Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/04-VcvN7jYVb8hvK7CuhPmW6l5s.roa
File: 04-VcvN7jYVb8hvK7CuhPmW6l5s.roa (raw, json)
Hash identifier: uXYy7Mgj75ArCGXh4dOhskZpmLjPuA9GV6s2SblHYkE=
Subject key identifier: D3:8F:95:72:F3:7B:8D:85:5B:F2:1B:CA:EC:2B:A1:3E:65:BA:97:9B
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 01890219E25324A1C1A922FC9689502EEAC3
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/04-VcvN7jYVb8hvK7CuhPmW6l5s.roa
Signing time: Wed 28 Jun 2023 13:03:18 +0000
ROA not before: Wed 28 Jun 2023 13:03:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 94.237.4.0/22 maxlen: 22
94.237.2.0/23 maxlen: 23
94.237.8.0/21 maxlen: 21
5.22.208.0/21 maxlen: 21
185.26.48.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
185.70.196.0/22 maxlen: 22
94.237.126.0/24 maxlen: 24
194.62.96.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
83.136.248.0/21 maxlen: 21
95.111.192.0/20 maxlen: 20
80.69.172.0/22 maxlen: 22
2a04:3546::/32 maxlen: 32
2a04:3545::/32 maxlen: 32
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3544::/32 maxlen: 32
2a04:3540::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:19:e2:53:24:a1:c1:a9:22:fc:96:89:50:2e:ea:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 28 13:03:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d38f9572f37b8d855bf21bcaec2ba13e65ba979b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:48:d7:46:e6:4f:f2:a9:fc:87:2e:3c:8e:
ab:0e:85:88:bb:c5:a4:73:ad:09:12:b2:aa:0c:0d:
da:fa:66:e1:5b:7f:b1:5e:48:c2:2d:26:af:7e:86:
90:ea:14:a7:b4:e0:1e:36:40:10:15:37:63:71:4c:
7c:89:21:c0:15:3e:9e:97:cd:15:8e:6e:39:86:d7:
33:8d:a5:a9:72:2f:5e:af:5b:78:f7:5b:01:fc:12:
59:4c:4d:43:d0:40:b6:47:62:f6:e6:b2:55:49:dc:
35:8c:0a:a9:f4:c7:b6:cb:da:61:e5:fe:60:a7:42:
db:81:72:03:e2:72:07:04:6d:24:d3:89:9e:8d:35:
36:10:c9:03:6d:9f:2b:38:a7:4a:a2:10:1d:32:9d:
7f:5d:7a:09:e7:9a:53:d5:00:2d:14:b1:bf:c8:69:
4d:07:bf:5f:8e:9a:cb:6c:bb:51:65:46:80:cf:21:
38:31:d0:16:cf:12:97:f4:1d:e4:39:42:ea:64:92:
dc:ea:7c:3d:cd:f1:b1:dc:db:36:a7:c7:af:12:8a:
8a:5b:8e:f0:ae:5f:37:a9:b0:34:b9:57:0a:db:ca:
db:4f:f1:95:e7:7d:a0:d8:1e:4c:eb:6e:9d:69:8f:
49:ec:a3:68:5d:bc:c3:f1:6a:01:9a:61:87:b3:1d:
13:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8F:95:72:F3:7B:8D:85:5B:F2:1B:CA:EC:2B:A1:3E:65:BA:97:9B
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/04-VcvN7jYVb8hvK7CuhPmW6l5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
94.237.2.0-94.237.47.255
94.237.104.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:7e:42:eb:20:e5:93:24:ea:0b:aa:52:1a:1a:c9:85:7d:66:
18:04:db:d0:83:e5:36:ae:c8:c5:45:d3:71:0d:69:01:10:b7:
d3:da:3e:10:6d:44:30:47:5c:3f:53:61:d5:ed:1f:90:6b:97:
58:e8:c1:9d:2e:47:07:1c:20:c4:69:40:54:a8:a8:7f:84:82:
99:fa:16:74:fc:1e:2d:a7:5f:ab:8b:24:d3:c7:e4:5a:42:f9:
21:40:04:81:72:90:2a:c5:15:3b:74:ff:ca:b0:4c:2a:d8:39:
fd:97:e7:12:8c:9c:6e:41:bb:35:98:bd:65:72:65:de:96:d8:
8b:3a:ff:b0:39:f4:be:cd:b2:2f:ff:bb:e9:a7:4c:0c:fd:d0:
80:1c:7b:70:97:ed:5a:d5:d5:6f:4f:ea:38:53:39:69:53:c9:
ef:7a:24:a1:b4:4e:8c:78:34:cb:85:1d:2e:a2:63:88:a3:c8:
30:f8:2e:31:e6:50:4e:df:f8:a0:62:c6:5b:db:68:e3:56:33:
2f:46:53:7a:33:c0:a9:fd:6c:ba:d9:57:96:38:0e:62:7c:6d:
5e:bf:91:7b:d7:b1:f6:e2:e6:ca:a2:50:82:35:46:2f:39:92:
d9:4b:e6:9a:3c:2f:5a:1c:fc:46:f9:c8:9a:3b:68:4f:e0:b3:
94:7d:01:4c
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYkCGeJTJKHBqSL8lolQLurDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjI4MTMwMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhmOTU3MmYzN2I4ZDg1NWJmMjFiY2FlYzJiYTEzZTY1YmE5NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1VI10bmT/Kp/IcuPI6rDoWIu8Wk
c60JErKqDA3a+mbhW3+xXkjCLSavfoaQ6hSntOAeNkAQFTdjcUx8iSHAFT6el80V
jm45htczjaWpci9er1t491sB/BJZTE1D0EC2R2L25rJVSdw1jAqp9Me2y9ph5f5g
p0LbgXID4nIHBG0k04mejTU2EMkDbZ8rOKdKohAdMp1/XXoJ55pT1QAtFLG/yGlN
B79fjprLbLtRZUaAzyE4MdAWzxKX9B3kOULqZJLc6nw9zfGx3Ns2p8evEoqKW47w
rl83qbA0uVcK28rbT/GV532g2B5M626daY9J7KNoXbzD8WoBmmGHsx0TWwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFNOPlXLze42FW/IbyuwroT5lupebMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvMDQtVmN2TjdqWVZiOGh2SzdDdWhQbVc2bDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYAQCAAEwWgMEBAUW0AME
AlBFrAMEA1OI+DAMAwQBXu0CAwQEXu0gMAwDBANe7WgDBABe7X4wDAMEBl9vwAME
Al9v0AMEA19v2AMEArkUiAMEArkaMAMEArlGxAMEAsI+YDAWBAIAAjAQMA4DBQYq
BDVAAwUAKgQ1RjANBgkqhkiG9w0BAQsFAAOCAQEAb35C6yDlkyTqC6pSGhrJhX1m
GATb0IPlNq7IxUXTcQ1pARC309o+EG1EMEdcP1Nh1e0fkGuXWOjBnS5HBxwgxGlA
VKiof4SCmfoWdPweLadfq4sk08fkWkL5IUAEgXKQKsUVO3T/yrBMKtg5/ZfnEoyc
bkG7NZi9ZXJl3pbYizr/sDn0vs2yL/+76adMDP3QgBx7cJftWtXVb0/qOFM5aVPJ
73okobROjHg0y4UdLqJjiKPIMPguMeZQTt/4oGLGW9to41YzL0ZTejPAqf1sutlX
ljgOYnxtXr+Re9ex9uLmyqJQgjVGLzmS2UvmmjwvWhz8RvnImjtoT+CzlH0BTA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:41 2023 by rpki-client on console.sobornost.net