Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/dA-ICaKv5Vb4UlmiJExHes18zEw.roa
File: dA-ICaKv5Vb4UlmiJExHes18zEw.roa (raw, json)
Hash identifier: zpVOS+hBMonJhrWApuEb0eANbwmzY08GgqBGr9MoRJI=
Subject key identifier: 74:0F:88:09:A2:AF:E5:56:F8:52:59:A2:24:4C:47:7A:CD:7C:CC:4C
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 018BC7E41CE4BA7D7AE51AE82C77A23CDEF6
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/dA-ICaKv5Vb4UlmiJExHes18zEw.roa
Signing time: Mon 13 Nov 2023 08:54:57 +0000
ROA not before: Mon 13 Nov 2023 08:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197019
IP address blocks: 37.157.192.0/21 maxlen: 24
46.28.104.223/32 maxlen: 32
89.221.208.0/20 maxlen: 24
185.8.236.0/22 maxlen: 24
31.31.72.0/21 maxlen: 24
46.28.104.0/21 maxlen: 24
2a02:2b88::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:e4:1c:e4:ba:7d:7a:e5:1a:e8:2c:77:a2:3c:de:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Nov 13 08:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=740f8809a2afe556f85259a2244c477acd7ccc4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:87:05:83:a3:3e:ac:51:66:65:e9:bd:4f:2e:
11:31:e3:a4:b3:a9:76:30:6d:08:5b:32:f1:fc:7f:
97:0b:60:f2:d5:70:a1:5a:43:43:5e:ed:46:13:a3:
a8:6c:a2:d5:e5:7c:5f:b5:52:e8:5e:11:a4:e1:1b:
5b:f4:a4:fc:ea:ec:8c:99:1e:2e:96:74:9c:82:d9:
e0:e0:e9:8e:4c:9c:69:2b:e6:df:8f:79:20:0c:ac:
fd:1e:fa:aa:35:b0:c6:90:c2:4d:e7:c8:cf:1b:20:
28:26:fa:78:b1:2f:e5:aa:51:70:c5:7e:77:57:bc:
f5:24:b9:3e:c3:20:c8:ff:49:0b:b7:3b:c0:98:04:
45:51:b7:a4:e2:65:bc:91:5e:89:64:82:68:91:27:
65:b9:1b:a3:29:a5:1d:d9:53:c0:49:2a:79:7d:7e:
6e:92:bf:0c:f6:ef:06:86:de:95:4e:c0:ed:d9:4c:
1a:ff:0e:40:a1:0e:b6:46:ef:f6:62:50:ba:9e:19:
7e:01:b0:ac:67:f8:25:bb:da:64:7a:d5:b9:d4:6e:
6d:b5:bc:90:25:aa:98:ba:4c:b9:0c:3d:1e:fd:f0:
f3:ce:2c:fa:fd:aa:27:77:68:db:60:bf:92:26:02:
07:5a:43:a7:c3:32:3c:df:30:ed:f6:a8:db:db:b1:
a0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0F:88:09:A2:AF:E5:56:F8:52:59:A2:24:4C:47:7A:CD:7C:CC:4C
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/dA-ICaKv5Vb4UlmiJExHes18zEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.72.0/21
37.157.192.0/21
46.28.104.0/21
89.221.208.0/20
185.8.236.0/22
IPv6:
2a02:2b88::/32
Signature Algorithm: sha256WithRSAEncryption
78:aa:c9:ab:ea:98:ac:97:91:89:7b:07:a8:43:ec:0b:15:ab:
36:bb:48:69:d4:15:bc:5a:94:cb:ad:a3:fb:e3:e7:2c:9b:13:
ce:ef:5d:00:b8:66:24:fd:89:99:ec:7b:b6:c0:1a:37:71:6f:
85:f4:2c:23:82:f7:5a:c5:88:b1:16:e1:59:c3:de:40:82:81:
97:dd:cd:4b:ce:83:e5:73:ad:36:74:be:90:4d:79:f0:96:da:
d1:9f:45:60:6a:be:a4:df:e2:1c:6c:86:53:17:37:98:cb:82:
28:9e:1f:2e:f5:45:1c:bc:8b:72:bc:9d:77:f6:c8:a5:52:b5:
25:bd:c2:28:21:2d:b3:f4:33:2a:88:f3:da:3f:3a:cc:25:c8:
dd:b8:ba:a7:25:1c:d1:fa:92:7f:26:02:92:fa:52:24:3e:cc:
be:14:0c:56:29:2a:09:8f:78:b9:ee:32:15:4c:76:9c:9c:1e:
f5:ac:93:1b:19:58:fa:0e:64:bc:14:f0:bc:79:39:f9:ed:16:
53:ec:aa:86:a9:55:fe:ac:88:45:1f:61:56:63:63:7f:37:74:
be:d1:92:3c:41:2f:60:0f:7e:f8:10:b1:3d:f3:44:6c:6f:c5:
84:80:60:84:85:0d:8f:af:92:ee:80:1f:5e:a8:12:77:fb:f1:
e1:07:04:ab
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYvH5Bzkun165RroLHeiPN72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjMxMTEzMDg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBmODgwOWEyYWZlNTU2Zjg1MjU5YTIyNDRjNDc3YWNkN2NjYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyocFg6M+rFFmZem9Ty4RMeOks6l2
MG0IWzLx/H+XC2Dy1XChWkNDXu1GE6OobKLV5XxftVLoXhGk4Rtb9KT86uyMmR4u
lnScgtng4OmOTJxpK+bfj3kgDKz9HvqqNbDGkMJN58jPGyAoJvp4sS/lqlFwxX53
V7z1JLk+wyDI/0kLtzvAmARFUbek4mW8kV6JZIJokSdluRujKaUd2VPASSp5fX5u
kr8M9u8Ght6VTsDt2Uwa/w5AoQ62Ru/2YlC6nhl+AbCsZ/glu9pketW51G5ttbyQ
JaqYuky5DD0e/fDzziz6/aond2jbYL+SJgIHWkOnwzI83zDt9qjb27Gg2QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHQPiAmir+VW+FJZoiRMR3rNfMxMMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvZEEtSUNhS3Y1VmI0VWxtaUpFeEhlczE4ekV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHx9IAwQD
JZ3AAwQDLhxoAwQEWd3QAwQCuQjsMA0EAgACMAcDBQAqAiuIMA0GCSqGSIb3DQEB
CwUAA4IBAQB4qsmr6pisl5GJeweoQ+wLFas2u0hp1BW8WpTLraP74+csmxPO710A
uGYk/YmZ7Hu2wBo3cW+F9CwjgvdaxYixFuFZw95AgoGX3c1LzoPlc602dL6QTXnw
ltrRn0Vgar6k3+IcbIZTFzeYy4Ionh8u9UUcvItyvJ139silUrUlvcIoIS2z9DMq
iPPaPzrMJcjduLqnJRzR+pJ/JgKS+lIkPsy+FAxWKSoJj3i57jIVTHacnB71rJMb
GVj6DmS8FPC8eTn57RZT7KqGqVX+rIhFH2FWY2N/N3S+0ZI8QS9gD374ELE980Rs
b8WEgGCEhQ2Pr5LugB9eqBJ3+/HhBwSr
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:10 2024 by rpki-client on console.sobornost.net