Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/gBo8YSjDHG-siyNRf-LIxY8-VrE.roa
File: gBo8YSjDHG-siyNRf-LIxY8-VrE.roa (raw, json)
Hash identifier: 5NmDsWYID2QqWhsaD1qAK+fzKruhYahRWNNE2enokAA=
Subject key identifier: 80:1A:3C:61:28:C3:1C:6F:AC:8B:23:51:7F:E2:C8:C5:8F:3E:56:B1
Certificate issuer: /CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Certificate serial: 018C8CC6A6FB07F85ED9805F2A826DFD59F5
Authority key identifier: 9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/gBo8YSjDHG-siyNRf-LIxY8-VrE.roa
Signing time: Thu 21 Dec 2023 14:27:58 +0000
ROA not before: Thu 21 Dec 2023 14:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204386
IP address blocks: 185.250.159.0/24 maxlen: 24
185.250.156.0/24 maxlen: 24
185.250.157.0/24 maxlen: 24
185.250.158.0/24 maxlen: 24
185.250.156.0/22 maxlen: 22
185.251.26.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:c6:a6:fb:07:f8:5e:d9:80:5f:2a:82:6d:fd:59:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Validity
Not Before: Dec 21 14:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=801a3c6128c31c6fac8b23517fe2c8c58f3e56b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3c:17:c4:40:b0:53:8f:62:e7:7a:9b:1d:b8:
72:57:79:43:81:03:8b:56:5b:50:7c:98:39:69:f1:
da:7d:ff:38:e8:d6:a5:9f:cb:1b:3b:d2:81:c6:d6:
1a:9f:9b:cb:62:e9:25:4b:50:b7:98:e2:66:85:6c:
92:1e:bf:50:7c:4d:1d:9c:b6:04:9d:76:d0:50:a9:
62:d1:b7:ea:78:33:3f:17:93:97:3b:51:b4:b5:36:
42:b0:f0:ac:cb:b9:f8:00:2c:98:27:d0:94:a7:15:
08:78:23:e7:31:94:87:7d:df:89:05:b0:1b:bb:72:
4f:2c:d6:4b:2c:5a:f0:81:e9:60:da:fd:20:ed:d7:
11:80:fb:4d:66:a0:5f:9f:1f:a4:6a:a8:f6:79:52:
ed:a4:24:94:8f:f3:b8:a5:57:e8:bb:a0:13:64:f5:
27:28:ff:4a:9e:ee:cd:da:75:d1:34:83:da:33:6e:
eb:14:59:2e:8c:9e:d3:21:af:4a:da:70:1e:af:4b:
1f:0d:f7:1c:f5:be:e7:68:91:44:59:7b:d0:a3:33:
af:4c:ad:00:db:59:8f:3a:1f:83:03:75:20:0b:b5:
46:f3:87:85:87:c6:2a:a2:32:e1:05:69:1c:54:19:
d5:2e:7c:ff:74:ca:aa:31:8a:55:c0:2a:34:ed:ae:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1A:3C:61:28:C3:1C:6F:AC:8B:23:51:7F:E2:C8:C5:8F:3E:56:B1
X509v3 Authority Key Identifier:
keyid:9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/gBo8YSjDHG-siyNRf-LIxY8-VrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.156.0/22
185.251.26.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c6:8d:34:b2:0f:fe:82:41:c3:a6:98:7d:f3:3b:e7:09:c2:
82:ba:2b:8a:d3:fc:75:46:b1:bb:d9:28:84:01:08:f4:99:26:
00:13:97:7d:dc:35:e3:a7:74:de:2d:08:01:c6:d6:d1:69:09:
47:64:dd:28:6f:5b:32:8f:38:00:78:f0:e7:30:a7:d6:21:85:
f1:9e:f1:92:e2:8e:db:48:ce:3a:d9:e7:30:bc:48:06:27:ed:
1e:d8:65:d6:8a:b0:44:8b:5a:d5:f8:59:ff:87:d2:74:1c:99:
0c:f7:1c:8b:e7:8f:72:75:3c:5e:22:39:5a:a0:59:cf:42:01:
ac:c8:61:66:aa:cc:9a:c5:ec:ec:67:cf:12:bd:1e:c8:2a:22:
c5:5a:b9:ae:6b:37:2d:cf:cc:ab:6e:ef:75:78:dd:dc:43:0f:
9d:43:62:50:5f:af:0d:ee:2e:e2:b3:4a:8a:0a:c3:2a:3d:7a:
ac:f4:5d:67:7f:88:10:bb:fe:2c:e6:37:97:05:9d:0e:8f:10:
4d:cf:d9:bb:f2:6a:1f:2e:a0:70:33:7f:1f:04:89:fe:11:c4:
68:49:1e:71:5f:db:ba:37:8e:50:19:e3:a5:d4:36:cc:0f:8e:
5d:fe:d3:31:48:48:ef:11:3f:9e:fc:af:42:12:6f:9d:d1:e1:
00:fa:9d:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyMxqb7B/he2YBfKoJt/Vn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTJiNmEwNTE0NzFiZWM1MWRiNzRkNzI1NmU3YTMwYTU1
ZWNmMWEwHhcNMjMxMjIxMTQyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFhM2M2MTI4YzMxYzZmYWM4YjIzNTE3ZmUyYzhjNThmM2U1NmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jwXxECwU49i53qbHbhyV3lDgQOL
VltQfJg5afHaff846Naln8sbO9KBxtYan5vLYuklS1C3mOJmhWySHr9QfE0dnLYE
nXbQUKli0bfqeDM/F5OXO1G0tTZCsPCsy7n4ACyYJ9CUpxUIeCPnMZSHfd+JBbAb
u3JPLNZLLFrwgelg2v0g7dcRgPtNZqBfnx+kaqj2eVLtpCSUj/O4pVfou6ATZPUn
KP9Knu7N2nXRNIPaM27rFFkujJ7TIa9K2nAer0sfDfcc9b7naJFEWXvQozOvTK0A
21mPOh+DA3UgC7VG84eFh8YqojLhBWkcVBnVLnz/dMqqMYpVwCo07a5k5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIAaPGEowxxvrIsjUX/iyMWPPlaxMB8GA1UdIwQY
MBaAFJxStqBRRxvsUdt01yVuejClXs8aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAt
MjgyOWFhM2RmMjU4LzEvZ0JvOFlTakRIRy1zaXlOUmYtTEl4WTgtVnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAtMjgyOWFhM2RmMjU4
LzEvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufqcAwQA
ufsaMA0GCSqGSIb3DQEBCwUAA4IBAQAVxo00sg/+gkHDpph98zvnCcKCuiuK0/x1
RrG72SiEAQj0mSYAE5d93DXjp3TeLQgBxtbRaQlHZN0ob1syjzgAePDnMKfWIYXx
nvGS4o7bSM462ecwvEgGJ+0e2GXWirBEi1rV+Fn/h9J0HJkM9xyL549ydTxeIjla
oFnPQgGsyGFmqsyaxezsZ88SvR7IKiLFWrmuazctz8yrbu91eN3cQw+dQ2JQX68N
7i7is0qKCsMqPXqs9F1nf4gQu/4s5jeXBZ0OjxBNz9m78mofLqBwM38fBIn+EcRo
SR5xX9u6N45QGeOl1DbMD45d/tMxSEjvET+e/K9CEm+d0eEA+p38
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:56 2024 by rpki-client on console.sobornost.net