Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/OyJ9Giwqn-Y35h1hRTx-lbsO5BM.roa
File: OyJ9Giwqn-Y35h1hRTx-lbsO5BM.roa (raw, json)
Hash identifier: CVuwvHP4r0eK/Nj5+nuPdUDf6kQ88ReKr+24JxTmJus=
Subject key identifier: 3B:22:7D:1A:2C:2A:9F:E6:37:E6:1D:61:45:3C:7E:95:BB:0E:E4:13
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 018891899254CA8376091052180E60A0F14C
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/OyJ9Giwqn-Y35h1hRTx-lbsO5BM.roa
Signing time: Tue 06 Jun 2023 16:28:12 +0000
ROA not before: Tue 06 Jun 2023 16:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
45.144.240.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:89:92:54:ca:83:76:09:10:52:18:0e:60:a0:f1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Jun 6 16:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b227d1a2c2a9fe637e61d61453c7e95bb0ee413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9a:31:aa:78:94:f8:75:8f:b9:bb:4f:09:3c:
cd:97:d8:a9:0b:d4:6e:fe:b4:a8:07:8f:19:0d:4b:
b2:05:d9:0a:c7:16:39:97:5f:c7:6b:fb:b9:17:0d:
0c:cf:3c:45:e1:e1:0b:d5:d9:44:ee:44:11:6b:52:
aa:57:79:9a:78:bd:9c:aa:f3:43:8f:85:cf:73:da:
be:48:d5:6e:10:51:53:7b:90:4b:bc:fe:83:c1:31:
06:25:61:fb:2e:01:0c:f9:9f:21:bc:52:3e:54:3a:
63:23:1b:7f:d9:67:19:29:15:1e:b8:65:3c:59:87:
79:65:73:06:ec:f0:9f:2e:f1:03:08:4f:b2:a5:d3:
2d:83:5a:84:80:5e:cd:7b:a9:a5:1d:d7:1a:f2:f6:
4e:35:8a:02:df:b2:3a:f2:58:11:3f:58:a5:3b:d8:
6d:d1:b3:de:94:dd:77:13:24:64:29:9e:8d:60:d1:
ee:76:3f:d3:a6:11:75:f5:e0:aa:5a:29:b2:7a:b7:
ad:d3:5f:50:9c:3a:b8:c5:32:ba:1e:26:f1:b9:e7:
49:ca:f2:19:f0:70:e6:ce:e5:36:cc:60:cc:b4:c6:
e4:95:e1:39:9a:94:42:75:a1:d9:34:70:21:53:99:
bd:0f:29:9d:26:11:77:e1:8b:cd:00:9d:6c:5e:d3:
c5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:22:7D:1A:2C:2A:9F:E6:37:E6:1D:61:45:3C:7E:95:BB:0E:E4:13
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/OyJ9Giwqn-Y35h1hRTx-lbsO5BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.240.0/23
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.209.0/24
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
d2:5a:1c:d0:4b:67:d2:1b:09:c7:94:97:a2:15:81:59:9a:f3:
55:6d:21:6e:bf:2c:3a:08:2b:10:5a:d4:58:df:32:e5:55:33:
44:4a:c6:a9:41:ed:3a:ca:eb:9a:75:1d:21:46:ae:a3:73:fc:
57:1a:a3:00:74:56:b3:6f:06:22:79:b4:e5:d4:88:a8:d2:a3:
8d:9f:82:a4:47:ad:ac:3a:00:24:00:eb:f2:67:92:e8:76:6a:
b2:88:7b:6e:86:f4:b7:75:68:0a:b5:f5:1f:af:64:2a:e7:f4:
1a:91:a3:5b:97:0b:c9:0b:9b:df:e6:10:18:61:71:d1:db:c3:
36:18:6c:f0:ab:d5:74:3c:f3:70:16:3f:0a:2a:f5:3c:71:7b:
14:d6:3d:a1:57:aa:c5:36:34:96:16:4b:95:41:a3:33:48:a8:
f2:93:5c:30:2a:d7:08:2f:c0:3a:f1:0a:83:db:27:3a:81:3b:
00:2c:8b:ab:0b:8f:ec:9e:04:0e:e5:95:8b:7a:ab:5b:c5:f6:
13:c4:8c:b5:c8:07:6a:a7:fa:1a:25:c0:d7:d9:d8:52:14:3a:
5e:40:79:2e:d8:39:c2:f9:e3:2b:c1:52:36:bb:40:0e:f2:69:
d3:63:1c:09:84:d9:39:bc:f2:ad:ce:80:36:8e:28:17:d5:ef:
8e:9e:a7:98
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYiRiZJUyoN2CRBSGA5goPFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNjA2MTYyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjIyN2QxYTJjMmE5ZmU2MzdlNjFkNjE0NTNjN2U5NWJiMGVlNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJoxqniU+HWPubtPCTzNl9ipC9Ru
/rSoB48ZDUuyBdkKxxY5l1/Ha/u5Fw0MzzxF4eEL1dlE7kQRa1KqV3maeL2cqvND
j4XPc9q+SNVuEFFTe5BLvP6DwTEGJWH7LgEM+Z8hvFI+VDpjIxt/2WcZKRUeuGU8
WYd5ZXMG7PCfLvEDCE+ypdMtg1qEgF7Ne6mlHdca8vZONYoC37I68lgRP1ilO9ht
0bPelN13EyRkKZ6NYNHudj/TphF19eCqWimyeret019QnDq4xTK6HibxuedJyvIZ
8HDmzuU2zGDMtMbkleE5mpRCdaHZNHAhU5m9DymdJhF34YvNAJ1sXtPFwQIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFDsifRosKp/mN+YdYUU8fpW7DuQTMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvT3lKOUdpd3FuLVkzNWgxaFJUeC1sYnNPNUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBACYWdEwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBANJaHNBL
Z9IbCceUl6IVgVma81VtIW6/LDoIKxBa1FjfMuVVM0RKxqlB7TrK65p1HSFGrqNz
/FcaowB0VrNvBiJ5tOXUiKjSo42fgqRHraw6ACQA6/Jnkuh2arKIe26G9Ld1aAq1
9R+vZCrn9BqRo1uXC8kLm9/mEBhhcdHbwzYYbPCr1XQ883AWPwoq9TxxexTWPaFX
qsU2NJYWS5VBozNIqPKTXDAq1wgvwDrxCoPbJzqBOwAsi6sLj+yeBA7llYt6q1vF
9hPEjLXIB2qn+holwNfZ2FIUOl5AeS7YOcL54yvBUja7QA7yadNjHAmE2Tm88q3O
gDaOKBfV746ep5g=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org