Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/IukgGPjWhXTrLeLSFZQMtpZd_eI.roa
File: IukgGPjWhXTrLeLSFZQMtpZd_eI.roa (raw, json)
Hash identifier: rv1HjWittr+D/DVGWMbaI/E/WATkbPgfmRbsaaJ0fA4=
Subject key identifier: 22:E9:20:18:F8:D6:85:74:EB:2D:E2:D2:15:94:0C:B6:96:5D:FD:E2
Certificate issuer: /CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Certificate serial: 018B292075F4F19064616B937DA0B341D015
Authority key identifier: 0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/IukgGPjWhXTrLeLSFZQMtpZd_eI.roa
Signing time: Fri 13 Oct 2023 13:01:15 +0000
ROA not before: Fri 13 Oct 2023 13:01:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209772
IP address blocks: 185.68.130.0/23 maxlen: 23
185.68.128.0/23 maxlen: 23
185.207.162.0/23 maxlen: 23
185.207.160.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:20:75:f4:f1:90:64:61:6b:93:7d:a0:b3:41:d0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Validity
Not Before: Oct 13 13:01:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22e92018f8d68574eb2de2d215940cb6965dfde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fe:39:15:4d:c9:55:b7:59:b5:d0:f1:84:cb:
5e:99:5d:6c:70:50:86:ae:dd:19:70:bb:30:32:55:
4a:f9:c5:93:c9:32:76:23:a4:21:63:1b:b0:36:89:
ed:d2:85:17:c5:45:13:74:e9:ee:ae:7c:2d:e7:ab:
b2:ec:f1:09:c0:a0:a4:09:17:f5:6d:b8:b8:9f:d8:
6f:a9:b4:7b:2d:cd:34:e2:1d:ce:e8:63:39:b5:1e:
f7:1d:27:10:8f:47:fe:21:70:bd:14:28:a8:39:e1:
83:1d:eb:a7:28:45:69:e1:cd:ac:c0:0b:bd:66:e5:
0b:76:90:02:5d:dd:43:6c:02:00:b4:49:31:ba:cf:
a5:20:df:20:1b:66:0d:5b:ad:06:e4:03:b0:ec:c4:
a4:db:35:72:e8:32:8c:bc:66:2e:bb:82:ea:d0:5f:
35:4a:f3:40:75:3b:a8:f8:2d:cc:9c:ae:9c:7e:e7:
02:65:2a:15:da:00:12:c0:6b:d6:ab:d1:e1:f0:03:
6b:3f:bd:e4:0f:90:90:48:66:e6:d7:96:06:f9:9a:
1a:cc:68:24:bd:bc:b8:45:e4:ad:ee:ad:51:09:55:
1b:c4:38:33:38:37:dc:8c:54:65:24:6a:1c:17:e0:
44:48:90:2d:b2:1b:b1:39:16:b6:a3:0e:fc:2c:0a:
9c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E9:20:18:F8:D6:85:74:EB:2D:E2:D2:15:94:0C:B6:96:5D:FD:E2
X509v3 Authority Key Identifier:
keyid:0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/IukgGPjWhXTrLeLSFZQMtpZd_eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.128.0/22
185.207.160.0/22
Signature Algorithm: sha256WithRSAEncryption
49:cf:c4:bb:4d:7d:98:07:8c:d7:e1:22:f5:61:fc:a4:12:a6:
07:f6:94:4b:51:86:49:1f:04:fa:93:b2:a3:63:82:b4:6f:b0:
84:32:a6:46:b2:e8:3c:2f:84:78:31:dc:d8:6a:41:1b:05:be:
38:bc:21:ea:96:47:c6:91:c7:3f:56:bc:ff:37:e2:5e:f4:98:
01:6b:5a:14:a2:81:2b:0b:24:06:02:d1:17:17:a8:0a:03:10:
0c:69:13:41:75:7e:d7:97:b9:c4:83:92:2d:90:f2:04:e8:59:
44:72:7b:88:9b:64:31:0b:9f:32:8d:e1:0d:a2:c4:37:27:75:
07:ba:f7:08:b5:70:6d:1b:08:1e:7e:b4:40:32:fe:47:03:f4:
01:19:ff:16:df:c2:61:4a:92:e8:3b:ff:1d:65:51:f0:55:3a:
d0:01:bc:57:08:58:35:04:11:36:b5:de:5c:ee:14:94:13:08:
c3:20:a1:f5:0c:59:d8:97:11:a2:00:fe:73:51:c8:ed:2d:2d:
a0:4c:64:a1:eb:9d:48:e2:24:b7:de:1a:05:5c:ff:c2:9e:36:
8c:bc:03:b4:c0:f7:73:81:9a:2f:c5:4e:5c:0d:cc:09:b8:f3:
bc:c4:eb:d8:34:af:7c:92:91:e1:5d:53:ff:bd:3c:b6:a7:e3:
8c:2b:c0:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYspIHX08ZBkYWuTfaCzQdAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDJjYWJlYjFkNzI0ZTdhNDhkZDYxZTlhN2UwYzUwYTRl
OWJmNTAwHhcNMjMxMDEzMTMwMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU5MjAxOGY4ZDY4NTc0ZWIyZGUyZDIxNTk0MGNiNjk2NWRmZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP45FU3JVbdZtdDxhMtemV1scFCG
rt0ZcLswMlVK+cWTyTJ2I6QhYxuwNont0oUXxUUTdOnurnwt56uy7PEJwKCkCRf1
bbi4n9hvqbR7Lc004h3O6GM5tR73HScQj0f+IXC9FCioOeGDHeunKEVp4c2swAu9
ZuULdpACXd1DbAIAtEkxus+lIN8gG2YNW60G5AOw7MSk2zVy6DKMvGYuu4Lq0F81
SvNAdTuo+C3MnK6cfucCZSoV2gASwGvWq9Hh8ANrP73kD5CQSGbm15YG+ZoazGgk
vby4ReSt7q1RCVUbxDgzODfcjFRlJGocF+BESJAtshuxORa2ow78LAqc0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLpIBj41oV06y3i0hWUDLaWXf3iMB8GA1UdIwQY
MBaAFAzSyr6x1yTnpI3WHpp+DFCk6b9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMt
MjUzNzQ0OTRjZWVlLzEvSXVrZ0dQaldoWFRyTGVMU0ZaUU10cFpkX2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMtMjUzNzQ0OTRjZWVl
LzEvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSAAwQC
uc+gMA0GCSqGSIb3DQEBCwUAA4IBAQBJz8S7TX2YB4zX4SL1YfykEqYH9pRLUYZJ
HwT6k7KjY4K0b7CEMqZGsug8L4R4MdzYakEbBb44vCHqlkfGkcc/Vrz/N+Je9JgB
a1oUooErCyQGAtEXF6gKAxAMaRNBdX7Xl7nEg5ItkPIE6FlEcnuIm2QxC58yjeEN
osQ3J3UHuvcItXBtGwgefrRAMv5HA/QBGf8W38JhSpLoO/8dZVHwVTrQAbxXCFg1
BBE2td5c7hSUEwjDIKH1DFnYlxGiAP5zUcjtLS2gTGSh651I4iS33hoFXP/CnjaM
vAO0wPdzgZovxU5cDcwJuPO8xOvYNK98kpHhXVP/vTy2p+OMK8DP
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:07 2024 by rpki-client on console.sobornost.net