Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/VQixmILQwco2eTD1TBgLyhrmBuM.roa
File: VQixmILQwco2eTD1TBgLyhrmBuM.roa (raw, json)
Hash identifier: fvyVLIWqjspqkg0CteoqVsVPDdS1KSWIOhNqcsOfqM4=
Subject key identifier: 55:08:B1:98:82:D0:C1:CA:36:79:30:F5:4C:18:0B:CA:1A:E6:06:E3
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0187B43C47A69C3FC55B0079665394F556A9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/VQixmILQwco2eTD1TBgLyhrmBuM.roa
Signing time: Mon 24 Apr 2023 17:07:41 +0000
ROA not before: Mon 24 Apr 2023 17:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 94.190.248.0/22 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
62.112.0.0/21 maxlen: 24
194.88.112.0/20 maxlen: 24
93.113.184.0/21 maxlen: 24
185.77.250.0/23 maxlen: 24
91.232.136.0/22 maxlen: 24
188.240.40.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:3c:47:a6:9c:3f:c5:5b:00:79:66:53:94:f5:56:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 24 17:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5508b19882d0c1ca367930f54c180bca1ae606e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:84:26:9f:99:15:a3:68:5f:ff:41:27:e9:98:
a7:91:c4:9c:f3:7a:0b:47:9c:ea:20:9a:3f:01:e3:
50:ff:4c:fe:ff:bb:6c:f9:82:4f:98:db:17:ca:f3:
6a:1b:70:16:0f:3c:cb:7a:8b:26:00:c5:36:03:a1:
81:13:17:15:56:ae:a1:53:ee:c1:cd:d7:cc:d8:3b:
f5:34:97:e1:82:2f:02:c1:a0:c3:14:c4:c0:d3:70:
7d:89:b8:f9:08:99:63:a5:62:fd:74:5f:10:69:3d:
65:4e:a6:9c:97:2e:95:02:41:5e:0f:67:b8:87:60:
d0:e1:e7:4e:ad:ed:70:e1:8a:62:d3:11:8f:89:97:
74:73:4d:25:09:11:e0:89:94:9e:b8:d7:18:c7:f5:
06:09:dc:4b:e7:b4:90:30:b2:99:05:22:ce:82:55:
80:9c:f2:d9:f3:5e:2f:36:67:75:7b:d3:e0:38:1d:
4b:08:5d:e3:a3:70:c0:4f:29:a4:e6:59:52:fa:e8:
13:94:7e:d2:70:04:13:5b:15:1e:bf:d9:b6:29:41:
e9:73:ad:b1:fb:55:7c:ee:4e:b8:c6:79:23:1d:73:
f2:59:f3:72:5a:04:50:57:bb:97:c4:27:73:b3:9b:
e7:b4:2c:71:3b:d0:26:86:26:82:f7:bf:95:fe:1d:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:08:B1:98:82:D0:C1:CA:36:79:30:F5:4C:18:0B:CA:1A:E6:06:E3
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/VQixmILQwco2eTD1TBgLyhrmBuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.234.16.0/20
85.204.160.0/22
91.232.136.0/22
93.113.184.0/21
94.190.248.0/22
185.77.250.0/23
188.240.40.0/23
194.88.96.0/21
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
18:8e:6f:b9:e3:67:18:77:2f:c0:fe:fe:ab:34:91:9f:e9:95:
7b:6e:b2:0e:fd:02:f8:f1:8f:96:e0:be:c9:df:8e:b9:d7:06:
46:b4:50:27:bc:aa:2c:05:e9:8f:4a:80:87:b2:d4:ae:2e:ef:
b0:a8:57:69:f6:8d:7c:a9:c7:fb:f2:5a:de:dd:53:82:4f:87:
0f:ac:27:f6:3b:61:b5:7f:ad:9c:5c:82:bc:cb:ce:ef:b5:25:
0f:e3:6b:50:9c:9b:a6:bf:d7:95:f5:41:2f:83:9c:79:8e:23:
ce:9b:4e:13:b7:5a:d6:66:7a:fd:a7:26:b9:a5:92:09:0c:9f:
76:b6:e3:e4:21:10:5d:10:36:66:b0:64:14:a4:43:82:ed:3c:
27:85:e5:b2:50:5d:e6:04:2d:f2:d9:93:1b:9f:f3:e1:59:1a:
fb:4f:37:08:5e:de:6a:cf:52:8d:45:81:4f:27:34:a0:8c:ab:
24:23:31:dd:e4:48:b9:8a:fa:93:3f:6a:a9:37:98:02:83:1b:
5e:c7:29:38:e1:f0:dd:61:03:5f:60:d5:01:a7:4f:9d:a9:03:
9a:38:cc:23:74:df:1e:cd:0e:74:92:3a:6f:64:ff:5a:4a:e1:
3d:62:1a:d1:20:a6:b3:c1:60:fd:d1:9c:37:f7:19:98:ae:60:
66:c2:d1:7b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYe0PEemnD/FWwB5ZlOU9VapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDI0MTcwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA4YjE5ODgyZDBjMWNhMzY3OTMwZjU0YzE4MGJjYTFhZTYwNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYQmn5kVo2hf/0En6ZinkcSc83oL
R5zqIJo/AeNQ/0z+/7ts+YJPmNsXyvNqG3AWDzzLeosmAMU2A6GBExcVVq6hU+7B
zdfM2Dv1NJfhgi8CwaDDFMTA03B9ibj5CJljpWL9dF8QaT1lTqacly6VAkFeD2e4
h2DQ4edOre1w4Ypi0xGPiZd0c00lCRHgiZSeuNcYx/UGCdxL57SQMLKZBSLOglWA
nPLZ814vNmd1e9PgOB1LCF3jo3DATymk5llS+ugTlH7ScAQTWxUev9m2KUHpc62x
+1V87k64xnkjHXPyWfNyWgRQV7uXxCdzs5vntCxxO9AmhiaC97+V/h0DEwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFUIsZiC0MHKNnkw9UwYC8oa5gbjMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVlFpeG1JTFF3Y28yZVREMVRCZ0x5aHJtQnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBSPAAwQD
PnAAAwQEVOoQAwQCVcygAwQCW+iIAwQDXXG4AwQCXr74AwQBuU36AwQBvPAoAwQD
wlhgAwQEwlhwMA0GCSqGSIb3DQEBCwUAA4IBAQAYjm+542cYdy/A/v6rNJGf6ZV7
brIO/QL48Y+W4L7J34651wZGtFAnvKosBemPSoCHstSuLu+wqFdp9o18qcf78lre
3VOCT4cPrCf2O2G1f62cXIK8y87vtSUP42tQnJumv9eV9UEvg5x5jiPOm04Tt1rW
Znr9pya5pZIJDJ92tuPkIRBdEDZmsGQUpEOC7TwnheWyUF3mBC3y2ZMbn/PhWRr7
TzcIXt5qz1KNRYFPJzSgjKskIzHd5Ei5ivqTP2qpN5gCgxtexyk44fDdYQNfYNUB
p0+dqQOaOMwjdN8ezQ50kjpvZP9aSuE9YhrRIKazwWD90Zw39xmYrmBmwtF7
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:06 2023 by rpki-client on console.sobornost.net