Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/JQbW5bN19-9U_hkdKwvH0xgCGkw.roa
File: JQbW5bN19-9U_hkdKwvH0xgCGkw.roa (raw, json)
Hash identifier: g4olU1QQlA+u1CSDql+RjFF9f9aYK/yI6OWdlvULqNM=
Subject key identifier: 25:06:D6:E5:B3:75:F7:EF:54:FE:19:1D:2B:0B:C7:D3:18:02:1A:4C
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0188F71D0F7BCB8358DFE54A1248823385ED
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/JQbW5bN19-9U_hkdKwvH0xgCGkw.roa
Signing time: Mon 26 Jun 2023 09:50:56 +0000
ROA not before: Mon 26 Jun 2023 09:50:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 95.111.208.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
2a04:3546::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3544::/32 maxlen: 32
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3540::/32 maxlen: 32
2a04:3543::/32 maxlen: 32
2a04:3545::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:1d:0f:7b:cb:83:58:df:e5:4a:12:48:82:33:85:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 26 09:50:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2506d6e5b375f7ef54fe191d2b0bc7d318021a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3a:92:9e:19:9d:fc:d6:40:d6:f0:39:ed:6d:
f1:44:9d:f1:ce:7a:ce:16:95:0b:38:e0:2c:c7:9c:
d7:bf:62:7c:32:42:06:79:77:96:e8:69:04:62:db:
74:02:43:c2:23:87:1a:af:33:b0:57:04:50:b5:51:
e8:78:33:c2:46:79:d2:f8:cd:3f:17:e4:50:1c:af:
f9:02:78:08:01:a8:ce:f5:3d:13:73:a0:cf:73:19:
8f:8b:41:ac:0f:27:39:39:ba:fd:d9:18:02:8e:f8:
d5:16:0f:7f:bd:b2:08:ae:de:90:e8:51:63:59:c2:
41:20:d6:fe:8b:ec:0c:08:f0:e1:66:fe:b9:1c:bf:
25:61:97:23:5c:40:2a:a6:72:91:ba:0f:ba:ca:64:
bc:57:65:22:28:42:99:fe:bf:70:cf:d2:68:dc:20:
28:89:79:66:b8:59:7a:d2:3e:ca:1c:9e:64:90:0b:
33:90:32:80:d8:58:b5:71:1e:6c:d3:06:52:6c:39:
69:dc:bd:d9:c8:d4:61:fc:aa:ac:02:9b:40:a9:75:
f2:e2:94:2c:dc:3b:e7:10:2c:ec:f9:72:49:38:38:
9e:93:d4:ad:fd:23:61:c0:92:35:ab:6e:ed:81:97:
c3:d8:bd:53:92:e1:3f:54:eb:ce:3e:c7:eb:aa:76:
41:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:06:D6:E5:B3:75:F7:EF:54:FE:19:1D:2B:0B:C7:D3:18:02:1A:4C
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/JQbW5bN19-9U_hkdKwvH0xgCGkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.208.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:e6:90:65:6c:6f:99:a1:fd:45:76:87:8d:37:2a:d5:34:b7:
22:3c:dd:1d:03:62:06:24:53:a5:7f:90:b8:84:b0:7e:97:2f:
a1:54:6a:02:ce:a1:28:53:c1:1c:17:84:2f:6a:92:6e:3a:33:
29:6f:2a:57:c8:ec:bf:4e:56:04:4a:d2:52:e8:d3:ad:2e:52:
55:13:e2:e2:b8:c8:02:9f:b4:20:ec:e6:0b:0c:46:d5:07:73:
70:b1:fc:de:c2:b5:35:eb:9d:c8:e8:02:96:2f:bb:6a:9e:dd:
be:25:04:16:a6:1d:77:aa:f3:96:15:15:25:cd:07:dc:59:d1:
38:ac:e7:77:92:75:02:33:79:7e:09:45:0e:ac:2c:77:9f:53:
92:11:b8:8b:30:43:be:66:ba:87:21:4b:28:f1:4a:7a:e4:77:
5a:86:16:56:82:51:54:2c:3e:6d:63:6b:07:bf:d5:62:c6:ba:
29:ba:5e:06:0c:84:ed:63:c3:8d:f8:d6:4a:f5:55:85:c9:96:
3a:28:7d:65:48:fa:0f:48:8f:26:a4:77:ff:fc:b9:2f:85:f4:
6a:92:02:67:20:3d:a9:c7:46:73:83:ed:8f:77:37:0a:27:80:
c4:b8:32:c1:a5:c1:01:f5:77:33:7b:ca:cd:3b:67:ca:01:d8:
d2:3c:28:f8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYj3HQ97y4NY3+VKEkiCM4XtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjI2MDk1MDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTA2ZDZlNWIzNzVmN2VmNTRmZTE5MWQyYjBiYzdkMzE4MDIxYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzqSnhmd/NZA1vA57W3xRJ3xznrO
FpULOOAsx5zXv2J8MkIGeXeW6GkEYtt0AkPCI4carzOwVwRQtVHoeDPCRnnS+M0/
F+RQHK/5AngIAajO9T0Tc6DPcxmPi0GsDyc5Obr92RgCjvjVFg9/vbIIrt6Q6FFj
WcJBINb+i+wMCPDhZv65HL8lYZcjXEAqpnKRug+6ymS8V2UiKEKZ/r9wz9Jo3CAo
iXlmuFl60j7KHJ5kkAszkDKA2Fi1cR5s0wZSbDlp3L3ZyNRh/KqsAptAqXXy4pQs
3DvnECzs+XJJODiek9St/SNhwJI1q27tgZfD2L1TkuE/VOvOPsfrqnZB8wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCUG1uWzdffvVP4ZHSsLx9MYAhpMMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvSlFiVzViTjE5LTlVX2hrZEt3dkgweGdDR2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCX2/QAwQC
uUbEAwQCwj5gMBYEAgACMBAwDgMFBioENUADBQAqBDVGMA0GCSqGSIb3DQEBCwUA
A4IBAQAs5pBlbG+Zof1FdoeNNyrVNLciPN0dA2IGJFOlf5C4hLB+ly+hVGoCzqEo
U8EcF4QvapJuOjMpbypXyOy/TlYEStJS6NOtLlJVE+LiuMgCn7Qg7OYLDEbVB3Nw
sfzewrU1653I6AKWL7tqnt2+JQQWph13qvOWFRUlzQfcWdE4rOd3knUCM3l+CUUO
rCx3n1OSEbiLMEO+ZrqHIUso8Up65HdahhZWglFULD5tY2sHv9Vixropul4GDITt
Y8ON+NZK9VWFyZY6KH1lSPoPSI8mpHf//LkvhfRqkgJnID2px0Zzg+2PdzcKJ4DE
uDLBpcEB9Xcze8rNO2fKAdjSPCj4
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:41 2023 by rpki-client on console.sobornost.net