AwxVaQspjbl/1kK2OA8L3b8Bm5CH2xELbeN0L9
Jyb5KSu7go7IJotHUs6Ac6/2XuytfGu2OKChGHaVffg1eru09wGQ68ciX67B0oD+
97LtM74nCvvy+VfR9zFJkUkt9xbb
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:16 2024 by rpki-client on console.sobornost.net