Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/94XqzmfCxhNe7xB-cFBLOC60lOo.roa
File: 94XqzmfCxhNe7xB-cFBLOC60lOo.roa (raw, json)
Hash identifier: fHcEgLWC309vVmudksVMCB5TwQBmSwFAwJJjTiyOfI8=
Subject key identifier: F7:85:EA:CE:67:C2:C6:13:5E:EF:10:7E:70:50:4B:38:2E:B4:94:EA
Certificate issuer: /CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Certificate serial: 018F2BA6CC760CA5CC52F86B9D056A7957AA
Authority key identifier: 9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/94XqzmfCxhNe7xB-cFBLOC60lOo.roa
Signing time: Mon 29 Apr 2024 20:58:22 +0000
ROA not before: Mon 29 Apr 2024 20:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197524
IP address blocks: 5.22.240.0/21 maxlen: 21
88.133.0.0/17 maxlen: 21
88.133.0.0/19 maxlen: 19
88.133.64.0/19 maxlen: 19
88.133.128.0/20 maxlen: 20
88.133.156.0/22 maxlen: 24
109.199.160.0/19 maxlen: 19
185.9.64.0/22 maxlen: 22
2a01:a980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Apr 2024 01:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:a6:cc:76:0c:a5:cc:52:f8:6b:9d:05:6a:79:57:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Validity
Not Before: Apr 29 20:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f785eace67c2c6135eef107e70504b382eb494ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:6a:66:0d:d6:78:b7:6c:f9:f7:db:7a:a7:
3c:79:49:2b:98:f0:d9:10:94:3a:8b:b6:69:9d:4f:
8b:de:8e:6c:72:f6:1a:9b:a8:e2:17:61:c6:aa:94:
cb:70:37:21:b1:53:d4:09:f4:fa:c6:db:c1:34:cb:
1f:1a:46:59:5b:87:bd:a8:34:37:3d:9f:25:31:a8:
7d:8b:92:f2:2b:7b:4e:a8:21:7d:62:02:86:76:f3:
1c:f4:76:07:49:8f:8d:48:7c:f5:3c:28:44:0e:0d:
50:a5:96:a0:b5:b7:e2:4c:0d:a9:9a:72:fb:fc:f0:
21:73:54:4c:9b:9f:f7:22:82:dd:b5:7b:f1:13:fa:
db:2e:87:be:25:ea:77:56:13:f6:6b:7e:98:29:fa:
c9:f9:81:a7:95:ec:6a:65:35:7b:3b:93:a9:db:4e:
b5:80:ce:e0:3b:70:64:c1:3b:53:e7:e8:6b:0b:c2:
af:a9:cf:03:b1:79:ee:93:5b:09:4a:8f:7a:05:48:
a6:c2:29:70:46:db:7f:fd:fb:2c:e4:00:e6:09:b0:
f8:2a:93:2a:f0:d6:3e:2c:3c:9a:02:71:bd:6a:c3:
69:c8:bf:3d:d7:12:e7:04:a3:2a:61:8d:81:47:84:
10:55:1d:fd:92:ba:ac:fd:af:d2:b1:01:fe:f0:bf:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:85:EA:CE:67:C2:C6:13:5E:EF:10:7E:70:50:4B:38:2E:B4:94:EA
X509v3 Authority Key Identifier:
keyid:9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/94XqzmfCxhNe7xB-cFBLOC60lOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.240.0/21
88.133.0.0-88.133.143.255
88.133.156.0/22
109.199.160.0/19
185.9.64.0/22
IPv6:
2a01:a980::/29
Signature Algorithm: sha256WithRSAEncryption
0f:4d:de:27:72:f4:4d:17:ae:12:ab:64:05:35:3e:6e:c9:54:
4d:fa:e8:2b:f8:4e:7a:19:94:e0:4c:7c:b3:eb:1f:9e:69:34:
11:25:e0:2e:ff:a0:c1:ac:7c:4a:57:92:91:1d:0f:71:31:ba:
80:a6:51:33:f3:0f:d1:29:ae:73:a9:26:da:8b:e0:07:59:d2:
59:ca:5c:22:c7:a8:0c:82:30:2c:25:b7:a3:24:b0:a2:92:5b:
1d:f6:24:af:f2:c6:32:05:02:f5:3b:f9:4b:84:cc:84:b4:8b:
88:d6:19:77:30:63:d7:bb:27:04:0d:9c:11:c7:e3:d8:52:1e:
a0:53:f2:b2:ad:f6:10:56:1f:67:f9:23:7e:35:ac:8b:13:65:
71:2c:73:31:4c:59:72:65:ae:cc:6f:44:7b:3e:e9:02:fb:51:
35:eb:01:1e:69:89:f4:78:90:26:13:07:86:ed:04:8d:6b:31:
f7:90:8a:91:5b:6d:52:34:09:63:dc:61:63:70:e6:67:a4:e9:
ae:44:2a:7c:ba:09:19:ed:a6:fc:2b:b4:7c:63:8e:6b:c4:e9:
18:4d:01:56:ef:d1:8f:81:5f:8f:66:70:7f:80:5b:87:f0:a5:
e3:d7:b7:10:44:39:05:b1:26:d4:ca:e5:46:e5:81:b8:3d:35:
f4:73:4d:a6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8rpsx2DKXMUvhrnQVqeVeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWEzYTNhNGEzNjA2YzczOTZmMTVmNTAxYWM1YzY0MTc4
NTc1MGMwHhcNMjQwNDI5MjA1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg1ZWFjZTY3YzJjNjEzNWVlZjEwN2U3MDUwNGIzODJlYjQ5NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFBqZg3WeLds+ffbeqc8eUkrmPDZ
EJQ6i7ZpnU+L3o5scvYam6jiF2HGqpTLcDchsVPUCfT6xtvBNMsfGkZZW4e9qDQ3
PZ8lMah9i5LyK3tOqCF9YgKGdvMc9HYHSY+NSHz1PChEDg1QpZagtbfiTA2pmnL7
/PAhc1RMm5/3IoLdtXvxE/rbLoe+Jep3VhP2a36YKfrJ+YGnlexqZTV7O5Op2061
gM7gO3BkwTtT5+hrC8Kvqc8DsXnuk1sJSo96BUimwilwRtt//fss5ADmCbD4KpMq
8NY+LDyaAnG9asNpyL891xLnBKMqYY2BR4QQVR39krqs/a/SsQH+8L/KxQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPeF6s5nwsYTXu8QfnBQSzgutJTqMB8GA1UdIwQY
MBaAFJvqOjpKNgbHOW8V9QGsXGQXhXUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAt
YzYzYWRiNmVlNWQ5LzEvOTRYcXptZkN4aE5lN3hCLWNGQkxPQzYwbE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAtYzYzYWRiNmVlNWQ5
LzEvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDBRbwMAsD
AwBYhQMEBFiFgAMEAliFnAMEBW3HoAMEArkJQDANBAIAAjAHAwUDKgGpgDANBgkq
hkiG9w0BAQsFAAOCAQEAD03eJ3L0TReuEqtkBTU+bslUTfroK/hOehmU4Ex8s+sf
nmk0ESXgLv+gwax8SleSkR0PcTG6gKZRM/MP0Smuc6km2ovgB1nSWcpcIseoDIIw
LCW3oySwopJbHfYkr/LGMgUC9Tv5S4TMhLSLiNYZdzBj17snBA2cEcfj2FIeoFPy
sq32EFYfZ/kjfjWsixNlcSxzMUxZcmWuzG9Eez7pAvtRNesBHmmJ9HiQJhMHhu0E
jWsx95CKkVttUjQJY9xhY3DmZ6TprkQqfLoJGe2m/Cu0fGOOa8TpGE0BVu/Rj4Ff
j2Zwf4Bbh/Cl49e3EEQ5BbEm1MrlRuWBuD019HNNpg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 04:46:16 2024 by rpki-client on console.sobornost.net