Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/D9aDLpkcQwJVPoF2pIUUyXxRSQo.roa
File: D9aDLpkcQwJVPoF2pIUUyXxRSQo.roa (raw, json)
Hash identifier: UIr1GKSqbl0CdTJpZnK/ujsdsPJhR+cEKej4pkdY3wk=
Subject key identifier: 0F:D6:83:2E:99:1C:43:02:55:3E:81:76:A4:85:14:C9:7C:51:49:0A
Certificate issuer: /CN=9d581ff8954a8978b34d849101546cce61c4afa3
Certificate serial: 01856FF985A7FFCA9A4A142439DD7833CBDB
Authority key identifier: 9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/D9aDLpkcQwJVPoF2pIUUyXxRSQo.roa
Signing time: Mon 02 Jan 2023 00:55:01 +0000
ROA not before: Mon 02 Jan 2023 00:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203087
IP address blocks: 185.120.77.0/24 maxlen: 24
185.120.76.0/24 maxlen: 24
185.120.78.0/24 maxlen: 24
185.120.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:85:a7:ff:ca:9a:4a:14:24:39:dd:78:33:cb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d581ff8954a8978b34d849101546cce61c4afa3
Validity
Not Before: Jan 2 00:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fd6832e991c4302553e8176a48514c97c51490a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:0d:84:33:cd:99:b6:87:64:77:e6:df:13:
c7:8f:a8:5c:e1:fe:49:1f:f0:5b:2a:bd:e4:c7:a4:
84:f1:18:7b:43:3e:fd:ab:18:e2:93:67:42:14:ba:
bc:01:fd:a0:96:87:95:c8:2f:e2:48:04:eb:a3:2a:
7f:56:e4:44:47:9a:c2:2e:03:eb:3c:ce:e6:2f:b1:
b9:5f:bb:8d:fe:16:4c:87:c8:e4:d8:71:e8:24:20:
64:f1:87:ce:9c:14:22:c8:3c:66:1c:e8:20:75:6e:
48:f3:ca:09:20:f9:05:19:f2:1c:08:67:31:cb:4b:
a1:6f:85:25:63:ea:59:be:a7:a5:73:28:98:01:c3:
5d:47:25:2e:fc:3d:72:eb:ac:cd:f1:98:cc:e7:3d:
a3:70:63:c2:7b:b1:9a:5a:2f:35:1e:0c:d1:a7:a4:
31:98:ca:14:2d:70:43:44:d5:1b:4b:a8:c4:18:f5:
4f:6a:ea:01:39:9c:de:c4:8c:ca:a3:9c:5d:52:9c:
81:cd:58:20:65:4c:93:44:35:a7:6d:a4:2e:7a:65:
37:7d:0d:9d:bb:41:af:7c:50:de:ba:84:86:72:f9:
de:30:fb:e6:c4:03:ba:34:cc:00:0d:f2:69:4f:6e:
63:71:6b:53:7f:90:7f:0e:2a:43:ab:36:a0:34:70:
53:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D6:83:2E:99:1C:43:02:55:3E:81:76:A4:85:14:C9:7C:51:49:0A
X509v3 Authority Key Identifier:
keyid:9D:58:1F:F8:95:4A:89:78:B3:4D:84:91:01:54:6C:CE:61:C4:AF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVgf-JVKiXizTYSRAVRszmHEr6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/D9aDLpkcQwJVPoF2pIUUyXxRSQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2b3f2f-14ae-464b-9b7c-7980a2e23007/1/nVgf-JVKiXizTYSRAVRszmHEr6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.76.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:2e:0b:b6:e8:35:69:aa:05:3c:fb:01:38:3f:8f:8a:ff:df:
17:14:8a:78:5f:83:fe:6f:70:01:02:ae:c7:93:71:c8:eb:8c:
07:eb:8f:42:63:e8:e4:6d:c8:1c:35:7c:d5:2b:1f:01:4c:60:
4e:08:34:96:72:a2:0a:2b:14:33:9c:9a:3a:56:c4:b3:82:ff:
19:d1:15:05:91:56:61:48:7d:93:da:ca:9d:ef:98:fd:f2:a8:
e4:1f:62:fa:8c:a7:c0:5b:bb:53:ed:15:9e:ba:d3:03:1c:18:
ca:30:51:58:52:2c:3b:01:49:ea:08:35:bb:83:36:b3:3b:64:
bc:52:92:bc:38:39:7b:47:cd:9f:96:ed:26:53:a1:dd:05:90:
b1:d2:24:b6:9a:64:1e:3f:ab:07:47:f0:29:2a:6c:0c:b8:79:
15:2e:45:31:de:b1:61:a5:93:a9:f0:c2:e9:33:fa:c5:be:11:
5c:11:c6:79:51:d1:bf:1d:c7:cb:fb:e8:02:ed:e9:37:6d:63:
ce:6e:a6:01:86:89:3c:79:f3:e0:6b:99:cb:7f:05:c6:de:81:
57:16:04:c8:bc:f8:f4:b4:05:ad:b3:25:45:34:4e:b1:aa:e1:
e8:a9:8b:ac:8d:81:65:45:d1:f8:e7:2c:53:44:9b:87:e4:83:
d8:c9:f6:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+YWn/8qaShQkOd14M8vbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTgxZmY4OTU0YTg5NzhiMzRkODQ5MTAxNTQ2Y2NlNjFj
NGFmYTMwHhcNMjMwMTAyMDA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ2ODMyZTk5MWM0MzAyNTUzZTgxNzZhNDg1MTRjOTdjNTE0OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZENhDPNmbaHZHfm3xPHj6hc4f5J
H/BbKr3kx6SE8Rh7Qz79qxjik2dCFLq8Af2gloeVyC/iSATroyp/VuRER5rCLgPr
PM7mL7G5X7uN/hZMh8jk2HHoJCBk8YfOnBQiyDxmHOggdW5I88oJIPkFGfIcCGcx
y0uhb4UlY+pZvqelcyiYAcNdRyUu/D1y66zN8ZjM5z2jcGPCe7GaWi81HgzRp6Qx
mMoULXBDRNUbS6jEGPVPauoBOZzexIzKo5xdUpyBzVggZUyTRDWnbaQuemU3fQ2d
u0GvfFDeuoSGcvneMPvmxAO6NMwADfJpT25jcWtTf5B/DipDqzagNHBTKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/Wgy6ZHEMCVT6BdqSFFMl8UUkKMB8GA1UdIwQY
MBaAFJ1YH/iVSol4s02EkQFUbM5hxK+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2Mt
Nzk4MGEyZTIzMDA3LzEvRDlhRExwa2NRd0pWUG9GMnBJVVV5WHhSU1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yYjNmMmYtMTRhZS00NjRiLTliN2MtNzk4MGEyZTIzMDA3
LzEvblZnZi1KVktpWGl6VFlTUkFWUnN6bUhFcjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXhMMA0G
CSqGSIb3DQEBCwUAA4IBAQCdLgu26DVpqgU8+wE4P4+K/98XFIp4X4P+b3ABAq7H
k3HI64wH649CY+jkbcgcNXzVKx8BTGBOCDSWcqIKKxQznJo6VsSzgv8Z0RUFkVZh
SH2T2sqd75j98qjkH2L6jKfAW7tT7RWeutMDHBjKMFFYUiw7AUnqCDW7gzazO2S8
UpK8ODl7R82flu0mU6HdBZCx0iS2mmQeP6sHR/ApKmwMuHkVLkUx3rFhpZOp8MLp
M/rFvhFcEcZ5UdG/HcfL++gC7ek3bWPObqYBhok8efPga5nLfwXG3oFXFgTIvPj0
tAWtsyVFNE6xquHoqYusjYFlRdH45yxTRJuH5IPYyfaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org