Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/sr9rjl8W4dLS8dzNxsp6HNcseIQ.roa
File: sr9rjl8W4dLS8dzNxsp6HNcseIQ.roa (raw, json)
Hash identifier: 4wlpFajgtj/G7R/WB3KdsifL0CGz8OKNmLGLEE2DF2s=
Subject key identifier: B2:BF:6B:8E:5F:16:E1:D2:D2:F1:DC:CD:C6:CA:7A:1C:D7:2C:78:84
Certificate issuer: /CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Certificate serial: 01856DDD4A0FED52EB14FA19B0A7182724EA
Authority key identifier: EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/sr9rjl8W4dLS8dzNxsp6HNcseIQ.roa
Signing time: Sun 01 Jan 2023 15:04:57 +0000
ROA not before: Sun 01 Jan 2023 15:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51483
IP address blocks: 46.254.136.0/21 maxlen: 21
128.0.192.0/21 maxlen: 21
185.74.224.0/22 maxlen: 22
95.142.64.0/20 maxlen: 20
46.235.112.0/21 maxlen: 21
46.235.119.0/24 maxlen: 24
2a00:1100::/32 maxlen: 32
2a00:1100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:4a:0f:ed:52:eb:14:fa:19:b0:a7:18:27:24:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Validity
Not Before: Jan 1 15:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2bf6b8e5f16e1d2d2f1dccdc6ca7a1cd72c7884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:d1:ba:13:cf:02:52:5b:cd:91:26:22:47:
ff:d3:96:18:ef:d3:17:a8:58:d6:e8:d7:c9:a0:29:
53:d1:7b:c4:9a:6a:0d:91:e7:c6:8a:f7:c5:c4:65:
e7:92:cf:19:87:63:3a:e5:49:bd:aa:d2:83:d1:b0:
38:9b:06:16:6f:61:01:8f:a6:05:f5:18:94:21:83:
c9:82:20:da:7d:09:7c:42:bf:95:d6:b9:f8:a6:16:
53:0b:8b:59:05:e3:21:14:fa:3b:65:0b:6f:9f:1a:
eb:69:e0:ff:4b:88:34:8f:6e:49:47:60:37:47:db:
f4:20:58:b5:e7:66:c8:21:a9:12:7c:4e:89:52:90:
bc:7a:68:f6:f3:5e:bf:0e:55:00:c3:90:44:9b:c7:
81:93:68:d9:a5:8d:df:fa:90:c0:76:f6:67:27:59:
36:e7:9b:1a:aa:84:32:c1:eb:35:43:8a:14:6a:9a:
34:e9:96:36:01:bc:90:c7:5f:47:7a:ce:62:71:81:
1e:be:45:fb:63:c1:38:cb:67:c1:b0:d3:b6:e4:f2:
1a:05:57:97:61:0a:77:fe:6a:1d:59:09:6c:86:bd:
e0:cb:8b:70:c1:ce:1c:e1:82:34:fb:06:44:c9:a8:
9c:9e:d0:ab:49:96:5b:7e:42:01:cb:fe:5b:b6:9b:
b3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BF:6B:8E:5F:16:E1:D2:D2:F1:DC:CD:C6:CA:7A:1C:D7:2C:78:84
X509v3 Authority Key Identifier:
keyid:EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/sr9rjl8W4dLS8dzNxsp6HNcseIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/7D09fly_GK9mt_W0peCsGezTmHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.112.0/21
46.254.136.0/21
95.142.64.0/20
128.0.192.0/21
185.74.224.0/22
IPv6:
2a00:1100::/29
Signature Algorithm: sha256WithRSAEncryption
c5:9a:a6:43:11:6e:fa:70:22:b3:db:62:1c:84:97:c0:7f:55:
3b:52:7f:1e:46:af:01:b9:cc:dd:4c:dd:65:59:72:b1:f3:25:
7c:70:72:26:2d:12:45:48:ae:1a:d4:93:b0:1d:ea:9a:57:81:
56:ef:30:c3:05:85:bc:51:62:79:67:df:a3:7e:dc:b0:18:2d:
82:d5:89:21:1d:7c:0f:66:c6:e8:ad:8a:21:03:e1:02:6b:70:
89:b1:c4:29:2d:4b:8e:f9:6d:36:99:b7:9f:4b:9e:d0:c8:e8:
e9:2b:b8:ee:91:d4:3b:09:5d:54:0e:6f:61:5d:10:6b:fe:93:
e2:ba:03:e6:ff:6c:7f:e7:30:db:a7:05:a7:c2:f2:3d:80:38:
f7:23:c4:4d:0f:c9:d6:4b:38:7a:2e:4e:14:00:8d:0b:fc:8d:
8e:12:bf:f6:c2:ab:57:6a:06:04:ea:86:54:a8:2c:19:77:78:
73:3f:27:be:17:57:24:1a:b9:90:a7:3f:8f:e8:f2:bb:2a:3e:
5c:98:5d:fe:f2:87:1d:00:74:d4:33:3f:e6:5a:2b:4c:1a:2c:
05:39:84:ac:e4:db:03:36:80:9c:cf:a9:c7:df:97:5d:42:8a:
b6:86:14:34:3a:b4:c4:b0:79:25:29:11:bc:c0:14:9b:66:a3:
a8:b8:db:16
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVt3UoP7VLrFPoZsKcYJyTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2QzZDdlNWNiZjE4YWY2NmI3ZjViNGE1ZTBhYzE5ZWNk
Mzk4NzYwHhcNMjMwMTAxMTUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmJmNmI4ZTVmMTZlMWQyZDJmMWRjY2RjNmNhN2ExY2Q3MmM3ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlHRuhPPAlJbzZEmIkf/05YY79MX
qFjW6NfJoClT0XvEmmoNkefGivfFxGXnks8Zh2M65Um9qtKD0bA4mwYWb2EBj6YF
9RiUIYPJgiDafQl8Qr+V1rn4phZTC4tZBeMhFPo7ZQtvnxrraeD/S4g0j25JR2A3
R9v0IFi152bIIakSfE6JUpC8emj2816/DlUAw5BEm8eBk2jZpY3f+pDAdvZnJ1k2
55saqoQywes1Q4oUapo06ZY2AbyQx19Hes5icYEevkX7Y8E4y2fBsNO25PIaBVeX
YQp3/modWQlshr3gy4twwc4c4YI0+wZEyaicntCrSZZbfkIBy/5btpuzsQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLK/a45fFuHS0vHczcbKehzXLHiEMB8GA1UdIwQY
MBaAFOw9PX5cvxivZrf1tKXgrBns05h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMt
NDY2MGZhZDgzOTg1LzEvc3I5cmpsOFc0ZExTOGR6TnhzcDZITmNzZUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMtNDY2MGZhZDgzOTg1
LzEvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLutwAwQD
Lv6IAwQEX45AAwQDgADAAwQCuUrgMA0EAgACMAcDBQMqABEAMA0GCSqGSIb3DQEB
CwUAA4IBAQDFmqZDEW76cCKz22IchJfAf1U7Un8eRq8BuczdTN1lWXKx8yV8cHIm
LRJFSK4a1JOwHeqaV4FW7zDDBYW8UWJ5Z9+jftywGC2C1YkhHXwPZsborYohA+EC
a3CJscQpLUuO+W02mbefS57QyOjpK7jukdQ7CV1UDm9hXRBr/pPiugPm/2x/5zDb
pwWnwvI9gDj3I8RND8nWSzh6Lk4UAI0L/I2OEr/2wqtXagYE6oZUqCwZd3hzPye+
F1ckGrmQpz+P6PK7Kj5cmF3+8ocdAHTUMz/mWitMGiwFOYSs5NsDNoCcz6nH35dd
Qoq2hhQ0OrTEsHklKRG8wBSbZqOouNsW
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:53 2024 by rpki-client on console.sobornost.net