Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ob8PZTtiPKD-90diWgmdZO-YD14.roa
File: ob8PZTtiPKD-90diWgmdZO-YD14.roa (raw, json)
Hash identifier: rmPAA5JfMapFlYY4sfFG568TBv2PdLaTktjjJnruIX4=
Subject key identifier: A1:BF:0F:65:3B:62:3C:A0:FE:F7:47:62:5A:09:9D:64:EF:98:0F:5E
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 018B18CAF378FB1FE7D8DFAD05880F7DC872
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ob8PZTtiPKD-90diWgmdZO-YD14.roa
Signing time: Tue 10 Oct 2023 08:53:55 +0000
ROA not before: Tue 10 Oct 2023 08:53:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21309
IP address blocks: 213.174.160.0/19 maxlen: 19
213.174.160.0/21 maxlen: 21
213.174.160.0/20 maxlen: 20
213.174.168.0/21 maxlen: 21
213.174.176.0/21 maxlen: 21
213.174.176.0/20 maxlen: 20
213.174.184.0/21 maxlen: 21
185.123.9.0/24 maxlen: 24
185.123.8.0/24 maxlen: 24
185.123.8.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:ca:f3:78:fb:1f:e7:d8:df:ad:05:88:0f:7d:c8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Oct 10 08:53:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1bf0f653b623ca0fef747625a099d64ef980f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6e:ac:79:59:31:07:7e:41:3e:5f:81:69:44:
6f:ba:ad:80:45:eb:7c:4c:ef:33:21:de:06:f0:05:
a8:c3:a1:fe:cc:ba:22:65:1d:17:3a:34:f6:c9:15:
aa:bb:3e:d2:d7:a1:12:01:f7:85:50:12:a2:0d:f6:
67:ea:20:14:b1:31:e1:23:7a:34:32:ef:39:f3:32:
f6:fb:21:b5:82:8e:0a:f6:57:54:0d:15:63:97:23:
c2:5a:05:7f:a7:d0:8c:4c:7f:db:17:44:0d:bb:28:
ba:83:bb:bf:68:29:7e:f4:4f:00:cb:eb:73:b0:b3:
c0:e3:47:e5:24:36:d6:ea:7e:b7:1f:35:5f:81:fd:
34:25:77:d8:11:67:c6:25:b6:c9:58:e0:9b:25:a9:
ba:ec:ce:12:ae:d1:94:0b:5b:99:ab:b2:cf:79:ff:
f7:67:14:7c:c7:6a:dd:53:9c:52:73:dd:53:44:67:
ec:51:9f:65:be:48:ab:5c:bf:1c:98:37:19:3d:da:
00:21:5d:18:da:97:23:9b:d2:55:1d:47:dd:e3:26:
1d:d6:11:84:45:80:2f:5e:42:55:bf:3a:89:98:5b:
3f:1f:43:8c:8b:2a:83:99:22:97:e2:9f:70:ee:c7:
32:2d:d7:f1:c1:a5:09:a8:61:5b:f0:08:fb:46:22:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BF:0F:65:3B:62:3C:A0:FE:F7:47:62:5A:09:9D:64:EF:98:0F:5E
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ob8PZTtiPKD-90diWgmdZO-YD14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.8.0/22
213.174.160.0/19
Signature Algorithm: sha256WithRSAEncryption
34:be:15:4a:bf:bb:07:9c:3b:34:b2:10:9e:f2:c6:42:9f:bc:
67:cd:a5:ec:c2:7f:dd:73:6e:5a:07:db:d9:61:be:43:cf:ba:
28:ab:62:57:80:2e:3b:81:7b:8f:7d:55:3c:98:2b:98:2a:ae:
f7:07:06:ab:e0:9a:81:1c:44:1e:bd:9a:25:46:0d:13:70:9a:
ac:1d:45:d6:af:c6:0c:e1:40:1a:db:cc:25:13:ca:72:ce:df:
4c:54:71:4c:19:01:66:0f:3a:e2:cd:59:2b:16:3a:8a:e5:21:
ec:a2:8f:5b:be:b2:4c:f4:8c:b5:86:e4:3e:02:3f:b1:33:20:
2a:68:7c:4d:23:7c:c6:10:0e:cc:12:01:a0:17:68:b1:ac:60:
31:1d:6e:37:8c:6c:98:6a:23:eb:fb:b7:dd:7b:b9:f1:16:95:
f4:54:11:24:99:a5:d6:46:5d:ff:38:da:c8:cf:19:9e:ce:cb:
0f:75:d3:65:24:78:a1:13:38:3d:3c:12:5b:fa:e4:c6:6f:cc:
cb:2c:8a:ca:d0:cb:85:17:b9:46:bb:b3:ae:49:50:9a:c7:97:
53:e1:dd:42:74:78:6b:fe:48:c7:a5:25:8f:39:87:7d:de:29:
f9:48:f9:3f:47:21:eb:90:75:5c:4b:af:10:05:91:36:f9:85:
5d:bd:fc:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsYyvN4+x/n2N+tBYgPfchyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjMxMDEwMDg1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJmMGY2NTNiNjIzY2EwZmVmNzQ3NjI1YTA5OWQ2NGVmOTgwZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m6seVkxB35BPl+BaURvuq2ARet8
TO8zId4G8AWow6H+zLoiZR0XOjT2yRWquz7S16ESAfeFUBKiDfZn6iAUsTHhI3o0
Mu858zL2+yG1go4K9ldUDRVjlyPCWgV/p9CMTH/bF0QNuyi6g7u/aCl+9E8Ay+tz
sLPA40flJDbW6n63HzVfgf00JXfYEWfGJbbJWOCbJam67M4SrtGUC1uZq7LPef/3
ZxR8x2rdU5xSc91TRGfsUZ9lvkirXL8cmDcZPdoAIV0Y2pcjm9JVHUfd4yYd1hGE
RYAvXkJVvzqJmFs/H0OMiyqDmSKX4p9w7scyLdfxwaUJqGFb8Aj7RiJ0LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKG/D2U7Yjyg/vdHYloJnWTvmA9eMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvb2I4UFpUdGlQS0QtOTBkaVdnbWRaTy1ZRDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXsIAwQF
1a6gMA0GCSqGSIb3DQEBCwUAA4IBAQA0vhVKv7sHnDs0shCe8sZCn7xnzaXswn/d
c25aB9vZYb5Dz7ooq2JXgC47gXuPfVU8mCuYKq73Bwar4JqBHEQevZolRg0TcJqs
HUXWr8YM4UAa28wlE8pyzt9MVHFMGQFmDzrizVkrFjqK5SHsoo9bvrJM9Iy1huQ+
Aj+xMyAqaHxNI3zGEA7MEgGgF2ixrGAxHW43jGyYaiPr+7fde7nxFpX0VBEkmaXW
Rl3/ONrIzxmezssPddNlJHihEzg9PBJb+uTGb8zLLIrK0MuFF7lGu7OuSVCax5dT
4d1CdHhr/kjHpSWPOYd93in5SPk/RyHrkHVcS68QBZE2+YVdvfyt
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net