Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/jAVTHMdMkV5B8rstLSrZwEkjpKU.roa
File: jAVTHMdMkV5B8rstLSrZwEkjpKU.roa (raw, json)
Hash identifier: R028VohncxKb3ltRm96zUB0P7cJ2cT2wU68GZNmE4Q8=
Subject key identifier: 8C:05:53:1C:C7:4C:91:5E:41:F2:BB:2D:2D:2A:D9:C0:49:23:A4:A5
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082B3A6B1EC0D2DC969953BCBD48468
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/jAVTHMdMkV5B8rstLSrZwEkjpKU.roa
Signing time: Mon 02 Jan 2023 03:24:51 +0000
ROA not before: Mon 02 Jan 2023 03:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210097
IP address blocks: 82.159.153.0/24 maxlen: 24
84.124.62.0/24 maxlen: 24
62.82.51.0/24 maxlen: 24
95.39.61.0/24 maxlen: 24
5.40.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:b3:a6:b1:ec:0d:2d:c9:69:95:3b:cb:d4:84:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c05531cc74c915e41f2bb2d2d2ad9c04923a4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e0:42:fe:c3:99:bb:b4:8b:56:56:c7:bf:e8:
12:09:de:64:c2:7d:f0:3f:35:18:2a:a1:c0:99:59:
e5:cb:1f:7a:be:e6:09:5f:6e:94:b7:9f:78:bc:ad:
5c:6e:0c:c0:90:16:6f:13:65:e5:e6:74:ce:a8:4e:
80:c7:a9:e7:3a:7a:37:5e:7a:55:5e:c0:b3:44:1b:
b0:c0:60:de:3f:a8:8d:65:e7:64:e9:34:07:0e:02:
26:8d:c3:f4:a9:51:23:61:eb:9e:cc:dd:ab:f5:bc:
ae:c7:1a:05:6c:e8:2c:7c:93:89:b9:10:2d:e4:8c:
f5:6d:32:1d:db:b9:9d:8f:24:b1:c5:da:13:b4:51:
a8:09:f9:cf:58:69:59:60:52:79:cb:84:48:e3:2f:
8d:06:b9:77:9e:51:98:b0:60:60:98:0a:82:f3:ed:
40:65:9c:76:27:e9:6f:09:dd:fa:7f:d3:2b:d4:d7:
48:ac:28:bb:26:e4:08:e3:98:69:0b:92:e3:2b:7d:
74:a0:06:8c:46:39:48:40:1d:ae:c0:97:0c:e9:4b:
ef:c2:37:c1:3e:4d:49:1e:9d:e8:2c:b2:12:40:59:
44:9b:e9:9d:c0:c3:be:b1:b7:bb:c4:cb:69:92:6c:
a4:c6:d1:16:6c:bf:17:76:0a:7a:ee:33:76:c5:e3:
28:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:05:53:1C:C7:4C:91:5E:41:F2:BB:2D:2D:2A:D9:C0:49:23:A4:A5
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/jAVTHMdMkV5B8rstLSrZwEkjpKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.136.0/24
62.82.51.0/24
82.159.153.0/24
84.124.62.0/24
95.39.61.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:2c:41:c6:2b:b5:6e:8d:69:e4:f8:e3:93:78:22:be:a0:4c:
ef:32:eb:34:1c:98:54:a8:53:a8:36:77:b0:c9:be:7e:d9:03:
c4:ab:bb:aa:36:10:57:9d:6c:3a:bd:c3:70:41:21:9c:22:d3:
1d:00:78:86:d0:52:b3:7a:3e:8f:9f:3a:00:50:b6:2d:ea:82:
90:3e:d2:44:4e:ad:39:55:a5:cd:5a:46:16:a5:54:38:c1:f6:
ff:6b:61:54:f1:76:bb:c5:90:70:38:7b:ef:83:2b:2f:f1:ce:
89:23:8c:d7:e9:37:7d:9c:3b:96:53:42:08:38:52:f2:14:91:
b1:c9:81:91:5e:73:e6:5d:8c:6d:b8:f8:f7:27:91:63:a1:f2:
77:2d:26:ad:1c:a8:2e:32:81:7f:74:ae:c8:ed:9a:31:60:bd:
09:88:c2:6a:0e:24:a2:9b:9d:60:66:08:0e:fb:dc:01:d1:49:
b3:8e:80:40:2a:8d:c2:1e:00:fd:45:6c:93:7b:a2:47:68:2f:
eb:a7:22:d4:71:02:d6:aa:8f:41:8c:3d:98:42:9f:da:1f:47:
e3:73:11:4d:3a:e1:6e:1d:ef:20:99:92:0f:62:74:74:2c:69:
b3:86:09:2d:e1:e0:f5:c6:72:bb:60:12:e2:12:90:17:0d:4e:
81:9a:84:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwgrOmsewNLclplTvL1IRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA1NTMxY2M3NGM5MTVlNDFmMmJiMmQyZDJhZDljMDQ5MjNhNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieBC/sOZu7SLVlbHv+gSCd5kwn3w
PzUYKqHAmVnlyx96vuYJX26Ut594vK1cbgzAkBZvE2Xl5nTOqE6Ax6nnOno3XnpV
XsCzRBuwwGDeP6iNZedk6TQHDgImjcP0qVEjYeuezN2r9byuxxoFbOgsfJOJuRAt
5Iz1bTId27mdjySxxdoTtFGoCfnPWGlZYFJ5y4RI4y+NBrl3nlGYsGBgmAqC8+1A
ZZx2J+lvCd36f9Mr1NdIrCi7JuQI45hpC5LjK310oAaMRjlIQB2uwJcM6UvvwjfB
Pk1JHp3oLLISQFlEm+mdwMO+sbe7xMtpkmykxtEWbL8Xdgp67jN2xeMoAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIwFUxzHTJFeQfK7LS0q2cBJI6SlMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvakFWVEhNZE1rVjVCOHJzdExTclp3RWtqcEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSiIAwQA
PlIzAwQAUp+ZAwQAVHw+AwQAXyc9MA0GCSqGSIb3DQEBCwUAA4IBAQAOLEHGK7Vu
jWnk+OOTeCK+oEzvMus0HJhUqFOoNnewyb5+2QPEq7uqNhBXnWw6vcNwQSGcItMd
AHiG0FKzej6PnzoAULYt6oKQPtJETq05VaXNWkYWpVQ4wfb/a2FU8Xa7xZBwOHvv
gysv8c6JI4zX6Td9nDuWU0IIOFLyFJGxyYGRXnPmXYxtuPj3J5FjofJ3LSatHKgu
MoF/dK7I7ZoxYL0JiMJqDiSim51gZggO+9wB0UmzjoBAKo3CHgD9RWyTe6JHaC/r
pyLUcQLWqo9BjD2YQp/aH0fjcxFNOuFuHe8gmZIPYnR0LGmzhgkt4eD1xnK7YBLi
EpAXDU6BmoR7
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:55 2024 by rpki-client on console.sobornost.net