Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/yNtgdniP5tYj_919IN0QlA0ilms.roa
File: yNtgdniP5tYj_919IN0QlA0ilms.roa (raw, json)
Hash identifier: P1FYIq5y6PWeGNVJ30N6vNGI/SLOBX6UGqcrW2bac6c=
Subject key identifier: C8:DB:60:76:78:8F:E6:D6:23:FF:DD:7D:20:DD:10:94:0D:22:96:6B
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 0188B96621B499CB5AF9D7D093DF40B1204C
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/yNtgdniP5tYj_919IN0QlA0ilms.roa
Signing time: Wed 14 Jun 2023 10:14:18 +0000
ROA not before: Wed 14 Jun 2023 10:14:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207147
IP address blocks: 185.178.88.0/22 maxlen: 24
84.247.4.0/22 maxlen: 24
130.0.88.0/22 maxlen: 24
185.194.120.0/22 maxlen: 24
176.223.176.0/22 maxlen: 24
185.237.40.0/22 maxlen: 24
185.164.212.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:66:21:b4:99:cb:5a:f9:d7:d0:93:df:40:b1:20:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Jun 14 10:14:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8db6076788fe6d623ffdd7d20dd10940d22966b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4a:fc:75:b1:9f:3b:79:6a:c3:c1:bf:dc:07:
39:a8:59:ca:87:aa:a0:28:4e:c3:ba:bd:90:52:2b:
9e:f0:0a:d9:3d:e4:32:c9:20:64:f0:44:f6:30:b9:
07:46:75:54:c6:8c:79:91:38:45:46:29:a6:83:18:
6f:f1:42:d1:c5:54:54:54:e4:2c:f7:03:46:f3:70:
95:2d:1f:30:2e:f6:2f:74:de:c8:b8:66:02:1b:8e:
44:2b:2d:91:b0:c0:e5:be:c2:0b:ca:d5:7a:0d:04:
a8:f6:21:18:6b:16:3c:5d:7a:a5:5a:42:1d:8a:c6:
72:12:d0:3e:bc:ed:6b:6c:2a:9a:e6:af:cc:a6:84:
32:73:0b:88:83:71:ba:ba:9c:a3:95:14:5c:68:b6:
4d:f0:0f:4a:50:58:ae:c3:aa:04:a0:99:75:ce:38:
76:c0:53:81:d4:bd:8e:af:69:2d:d0:b2:d4:50:dd:
e0:05:2d:79:e7:df:6a:98:49:bd:fb:8d:2a:6a:bc:
ea:1f:23:88:d6:d2:23:16:e3:43:83:d8:db:1c:1e:
6a:19:cc:8b:8c:5b:bc:99:85:a8:0d:05:6f:cb:78:
6e:9a:76:a9:da:0b:14:ab:9d:25:2f:2b:d1:92:f4:
cb:5a:aa:f7:e9:e7:22:ac:f9:65:7e:40:f3:75:1b:
98:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:60:76:78:8F:E6:D6:23:FF:DD:7D:20:DD:10:94:0D:22:96:6B
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/yNtgdniP5tYj_919IN0QlA0ilms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.4.0/22
130.0.88.0/22
176.223.176.0/22
185.164.212.0/22
185.178.88.0/22
185.194.120.0/22
185.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:67:49:67:20:3a:fe:c6:25:10:0b:bd:95:8e:0f:ec:03:fd:
cc:c8:30:f2:95:49:1c:0e:30:25:7a:64:15:a6:00:6d:dc:76:
a0:83:9b:b5:10:29:91:a7:09:dc:72:74:85:4e:04:a2:d3:f7:
b2:61:bf:2e:51:9f:ee:da:93:dd:ec:35:86:ce:34:3a:7a:0a:
87:a3:9b:1b:33:68:8f:e8:83:d8:b3:7f:05:88:9d:0e:d7:8d:
f9:dd:e0:89:ed:41:9d:84:c6:d6:23:68:b9:ea:6e:77:b4:fd:
2b:fc:9c:ea:04:c1:d6:ef:9a:d3:28:71:6a:d0:d1:05:9a:09:
4e:b6:26:53:fd:00:18:03:f1:37:23:fa:3e:60:16:8a:47:c2:
e0:6b:9d:67:90:2b:eb:8d:b9:07:e3:52:5a:05:7c:e8:ad:65:
2a:93:3e:4f:6b:f0:1e:00:bf:56:ef:2f:7a:c4:33:25:34:1a:
0f:11:f4:76:b6:ca:14:30:43:f5:34:46:a0:6d:92:27:e4:e6:
12:c1:e4:ce:a8:8c:29:e9:b4:46:8c:ab:ef:a7:2d:2a:f1:ff:
b1:3e:b9:83:ba:49:d1:84:05:c9:5f:2b:b1:21:40:9d:a9:db:
fc:d9:ca:dd:ea:e4:d3:7a:85:b1:6f:8a:61:be:69:a9:10:bb:
41:a3:e8:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYi5ZiG0mcta+dfQk99AsSBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjMwNjE0MTAxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRiNjA3Njc4OGZlNmQ2MjNmZmRkN2QyMGRkMTA5NDBkMjI5NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEr8dbGfO3lqw8G/3Ac5qFnKh6qg
KE7Dur2QUiue8ArZPeQyySBk8ET2MLkHRnVUxox5kThFRimmgxhv8ULRxVRUVOQs
9wNG83CVLR8wLvYvdN7IuGYCG45EKy2RsMDlvsILytV6DQSo9iEYaxY8XXqlWkId
isZyEtA+vO1rbCqa5q/MpoQycwuIg3G6upyjlRRcaLZN8A9KUFiuw6oEoJl1zjh2
wFOB1L2Or2kt0LLUUN3gBS15599qmEm9+40qarzqHyOI1tIjFuNDg9jbHB5qGcyL
jFu8mYWoDQVvy3humnap2gsUq50lLyvRkvTLWqr36ecirPllfkDzdRuY8wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMjbYHZ4j+bWI//dfSDdEJQNIpZrMB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEveU50Z2RuaVA1dFlqXzkxOUlOMFFsQTBpbG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVPcEAwQC
ggBYAwQCsN+wAwQCuaTUAwQCubJYAwQCucJ4AwQCue0oMA0GCSqGSIb3DQEBCwUA
A4IBAQCPZ0lnIDr+xiUQC72Vjg/sA/3MyDDylUkcDjAlemQVpgBt3Hagg5u1ECmR
pwnccnSFTgSi0/eyYb8uUZ/u2pPd7DWGzjQ6egqHo5sbM2iP6IPYs38FiJ0O1435
3eCJ7UGdhMbWI2i56m53tP0r/JzqBMHW75rTKHFq0NEFmglOtiZT/QAYA/E3I/o+
YBaKR8Lga51nkCvrjbkH41JaBXzorWUqkz5Pa/AeAL9W7y96xDMlNBoPEfR2tsoU
MEP1NEagbZIn5OYSweTOqIwp6bRGjKvvpy0q8f+xPrmDuknRhAXJXyuxIUCdqdv8
2crd6uTTeoWxb4phvmmpELtBo+hG
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net