Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/EtXMYQjD_WI-gvn8szAfppAYN9c.roa
File: EtXMYQjD_WI-gvn8szAfppAYN9c.roa (raw, json)
Hash identifier: C49FJkz8naf3JyVd2LJ8nDDOI10RSiYS2K/PiEqA7Tc=
Subject key identifier: 12:D5:CC:61:08:C3:FD:62:3E:82:F9:FC:B3:30:1F:A6:90:18:37:D7
Certificate issuer: /CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Certificate serial: 018C35039002C6FD658D03536796A4C438A1
Authority key identifier: A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/EtXMYQjD_WI-gvn8szAfppAYN9c.roa
Signing time: Mon 04 Dec 2023 13:27:55 +0000
ROA not before: Mon 04 Dec 2023 13:27:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207668
IP address blocks: 194.53.192.0/24 maxlen: 24
194.53.193.0/24 maxlen: 24
194.53.194.0/23 maxlen: 23
45.66.20.0/23 maxlen: 23
45.66.22.0/23 maxlen: 23
45.144.120.0/22 maxlen: 22
2a09:60c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:03:90:02:c6:fd:65:8d:03:53:67:96:a4:c4:38:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Validity
Not Before: Dec 4 13:27:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12d5cc6108c3fd623e82f9fcb3301fa6901837d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:96:cd:3b:48:89:7f:ca:29:14:ec:c6:c6:ad:
38:f6:26:8f:b2:e5:cb:99:c6:88:a7:f9:ac:8e:c5:
2c:00:46:24:5b:e9:6f:6d:1d:c9:c6:1d:1b:91:9a:
2c:03:5f:22:24:d2:d4:3d:7b:d0:79:9e:0f:69:52:
87:87:e5:ba:3f:17:f5:81:02:a2:14:c3:dc:66:d6:
7c:16:2b:4e:0c:73:b6:5e:5f:8e:72:3b:58:6a:be:
3c:94:7c:a6:bb:1c:f2:1a:15:d8:c8:d9:99:1b:63:
3a:37:d4:a6:7d:13:9b:e6:eb:3f:ad:58:a9:71:10:
98:47:3a:f0:fe:a4:2a:62:fd:2e:28:f6:71:5f:14:
8d:6f:10:94:e1:4e:a9:dc:89:17:2f:3f:3d:91:64:
45:a0:86:7e:15:15:84:01:eb:aa:ee:e9:c2:96:51:
2f:7e:5a:d5:1a:a5:e2:80:f8:c8:1f:64:75:c9:e7:
ef:f2:9a:20:5c:e4:6c:60:b0:19:a3:97:b1:a5:96:
c3:2a:ed:a4:52:a8:3d:76:5d:38:72:37:fa:2f:87:
8f:ce:9f:0f:fa:5a:1e:17:96:80:cd:d4:92:50:bc:
af:c0:2b:d3:d5:6a:fd:66:c0:2f:59:ea:2c:a8:e9:
2a:89:e7:da:83:2f:b2:ed:b4:6d:01:ec:2a:6b:1d:
60:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D5:CC:61:08:C3:FD:62:3E:82:F9:FC:B3:30:1F:A6:90:18:37:D7
X509v3 Authority Key Identifier:
keyid:A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/EtXMYQjD_WI-gvn8szAfppAYN9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/pqqcrek75rp8irsyODGAdjF9YH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.20.0/22
45.144.120.0/22
194.53.192.0/22
IPv6:
2a09:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:3c:03:13:92:fb:cd:d0:05:d4:13:29:21:63:53:a8:91:1d:
fb:d3:fb:c2:f0:63:da:97:64:9e:e7:00:db:e3:14:62:d5:e6:
b6:76:77:36:63:37:da:cb:66:22:b0:49:1c:cb:41:fc:9f:dd:
9d:84:e0:09:38:a3:8e:dc:cd:8c:d6:b8:95:bc:da:e3:e0:75:
ac:35:0c:b7:df:fb:34:e8:5b:3d:1b:13:ab:35:ee:0a:cb:bb:
eb:ef:7d:b1:09:2a:71:f4:22:6d:40:19:7d:be:3c:11:4d:b2:
ce:95:f4:c3:b0:59:12:ef:e9:18:a1:a2:d7:bb:78:a2:cb:20:
42:83:a5:13:62:a2:4b:2f:b0:54:9f:e7:a1:6a:2f:85:83:14:
73:fa:81:53:62:f9:15:57:d5:f3:32:2d:42:35:27:1e:9f:81:
75:37:95:d3:a1:3a:96:24:9a:33:46:e4:c8:08:5a:9e:bb:79:
7c:ec:df:e6:fe:6d:ea:fc:c2:64:99:d2:f0:4b:c2:a7:53:dc:
10:78:9a:7d:5c:f9:54:4d:2a:fd:4e:8f:3e:1d:18:19:58:95:
c6:05:5b:c8:e3:ca:67:53:0d:fb:f0:e6:87:9b:de:7f:f4:36:
48:cd:2c:9a:27:03:be:3d:2c:ce:eb:3d:b8:1d:de:c7:be:2b:
ca:4c:c6:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYw1A5ACxv1ljQNTZ5akxDihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YWE5Y2FkZTkzYmU2YmE3YzhhYmIzMjM4MzE4MDc2MzE3
ZDYwN2QwHhcNMjMxMjA0MTMyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ1Y2M2MTA4YzNmZDYyM2U4MmY5ZmNiMzMwMWZhNjkwMTgzN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5bNO0iJf8opFOzGxq049iaPsuXL
mcaIp/msjsUsAEYkW+lvbR3Jxh0bkZosA18iJNLUPXvQeZ4PaVKHh+W6Pxf1gQKi
FMPcZtZ8FitODHO2Xl+OcjtYar48lHymuxzyGhXYyNmZG2M6N9SmfROb5us/rVip
cRCYRzrw/qQqYv0uKPZxXxSNbxCU4U6p3IkXLz89kWRFoIZ+FRWEAeuq7unCllEv
flrVGqXigPjIH2R1yefv8pogXORsYLAZo5expZbDKu2kUqg9dl04cjf6L4ePzp8P
+loeF5aAzdSSULyvwCvT1Wr9ZsAvWeosqOkqiefagy+y7bRtAewqax1gUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBLVzGEIw/1iPoL5/LMwH6aQGDfXMB8GA1UdIwQY
MBaAFKaqnK3pO+a6fIq7MjgxgHYxfWB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFxY3Jlazc1cnA4aXJzeU9ER0FkakY5WUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hOTcwYzYtYzExOC00NTJlLWE1NmYt
ZWM0NjdmYTg2MzZlLzEvRXRYTVlRakRfV0ktZ3ZuOHN6QWZwcEFZTjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hOTcwYzYtYzExOC00NTJlLWE1NmYtZWM0NjdmYTg2MzZl
LzEvcHFxY3Jlazc1cnA4aXJzeU9ER0FkakY5WUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLUIUAwQC
LZB4AwQCwjXAMA0EAgACMAcDBQMqCWDAMA0GCSqGSIb3DQEBCwUAA4IBAQCOPAMT
kvvN0AXUEykhY1OokR370/vC8GPal2Se5wDb4xRi1ea2dnc2Yzfay2YisEkcy0H8
n92dhOAJOKOO3M2M1riVvNrj4HWsNQy33/s06Fs9GxOrNe4Ky7vr732xCSpx9CJt
QBl9vjwRTbLOlfTDsFkS7+kYoaLXu3iiyyBCg6UTYqJLL7BUn+ehai+FgxRz+oFT
YvkVV9XzMi1CNScen4F1N5XToTqWJJozRuTICFqeu3l87N/m/m3q/MJkmdLwS8Kn
U9wQeJp9XPlUTSr9To8+HRgZWJXGBVvI48pnUw378OaHm95/9DZIzSyaJwO+PSzO
6z24Hd7HvivKTMZ5
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net