Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/1-maTJrwfhNQGpbdprS1LyGV0JLY.roa
File: 1-maTJrwfhNQGpbdprS1LyGV0JLY.roa (raw, json)
Hash identifier: arQwsUeB4Q+DQGlppqNtoam15P0d6AcsyuSlxHegbKM=
Subject key identifier: FA:66:93:26:BC:1F:84:D4:06:A5:B7:69:AD:2D:4B:C8:65:74:24:B6
Certificate issuer: /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial: 018B6C125762EF0F997C223F3C2E5789C42F
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/1-maTJrwfhNQGpbdprS1LyGV0JLY.roa
Signing time: Thu 26 Oct 2023 13:00:23 +0000
ROA not before: Thu 26 Oct 2023 13:00:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20756
IP address blocks: 185.65.58.0/23 maxlen: 23
185.65.56.0/23 maxlen: 23
185.65.56.0/22 maxlen: 22
81.92.80.0/20 maxlen: 20
81.92.84.0/23 maxlen: 23
81.92.88.0/23 maxlen: 23
81.92.90.0/23 maxlen: 23
81.92.94.0/23 maxlen: 23
2a01:c8::/32 maxlen: 32
2a01:c8:ff00::/40 maxlen: 40
2a01:c8:300::/40 maxlen: 40
2a01:c8:200::/40 maxlen: 40
2a01:c8:100::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:12:57:62:ef:0f:99:7c:22:3f:3c:2e:57:89:c4:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Validity
Not Before: Oct 26 13:00:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa669326bc1f84d406a5b769ad2d4bc8657424b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:5c:44:9f:97:84:16:5d:b5:c6:66:07:f8:
4b:ef:84:e5:e8:33:d4:82:51:f1:8a:15:db:e2:8a:
6c:08:67:6b:90:35:b9:18:d0:40:a8:e5:df:db:a9:
2f:8f:83:04:c1:54:bd:fe:a0:7e:68:39:53:ed:19:
12:30:cf:0a:a1:c0:8d:33:45:11:92:fa:43:5e:04:
5e:a5:e4:bd:02:37:4a:93:be:e6:a7:23:97:42:1e:
bc:b6:76:50:57:5f:1c:6d:05:66:bd:09:00:87:97:
11:4e:e0:bd:9e:38:a9:a5:bc:5b:5f:f4:c9:2b:f9:
61:d0:7e:1f:d0:a5:22:6d:a9:e7:4d:8f:61:e0:61:
38:f8:d5:56:73:84:af:6f:c4:b9:83:c9:62:f4:38:
04:0d:d2:43:3d:0c:5f:66:d2:70:31:af:ed:68:fc:
7f:da:dd:e9:63:56:78:49:85:ae:1b:99:36:ac:79:
a7:54:82:2b:b5:58:fd:74:4c:2c:43:82:62:50:4b:
ac:e1:aa:45:9e:db:cf:72:c8:0f:ba:43:4c:53:0c:
22:06:23:de:44:aa:b4:10:cb:4a:ed:d9:7e:67:fe:
6a:0b:55:4d:d1:a9:e6:4c:4b:11:f8:93:83:e2:9f:
b6:2b:75:10:45:a8:a4:b1:22:1d:c8:a9:96:f1:14:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:66:93:26:BC:1F:84:D4:06:A5:B7:69:AD:2D:4B:C8:65:74:24:B6
X509v3 Authority Key Identifier:
keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/1-maTJrwfhNQGpbdprS1LyGV0JLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.80.0/20
185.65.56.0/22
IPv6:
2a01:c8::/32
Signature Algorithm: sha256WithRSAEncryption
a9:39:b9:48:a9:45:ab:e8:4b:38:ab:94:e3:b5:3e:7a:4d:e1:
3b:9e:5b:99:8e:cb:bf:28:61:f2:9d:a7:80:27:b8:c5:d1:07:
0f:2c:c1:f8:7c:42:b1:e4:ab:13:f6:5d:f9:08:1b:e3:77:d3:
91:30:ba:6b:ac:fe:50:82:c8:7f:c5:0e:7e:35:6b:4c:56:72:
59:e2:ea:ee:0c:49:8c:f8:90:c7:3f:44:bf:76:40:b6:10:88:
db:8c:13:a9:2e:18:77:c3:1f:50:61:5e:e4:ab:41:65:15:35:
54:fe:f3:23:40:d5:9c:1a:86:e5:ca:03:fd:9f:bd:14:03:d0:
4c:f1:4f:48:7f:de:be:4e:3e:62:ea:ba:69:9b:80:51:e7:ef:
a0:53:ed:a5:27:cc:e8:a2:07:f1:ce:e5:19:ec:69:f0:38:29:
5e:f6:e6:46:e2:99:7c:e9:59:88:73:44:7d:8f:e4:08:c0:11:
7b:0e:cb:7c:ed:00:12:4f:cc:6a:74:94:3b:68:29:24:17:f6:
47:c8:44:4d:79:77:96:e1:fa:74:aa:e5:7d:56:fd:1c:05:09:
20:fa:5d:7d:26:61:29:43:ab:04:b7:93:2a:fc:d6:7c:55:b5:
2d:5f:14:54:27:5a:eb:81:71:ae:5b:78:32:68:dc:60:27:de:
a6:da:cd:eb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYtsEldi7w+ZfCI/PC5XicQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjMxMDI2MTMwMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY2OTMyNmJjMWY4NGQ0MDZhNWI3NjlhZDJkNGJjODY1NzQyNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX9cRJ+XhBZdtcZmB/hL74Tl6DPU
glHxihXb4opsCGdrkDW5GNBAqOXf26kvj4MEwVS9/qB+aDlT7RkSMM8KocCNM0UR
kvpDXgRepeS9AjdKk77mpyOXQh68tnZQV18cbQVmvQkAh5cRTuC9njippbxbX/TJ
K/lh0H4f0KUibannTY9h4GE4+NVWc4Svb8S5g8li9DgEDdJDPQxfZtJwMa/taPx/
2t3pY1Z4SYWuG5k2rHmnVIIrtVj9dEwsQ4JiUEus4apFntvPcsgPukNMUwwiBiPe
RKq0EMtK7dl+Z/5qC1VN0anmTEsR+JOD4p+2K3UQRaiksSIdyKmW8RTxWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPpmkya8H4TUBqW3aa0tS8hldCS2MB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvMS1tYVRKcndmaE5RR3BiZHByUzFMeUdWMEpMWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjUvZTUxNTgzLWY1NWMtNDkzYi1iOTUwLTczNmFiODM0OTRh
Yy8xL2NRVWJEaXpwcE1ubUVoNllQUlpmNnJoLXcxUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFFcUAME
ArlBODANBAIAAjAHAwUAKgEAyDANBgkqhkiG9w0BAQsFAAOCAQEAqTm5SKlFq+hL
OKuU47U+ek3hO55bmY7Lvyhh8p2ngCe4xdEHDyzB+HxCseSrE/Zd+Qgb43fTkTC6
a6z+UILIf8UOfjVrTFZyWeLq7gxJjPiQxz9Ev3ZAthCI24wTqS4Yd8MfUGFe5KtB
ZRU1VP7zI0DVnBqG5coD/Z+9FAPQTPFPSH/evk4+Yuq6aZuAUefvoFPtpSfM6KIH
8c7lGexp8DgpXvbmRuKZfOlZiHNEfY/kCMARew7LfO0AEk/ManSUO2gpJBf2R8hE
TXl3luH6dKrlfVb9HAUJIPpdfSZhKUOrBLeTKvzWfFW1LV8UVCda64Fxrlt4Mmjc
YCfeptrN6w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:11 2024 by rpki-client on console-fra.rpki-client.org