Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/uyaxcwTEJr3TLbvXyQeIXk7Das0.roa
File: uyaxcwTEJr3TLbvXyQeIXk7Das0.roa (raw, json)
Hash identifier: H3wlw6WcxK2oEbOsbGXagdSnUuVI2Q0qLiV7i3/DCd0=
Subject key identifier: BB:26:B1:73:04:C4:26:BD:D3:2D:BB:D7:C9:07:88:5E:4E:C3:6A:CD
Certificate issuer: /CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Certificate serial: 01856D01AB162FC7DB1302155F9F578BC0D4
Authority key identifier: 99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/uyaxcwTEJr3TLbvXyQeIXk7Das0.roa
Signing time: Sun 01 Jan 2023 11:05:03 +0000
ROA not before: Sun 01 Jan 2023 11:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12361
IP address blocks: 195.97.52.0/24 maxlen: 24
62.74.128.0/17 maxlen: 17
77.69.38.0/24 maxlen: 24
213.249.32.0/19 maxlen: 19
62.74.0.0/17 maxlen: 22
62.74.0.0/16 maxlen: 24
213.249.59.0/24 maxlen: 24
195.46.0.0/19 maxlen: 24
195.46.0.0/20 maxlen: 20
185.158.220.0/22 maxlen: 22
185.158.220.0/23 maxlen: 23
185.158.222.0/23 maxlen: 23
213.249.0.0/18 maxlen: 18
213.249.0.0/19 maxlen: 19
195.46.16.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:ab:16:2f:c7:db:13:02:15:5f:9f:57:8b:c0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Validity
Not Before: Jan 1 11:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb26b17304c426bdd32dbbd7c907885e4ec36acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:9f:f4:78:10:01:fe:b8:55:b8:8d:fa:21:
4b:31:3b:c1:9a:b0:9f:1d:a1:3b:4b:50:b7:d5:f8:
b7:e2:4c:2f:31:ce:00:c4:a1:05:0a:10:91:5d:9e:
ce:ea:77:c1:b2:82:8c:67:b1:8b:be:8b:33:b3:3b:
f0:1f:dd:72:70:3c:86:52:c3:cd:4b:1c:fc:bd:64:
51:90:d1:0d:ac:22:3d:9c:a0:9f:bd:b3:6d:a1:71:
ed:4d:d1:9e:4a:f1:be:05:2d:4e:4c:8e:2a:27:3b:
f7:8e:79:50:e9:42:cc:1a:a0:f0:88:e9:2e:ee:fa:
28:6f:da:88:af:44:82:07:bf:f4:09:f2:3a:77:ac:
56:0f:71:ce:a1:32:69:ec:a2:a6:ef:71:fc:fa:03:
60:40:1f:62:de:b7:96:15:58:a4:7b:1d:82:4e:ae:
dd:81:32:22:ec:3d:bf:f8:2c:42:17:57:f1:75:11:
b2:e0:54:b4:c9:0a:e8:13:47:f1:a2:f5:24:7e:4f:
fb:32:43:2a:ba:fb:f7:04:34:98:d6:7f:50:15:44:
fa:41:8a:41:40:c2:12:9e:31:51:22:4f:20:b3:e4:
57:66:bb:5a:fc:95:9e:6d:53:04:ba:28:21:cc:bb:
b1:d9:5f:43:78:4c:ae:17:f2:e1:84:b4:8f:03:72:
e5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:26:B1:73:04:C4:26:BD:D3:2D:BB:D7:C9:07:88:5E:4E:C3:6A:CD
X509v3 Authority Key Identifier:
keyid:99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/uyaxcwTEJr3TLbvXyQeIXk7Das0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.74.0.0/16
77.69.38.0/24
185.158.220.0/22
195.46.0.0/19
195.97.52.0/24
213.249.0.0/18
Signature Algorithm: sha256WithRSAEncryption
60:0a:e0:e2:f2:f5:54:84:5d:66:d6:41:c7:be:9c:97:9d:78:
c9:2a:0b:6a:53:8d:92:b9:cf:08:9a:22:9a:6f:f1:b9:f0:53:
c7:8b:9b:3d:e5:14:bb:51:fb:37:4f:97:a3:46:17:af:94:55:
98:7a:d0:be:4b:e0:26:24:a6:3d:71:6c:ae:8c:eb:a2:ef:45:
33:01:3a:13:24:c3:c5:de:45:57:0e:9d:2e:1d:c7:d9:eb:c7:
54:46:a1:34:3b:9c:cf:48:24:6e:df:5f:7d:89:95:4d:60:d4:
5b:56:ae:5f:4d:1c:7b:1f:03:31:16:bc:47:f7:2a:1e:2e:c7:
aa:14:0a:c3:9c:91:12:3a:a3:ee:cf:16:4d:f8:18:57:2f:4f:
00:c7:6b:da:32:ed:5d:a7:98:f1:ef:4d:f3:58:56:5a:66:33:
67:7b:de:c6:b6:a6:55:1a:17:85:5c:09:a1:95:fd:45:2e:30:
a4:70:9d:0f:ad:a5:6b:08:7c:04:14:55:93:6f:94:0b:f6:a9:
32:88:0e:66:a6:ec:5a:cf:07:16:87:15:02:00:44:5f:4a:c0:
cb:fe:e5:1e:8d:dc:a3:3b:d2:71:d0:78:c4:b7:d4:b1:eb:84:
13:a2:5b:15:d4:76:ef:54:1c:56:07:14:a0:6a:c5:e8:26:b0:
0a:38:82:26
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtAasWL8fbEwIVX59Xi8DUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NTVjNWE3MTM3ZWI1ZDQ3ZWEyNGUxN2QyN2ZhOTJkMGI0
MmZiZDgwHhcNMjMwMTAxMTEwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjI2YjE3MzA0YzQyNmJkZDMyZGJiZDdjOTA3ODg1ZTRlYzM2YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu+f9HgQAf64VbiN+iFLMTvBmrCf
HaE7S1C31fi34kwvMc4AxKEFChCRXZ7O6nfBsoKMZ7GLvoszszvwH91ycDyGUsPN
Sxz8vWRRkNENrCI9nKCfvbNtoXHtTdGeSvG+BS1OTI4qJzv3jnlQ6ULMGqDwiOku
7voob9qIr0SCB7/0CfI6d6xWD3HOoTJp7KKm73H8+gNgQB9i3reWFVikex2CTq7d
gTIi7D2/+CxCF1fxdRGy4FS0yQroE0fxovUkfk/7MkMquvv3BDSY1n9QFUT6QYpB
QMISnjFRIk8gs+RXZrta/JWebVMEuighzLux2V9DeEyuF/LhhLSPA3LlUwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLsmsXMExCa90y2718kHiF5Ow2rNMB8GA1UdIwQY
MBaAFJlVxacTfrXUfqJOF9J/qS0LQvvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVZYRnB4Ti10ZFItb2s0WDBuLXBMUXRDLTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy85NDUzYTAtZTY1NS00ODBlLWI2YTkt
ZTM5NTI0ZTdhNmVkLzEvdXlheGN3VEVKcjNUTGJ2WHlRZUlYazdEYXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy85NDUzYTAtZTY1NS00ODBlLWI2YTktZTM5NTI0ZTdhNmVk
LzEvbVZYRnB4Ti10ZFItb2s0WDBuLXBMUXRDLTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwMAPkoDBABN
RSYDBAK5ntwDBAXDLgADBADDYTQDBAbV+QAwDQYJKoZIhvcNAQELBQADggEBAGAK
4OLy9VSEXWbWQce+nJedeMkqC2pTjZK5zwiaIppv8bnwU8eLmz3lFLtR+zdPl6NG
F6+UVZh60L5L4CYkpj1xbK6M66LvRTMBOhMkw8XeRVcOnS4dx9nrx1RGoTQ7nM9I
JG7fX32JlU1g1FtWrl9NHHsfAzEWvEf3Kh4ux6oUCsOckRI6o+7PFk34GFcvTwDH
a9oy7V2nmPHvTfNYVlpmM2d73sa2plUaF4VcCaGV/UUuMKRwnQ+tpWsIfAQUVZNv
lAv2qTKIDmam7FrPBxaHFQIARF9KwMv+5R6N3KM70nHQeMS31LHrhBOiWxXUdu9U
HFYHFKBqxegmsAo4giY=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:33 2023 by rpki-client on console.sobornost.net