Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/l0Q1UOs6qjlfRcb0yOdKEZlUYCg.roa
File: l0Q1UOs6qjlfRcb0yOdKEZlUYCg.roa (raw, json)
Hash identifier: hBWn+5Tc3ZJqbgddVHnHNftoV63bx7/iq8ThLTGo9bI=
Subject key identifier: 97:44:35:50:EB:3A:AA:39:5F:45:C6:F4:C8:E7:4A:11:99:54:60:28
Certificate issuer: /CN=4833d1b845b733ea7e81c11f9da8c54a21544134
Certificate serial: 018570675861ED50CD93159774A9F048285C
Authority key identifier: 48:33:D1:B8:45:B7:33:EA:7E:81:C1:1F:9D:A8:C5:4A:21:54:41:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SDPRuEW3M-p-gcEfnajFSiFUQTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/l0Q1UOs6qjlfRcb0yOdKEZlUYCg.roa
Signing time: Mon 02 Jan 2023 02:54:59 +0000
ROA not before: Mon 02 Jan 2023 02:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60277
IP address blocks: 185.190.204.0/22 maxlen: 22
193.57.206.0/23 maxlen: 23
185.32.252.0/22 maxlen: 22
193.57.216.0/23 maxlen: 23
2a00:ca20::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:58:61:ed:50:cd:93:15:97:74:a9:f0:48:28:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4833d1b845b733ea7e81c11f9da8c54a21544134
Validity
Not Before: Jan 2 02:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97443550eb3aaa395f45c6f4c8e74a1199546028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:85:83:f4:0e:f7:87:50:08:cc:c0:ec:ca:
56:8d:1c:99:32:b3:6f:00:e0:d4:2b:78:1c:e6:ed:
8c:63:22:65:35:43:c2:cd:f2:72:e6:f2:69:20:74:
b0:01:39:d2:c7:a4:f8:3c:64:da:ff:20:79:dc:bf:
d8:38:33:57:53:15:d1:6e:56:2f:a6:e5:a5:7c:68:
63:74:62:03:88:36:3c:36:88:c1:92:90:6c:ba:48:
f4:80:64:1d:7f:21:03:b9:5f:8f:68:e8:26:6f:3b:
b3:27:fa:a1:5b:5e:0b:31:d1:93:51:a5:54:64:f8:
d1:06:dd:6f:c5:db:92:c7:28:ce:29:5a:ce:54:e8:
69:aa:5a:c1:6b:44:39:b5:a0:e1:5e:f8:29:02:5b:
66:3f:b5:88:01:e1:c4:75:ca:6d:2d:2a:9d:f6:a8:
6c:13:26:2a:6b:74:99:5a:39:68:84:0d:33:f6:70:
3b:27:01:f4:cc:72:8b:a0:54:8b:b5:d1:2f:0a:33:
52:f5:cf:ef:0a:e6:c6:34:07:ba:cc:a8:6f:ed:72:
d3:18:48:65:ed:3e:4a:0f:7e:fa:b5:e8:f8:36:f3:
21:4b:3e:79:9e:83:1d:13:07:99:04:83:c7:ca:a7:
9e:dc:6c:0e:74:d0:ba:4b:30:94:35:cb:ab:fe:2a:
08:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:44:35:50:EB:3A:AA:39:5F:45:C6:F4:C8:E7:4A:11:99:54:60:28
X509v3 Authority Key Identifier:
keyid:48:33:D1:B8:45:B7:33:EA:7E:81:C1:1F:9D:A8:C5:4A:21:54:41:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDPRuEW3M-p-gcEfnajFSiFUQTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/l0Q1UOs6qjlfRcb0yOdKEZlUYCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/SDPRuEW3M-p-gcEfnajFSiFUQTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.252.0/22
185.190.204.0/22
193.57.206.0/23
193.57.216.0/23
IPv6:
2a00:ca20::/29
Signature Algorithm: sha256WithRSAEncryption
39:5a:64:32:72:37:ed:34:39:4d:7d:5c:44:ff:b5:28:e3:34:
04:01:8b:a4:e1:53:32:1c:fd:25:45:7b:c7:a8:f1:bd:5c:b6:
1a:37:c7:25:a5:03:7c:ce:49:4e:7a:9b:5b:48:f6:38:46:b4:
a8:68:d1:e9:1c:7b:8d:c2:08:53:e8:88:0a:62:3e:e5:36:9d:
9a:91:09:23:c6:0f:09:c5:04:23:39:8e:fb:64:06:e1:37:a7:
6c:34:55:07:3c:0e:4b:46:7b:14:e7:06:3b:78:aa:6d:81:fe:
d6:da:d6:45:cf:1f:3a:ed:5e:e5:60:e4:bb:8f:a2:6e:01:5e:
aa:04:4e:17:35:17:5b:b9:6f:39:2a:5f:73:ec:f8:a9:fd:00:
e4:e0:fa:9d:a2:09:ff:cb:1b:ff:de:f5:54:39:4a:2c:8a:51:
84:66:88:8a:a5:e0:bc:c5:86:3a:1b:f0:80:5f:85:31:0b:28:
68:c0:00:b4:11:59:34:6b:23:63:ca:6d:99:34:a9:cc:34:bb:
4b:99:fd:5e:fa:52:f9:79:e0:d5:fe:ee:38:4d:73:fa:e1:8a:
a3:f8:47:de:9c:0c:16:22:06:fd:6b:9f:d5:2d:39:5f:79:43:
be:6b:12:44:c7:42:ff:6e:1a:0e:26:85:ee:c0:76:bd:b6:4a:
73:58:33:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwZ1hh7VDNkxWXdKnwSChcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MzNkMWI4NDViNzMzZWE3ZTgxYzExZjlkYThjNTRhMjE1
NDQxMzQwHhcNMjMwMTAyMDI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQ0MzU1MGViM2FhYTM5NWY0NWM2ZjRjOGU3NGExMTk5NTQ2MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPmFg/QO94dQCMzA7MpWjRyZMrNv
AODUK3gc5u2MYyJlNUPCzfJy5vJpIHSwATnSx6T4PGTa/yB53L/YODNXUxXRblYv
puWlfGhjdGIDiDY8NojBkpBsukj0gGQdfyEDuV+PaOgmbzuzJ/qhW14LMdGTUaVU
ZPjRBt1vxduSxyjOKVrOVOhpqlrBa0Q5taDhXvgpAltmP7WIAeHEdcptLSqd9qhs
EyYqa3SZWjlohA0z9nA7JwH0zHKLoFSLtdEvCjNS9c/vCubGNAe6zKhv7XLTGEhl
7T5KD376tej4NvMhSz55noMdEweZBIPHyqee3GwOdNC6SzCUNcur/ioIBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJdENVDrOqo5X0XG9MjnShGZVGAoMB8GA1UdIwQY
MBaAFEgz0bhFtzPqfoHBH52oxUohVEE0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0RQUnVFVzNNLXAtZ2NFZm5hakZTaUZVUVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82YzZmODYtZDM3OC00Nzk2LWFjZTMt
MjYxZjNlYzg0ZjJjLzEvbDBRMVVPczZxamxmUmNiMHlPZEtFWmxVWUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82YzZmODYtZDM3OC00Nzk2LWFjZTMtMjYxZjNlYzg0ZjJj
LzEvU0RQUnVFVzNNLXAtZ2NFZm5hakZTaUZVUVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSD8AwQC
ub7MAwQBwTnOAwQBwTnYMA0EAgACMAcDBQMqAMogMA0GCSqGSIb3DQEBCwUAA4IB
AQA5WmQycjftNDlNfVxE/7Uo4zQEAYuk4VMyHP0lRXvHqPG9XLYaN8clpQN8zklO
eptbSPY4RrSoaNHpHHuNwghT6IgKYj7lNp2akQkjxg8JxQQjOY77ZAbhN6dsNFUH
PA5LRnsU5wY7eKptgf7W2tZFzx867V7lYOS7j6JuAV6qBE4XNRdbuW85Kl9z7Pip
/QDk4Pqdogn/yxv/3vVUOUosilGEZoiKpeC8xYY6G/CAX4UxCyhowAC0EVk0ayNj
ym2ZNKnMNLtLmf1e+lL5eeDV/u44TXP64Yqj+EfenAwWIgb9a5/VLTlfeUO+axJE
x0L/bhoOJoXuwHa9tkpzWDM9
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:03 2024 by rpki-client on console.sobornost.net