Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/aR-MHxMw482WH9utvPJSJE47K-U.roa
File: aR-MHxMw482WH9utvPJSJE47K-U.roa (raw, json)
Hash identifier: DW5nXgw/KPUaljhihoGaz9kEeiG0iSdxJrIjSxPIRJM=
Subject key identifier: 69:1F:8C:1F:13:30:E3:CD:96:1F:DB:AD:BC:F2:52:24:4E:3B:2B:E5
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0193E484F9D9B738C632AD84591761A1C897
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/aR-MHxMw482WH9utvPJSJE47K-U.roa
Signing time: Fri 20 Dec 2024 14:42:19 +0000
ROA not before: Fri 20 Dec 2024 14:42:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 185.166.72.0/22 maxlen: 22
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 13:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:84:f9:d9:b7:38:c6:32:ad:84:59:17:61:a1:c8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 20 14:42:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=691f8c1f1330e3cd961fdbadbcf252244e3b2be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:9c:e4:95:aa:eb:5d:eb:5d:83:4a:86:74:
20:fe:01:46:91:0a:fe:b3:88:d2:27:8f:b2:e9:39:
50:dc:28:0e:7a:32:12:bb:cb:30:ac:61:26:89:4f:
75:c2:09:26:c7:e7:67:b2:20:f1:57:01:a5:ab:52:
3a:aa:3b:13:bd:74:6e:44:17:2b:f5:69:f5:19:9d:
c0:d0:28:40:e3:e6:dd:66:5b:16:8e:6a:82:68:c7:
a6:5a:41:c4:7b:21:37:f3:55:ba:c9:5b:03:21:d5:
d8:4b:53:de:bf:dd:55:29:28:03:ce:aa:f0:d3:90:
7f:d4:5e:13:fc:a8:d6:09:91:90:88:b8:29:38:12:
84:b9:00:ed:21:f6:4c:45:14:d2:b4:f3:62:cd:49:
5a:74:b0:e5:db:fa:31:97:16:74:a1:bc:60:de:8a:
12:3d:e6:3e:d3:30:a8:8a:42:1e:88:6e:55:bd:4d:
29:37:50:58:fe:15:47:2d:2b:21:9e:81:2f:0a:e5:
31:fe:e1:fe:29:72:1c:55:04:cd:35:29:3b:3f:0d:
4c:c8:b0:77:63:b4:b8:6e:d5:c6:97:37:da:35:6c:
21:99:f1:bf:82:7b:0c:b1:70:06:82:1f:4d:24:a2:
0a:44:5f:c1:c3:ce:8e:00:66:41:68:9f:73:ed:5b:
11:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1F:8C:1F:13:30:E3:CD:96:1F:DB:AD:BC:F2:52:24:4E:3B:2B:E5
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/aR-MHxMw482WH9utvPJSJE47K-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a2:3b:08:c6:48:84:74:7e:e2:e6:85:c9:93:0c:1e:a7:2b:
42:28:9d:ae:14:b8:95:9e:50:d8:5a:71:ac:58:45:ba:e5:d5:
59:4c:1b:f9:ab:71:61:92:06:a8:09:74:36:27:eb:38:53:f1:
d2:2f:fb:66:e1:68:1a:60:c6:9d:bf:c5:fc:dc:85:6e:2d:36:
32:76:2e:3f:53:ed:43:48:fb:c2:75:aa:0e:99:80:71:c6:ec:
4d:2d:91:da:94:23:b7:63:3b:19:0e:33:64:38:d9:54:7a:ab:
cb:98:7f:30:fd:bb:59:ee:60:20:1e:b3:45:5d:66:e3:60:89:
e3:39:c5:01:a5:0a:b3:64:c2:1c:71:69:a1:d1:a2:df:ad:72:
10:f5:38:00:e0:6d:55:6c:ee:17:42:f8:ff:bc:1c:c5:ef:7e:
7d:7d:f9:9b:50:71:a0:82:a7:42:e8:b7:ff:0b:e4:05:70:8c:
c0:73:10:bb:e0:c8:d9:28:92:3f:07:54:6f:b9:f7:d7:b3:00:
1e:47:ab:77:2a:57:e0:a3:84:8c:9c:47:61:f9:db:94:b9:8f:
da:f6:34:92:c8:c7:ab:08:d4:f8:10:de:af:77:3a:d3:10:ea:
2e:d6:74:cc:29:e6:5f:6d:50:98:2a:2d:0e:9a:67:1d:60:e7:
18:b8:17:2b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPkhPnZtzjGMq2EWRdhociXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjIwMTQ0MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFmOGMxZjEzMzBlM2NkOTYxZmRiYWRiY2YyNTIyNDRlM2IyYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFec5JWq613rXYNKhnQg/gFGkQr+
s4jSJ4+y6TlQ3CgOejISu8swrGEmiU91wgkmx+dnsiDxVwGlq1I6qjsTvXRuRBcr
9Wn1GZ3A0ChA4+bdZlsWjmqCaMemWkHEeyE381W6yVsDIdXYS1Pev91VKSgDzqrw
05B/1F4T/KjWCZGQiLgpOBKEuQDtIfZMRRTStPNizUladLDl2/oxlxZ0obxg3ooS
PeY+0zCoikIeiG5VvU0pN1BY/hVHLSshnoEvCuUx/uH+KXIcVQTNNSk7Pw1MyLB3
Y7S4btXGlzfaNWwhmfG/gnsMsXAGgh9NJKIKRF/Bw86OAGZBaJ9z7VsRtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGkfjB8TMOPNlh/brbzyUiROOyvlMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvYVItTUh4TXc0ODJXSDl1dHZQSlNKRTQ3Sy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA0GCSqGSIb3DQEBCwUAA4IBAQBY
ojsIxkiEdH7i5oXJkwwepytCKJ2uFLiVnlDYWnGsWEW65dVZTBv5q3FhkgaoCXQ2
J+s4U/HSL/tm4WgaYMadv8X83IVuLTYydi4/U+1DSPvCdaoOmYBxxuxNLZHalCO3
YzsZDjNkONlUeqvLmH8w/btZ7mAgHrNFXWbjYInjOcUBpQqzZMIccWmh0aLfrXIQ
9TgA4G1VbO4XQvj/vBzF7359ffmbUHGggqdC6Lf/C+QFcIzAcxC74MjZKJI/B1Rv
uffXswAeR6t3Klfgo4SMnEdh+duUuY/a9jSSyMerCNT4EN6vdzrTEOou1nTMKeZf
bVCYKi0OmmcdYOcYuBcr
-----END CERTIFICATE-----
Generated at Tue Dec 24 01:01:30 2024 by rpki-client on console.sobornost.net