Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/KzoHifOm9RJRNbuCkW-e31tRcow.roa
File: KzoHifOm9RJRNbuCkW-e31tRcow.roa (raw, json)
Hash identifier: ozk4Qa54MHKFtX68Of5oOpwDaTcrFmo6K5I9Fik/Kcg=
Subject key identifier: 2B:3A:07:89:F3:A6:F5:12:51:35:BB:82:91:6F:9E:DF:5B:51:72:8C
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 018E136E5349F89DF63D4E514104C6FE194E
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/KzoHifOm9RJRNbuCkW-e31tRcow.roa
Signing time: Wed 06 Mar 2024 11:03:01 +0000
ROA not before: Wed 06 Mar 2024 11:03:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
5.182.47.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Mar 2024 11:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:6e:53:49:f8:9d:f6:3d:4e:51:41:04:c6:fe:19:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Mar 6 11:03:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3a0789f3a6f5125135bb82916f9edf5b51728c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5c:04:7d:bd:de:65:a9:5f:26:99:31:99:80:
e6:5c:66:f5:04:4e:92:6e:0d:b5:fb:a1:49:cb:de:
38:4f:bb:c7:e3:94:96:1d:a4:d6:19:c3:d5:82:09:
0b:22:1b:b5:93:00:6c:85:78:b4:84:de:e3:0d:bb:
50:1e:a7:58:cc:d6:77:f7:6d:ce:da:e0:aa:bb:e2:
d4:3f:fe:4a:4a:4a:4c:56:42:40:e5:19:3e:80:7e:
04:c6:64:a4:95:d1:54:1e:c9:67:c6:95:f4:3a:b8:
a6:06:87:55:0d:2f:e0:99:3a:cc:48:f7:9e:51:37:
13:3e:72:b5:b2:f4:5a:d1:95:9f:20:68:17:7a:b0:
a5:ee:be:69:f4:2e:30:e4:dd:73:29:cb:13:c2:e9:
5a:8a:51:c8:12:9c:b3:ea:b6:9c:e2:d2:72:52:e7:
bf:21:fb:c3:a8:2d:0b:0d:94:44:73:c4:aa:42:40:
c8:86:c7:71:61:b1:5c:03:00:56:35:08:82:47:9c:
29:7c:d6:90:87:be:a3:33:d6:c4:4e:45:b0:ab:a0:
d1:3c:5c:bd:cd:6b:ee:98:91:89:80:9a:a2:ea:2e:
29:a6:cd:64:14:14:b1:d8:54:f5:2e:3f:f6:bb:0f:
35:a9:c5:72:99:7a:68:f0:ce:21:68:7a:27:63:a5:
cf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3A:07:89:F3:A6:F5:12:51:35:BB:82:91:6F:9E:DF:5B:51:72:8C
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/KzoHifOm9RJRNbuCkW-e31tRcow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0/22
45.159.112.0/22
62.3.42.0/24
85.208.253.0-85.208.255.255
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/48
2a05:ab80:100::/48
Signature Algorithm: sha256WithRSAEncryption
2a:9b:a1:15:53:76:d5:45:f5:46:86:fa:53:77:9b:59:bc:a5:
d2:41:43:9c:94:a8:7e:ec:5c:8c:5d:86:a5:d1:a5:9a:f8:d5:
86:3d:e4:5d:69:c7:26:ce:57:69:16:89:a5:29:e9:eb:05:25:
17:a7:1e:38:64:7d:9b:64:2c:07:36:22:ed:8b:c5:9f:e9:b6:
27:f3:0a:e5:88:69:66:b9:d3:fd:59:62:35:9e:46:9d:8b:de:
22:2b:88:4b:ed:b8:c2:bb:07:5c:07:6f:1c:34:eb:be:09:13:
35:e4:6d:30:f1:cf:59:56:c1:4b:95:ae:32:e0:48:dc:0f:a1:
4e:04:19:8a:22:0b:8e:72:ad:a9:ed:8f:17:c8:f8:14:0e:14:
34:ff:88:5d:fb:c9:02:2a:a1:77:45:d1:dc:f7:13:16:79:16:
99:2b:48:87:a7:c9:75:9b:4f:93:10:c6:11:2c:14:4f:cb:54:
e2:6b:28:f4:31:e7:ac:02:df:9b:9e:70:65:4f:b3:f7:23:82:
a1:32:a1:f8:28:73:86:e8:11:e1:ba:cf:d6:1e:49:5b:17:20:
50:72:c0:99:bf:16:05:ff:24:20:27:f9:74:af:48:6a:17:26:
62:65:5c:32:d7:c9:45:ab:1f:de:b8:7a:7e:18:47:2f:08:9b:
af:eb:63:a9
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAY4TblNJ+J32PU5RQQTG/hlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjQwMzA2MTEwMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNhMDc4OWYzYTZmNTEyNTEzNWJiODI5MTZmOWVkZjViNTE3MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VwEfb3eZalfJpkxmYDmXGb1BE6S
bg21+6FJy944T7vH45SWHaTWGcPVggkLIhu1kwBshXi0hN7jDbtQHqdYzNZ3923O
2uCqu+LUP/5KSkpMVkJA5Rk+gH4ExmSkldFUHslnxpX0OrimBodVDS/gmTrMSPee
UTcTPnK1svRa0ZWfIGgXerCl7r5p9C4w5N1zKcsTwulailHIEpyz6rac4tJyUue/
IfvDqC0LDZREc8SqQkDIhsdxYbFcAwBWNQiCR5wpfNaQh76jM9bETkWwq6DRPFy9
zWvumJGJgJqi6i4pps1kFBSx2FT1Lj/2uw81qcVymXpo8M4haHonY6XP+wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFCs6B4nzpvUSUTW7gpFvnt9bUXKMMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvS3pvSGlmT205UkpSTmJ1Q2tXLWUzMXRSY293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVwQCAAEwUQMEAgW2LAME
Ai2fcAMEAD4DKjALAwQAVdD9AwMAVdADBAK5BBwwDAMEALkyJQMEA7kyIAMEArl0
oAMEArnVpAMEArn/WAMEAcGNQAMEAcGNfjAYBAIAAjASAwcAKgWrgAAAAwcAKgWr
gAEAMA0GCSqGSIb3DQEBCwUAA4IBAQAqm6EVU3bVRfVGhvpTd5tZvKXSQUOclKh+
7FyMXYal0aWa+NWGPeRdaccmzldpFomlKenrBSUXpx44ZH2bZCwHNiLti8Wf6bYn
8wrliGlmudP9WWI1nkadi94iK4hL7bjCuwdcB28cNOu+CRM15G0w8c9ZVsFLla4y
4EjcD6FOBBmKIguOcq2p7Y8XyPgUDhQ0/4hd+8kCKqF3RdHc9xMWeRaZK0iHp8l1
m0+TEMYRLBRPy1Tiayj0MeesAt+bnnBlT7P3I4KhMqH4KHOG6BHhus/WHklbFyBQ
csCZvxYF/yQgJ/l0r0hqFyZiZVwy18lFqx/euHp+GEcvCJuv62Op
-----END CERTIFICATE-----
Generated at Wed Mar 6 18:13:32 2024 by rpki-client on console.sobornost.net