Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/h2iVtpFkeWgEA7ekdJlg2_K6Rac.roa
File: h2iVtpFkeWgEA7ekdJlg2_K6Rac.roa (raw, json)
Hash identifier: 0wqiimD/Z3k/c6TRVLjuSEn8x/uhjYnRHrhkoQtgcCM=
Subject key identifier: 87:68:95:B6:91:64:79:68:04:03:B7:A4:74:99:60:DB:F2:BA:45:A7
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0185E32FC7AA6002B2BCD042F96AFDBD662B
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/h2iVtpFkeWgEA7ekdJlg2_K6Rac.roa
Signing time: Tue 24 Jan 2023 09:50:37 +0000
ROA not before: Tue 24 Jan 2023 09:50:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
188.72.117.0/24 maxlen: 24
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:2f:c7:aa:60:02:b2:bc:d0:42:f9:6a:fd:bd:66:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jan 24 09:50:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=876895b6916479680403b7a4749960dbf2ba45a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:40:7b:e7:2c:1b:bc:3a:1e:d2:38:06:70:e4:
d3:79:b1:21:8a:21:40:f3:d5:e7:0e:5a:66:37:2d:
6a:a9:fb:6e:d5:ec:57:a7:25:39:2b:ed:f1:0b:d3:
e4:82:cd:7e:b9:cb:23:fd:e2:8f:7b:07:03:82:79:
88:dd:d3:bf:fe:75:3e:f3:6e:54:78:d2:65:9b:08:
93:c5:3e:9a:b7:ec:6d:7d:ed:40:e0:4b:61:70:d2:
5a:99:d4:df:94:83:7e:c2:8a:9b:77:99:8b:2c:72:
90:78:05:41:f5:df:ef:59:ff:f7:39:1f:2f:d6:b6:
19:b5:3f:0a:f4:a9:cc:34:98:79:d1:9a:12:c2:b7:
76:a1:53:de:66:7b:01:b7:b0:0e:fc:0c:15:27:11:
e3:4b:d1:b0:d1:40:b9:f1:75:3f:91:e3:35:6d:f3:
d1:cd:f9:2d:aa:97:76:a5:57:6d:fe:a2:72:cf:7b:
b0:ad:c1:28:61:7a:aa:55:30:fa:43:1a:d1:1d:83:
4f:18:18:38:ea:54:b9:35:6b:6d:17:52:70:5b:c7:
8f:67:90:23:73:07:b3:b3:d8:81:91:ea:0d:b5:8e:
9e:51:6a:80:24:cd:f4:f6:6c:75:f6:22:bd:a8:7b:
13:bf:fb:50:6b:56:5d:cd:d7:e4:a2:26:65:80:a9:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:95:B6:91:64:79:68:04:03:B7:A4:74:99:60:DB:F2:BA:45:A7
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/h2iVtpFkeWgEA7ekdJlg2_K6Rac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0/24
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
7b:94:16:1e:0d:27:ac:e0:0a:58:eb:c1:f1:b0:fb:82:d0:37:
fb:20:d5:cd:f7:96:b8:ea:89:e2:77:35:27:ee:7f:08:a1:1b:
37:11:01:2d:0c:88:77:96:ec:eb:ab:d4:2f:b1:4d:4a:a7:79:
33:7d:45:8a:1c:6b:70:a1:dc:51:4c:c1:27:2c:17:27:34:88:
02:ac:85:a3:42:62:83:76:3f:08:bb:45:a0:cb:36:52:63:8d:
a4:85:e6:33:a7:d3:94:56:bf:be:3e:18:fd:8c:af:ca:ca:e1:
e3:10:97:e9:19:38:56:00:df:f8:e7:a2:ef:63:86:b9:73:a9:
07:94:54:7d:42:a3:1d:34:44:9d:d8:22:e4:23:3a:a6:c8:4b:
28:5a:a3:e9:e8:10:03:50:6a:12:3e:ae:6e:ce:38:5c:97:24:
26:04:05:86:75:2f:e2:ce:52:b4:16:1f:53:e5:e3:ee:f7:6e:
6e:36:54:6d:a8:3f:51:bc:aa:66:85:fa:7c:48:51:f6:32:d8:
2f:9c:51:e8:c3:dd:4f:4d:cc:7d:e6:94:26:5c:6e:b5:7d:52:
ce:f4:ba:c7:bf:84:fd:c6:be:9b:df:07:c3:69:e0:e6:43:c7:
6b:3a:90:11:cc:39:7d:03:61:51:ca:01:c4:54:f5:db:66:12:
98:f8:73:6c
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAYXjL8eqYAKyvNBC+Wr9vWYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjMwMTI0MDk1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4OTViNjkxNjQ3OTY4MDQwM2I3YTQ3NDk5NjBkYmYyYmE0NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUB75ywbvDoe0jgGcOTTebEhiiFA
89XnDlpmNy1qqftu1exXpyU5K+3xC9Pkgs1+ucsj/eKPewcDgnmI3dO//nU+825U
eNJlmwiTxT6at+xtfe1A4EthcNJamdTflIN+woqbd5mLLHKQeAVB9d/vWf/3OR8v
1rYZtT8K9KnMNJh50ZoSwrd2oVPeZnsBt7AO/AwVJxHjS9Gw0UC58XU/keM1bfPR
zfktqpd2pVdt/qJyz3uwrcEoYXqqVTD6QxrRHYNPGBg46lS5NWttF1JwW8ePZ5Aj
cwezs9iBkeoNtY6eUWqAJM309mx19iK9qHsTv/tQa1ZdzdfkoiZlgKkpVwIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFIdolbaRZHloBAO3pHSZYNvyukWnMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL2gyaVZ0cEZrZVdnRUE3ZWtkSmxnMl9LNlJhYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE0BggrBgEFBQcBBwEB/wSCASMwggEfMIIBDAQCAAEw
ggEEMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQA
LvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QDBANX8lgDBANX8ngDBANZ6KAD
BAJei/wwDAMEAI1llwMEAI1lmAMEAI1lyTAMAwQAsqq/AwQBsqrEAwQAsqryAwQA
vEhgMAwDBAG8SGoDBAG8SGwDBAC8SHUwDQQCAAIwBwMFAyoMK4AwDQYJKoZIhvcN
AQELBQADggEBAHuUFh4NJ6zgCljrwfGw+4LQN/sg1c33lrjqieJ3NSfufwihGzcR
AS0MiHeW7Our1C+xTUqneTN9RYoca3Ch3FFMwScsFyc0iAKshaNCYoN2Pwi7RaDL
NlJjjaSF5jOn05RWv74+GP2Mr8rK4eMQl+kZOFYA3/jnou9jhrlzqQeUVH1Cox00
RJ3YIuQjOqbISyhao+noEANQahI+rm7OOFyXJCYEBYZ1L+LOUrQWH1Pl4+73bm42
VG2oP1G8qmaF+nxIUfYy2C+cUejD3U9NzH3mlCZcbrV9Us70use/hP3GvpvfB8Np
4OZDx2s6kBHMOX0DYVHKAcRU9dtmEpj4c2w=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:42 2023 by rpki-client on console.sobornost.net