Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/d99K0VvbAdKbLTvp3QOWmPSPXu4.roa
File: d99K0VvbAdKbLTvp3QOWmPSPXu4.roa (raw, json)
Hash identifier: ZddpoaFZfonazi9F8VHgo3v0Yd1t/5tJ9YCEN4s1/Nc=
Subject key identifier: 77:DF:4A:D1:5B:DB:01:D2:9B:2D:3B:E9:DD:03:96:98:F4:8F:5E:EE
Certificate issuer: /CN=9585c19915455835457413ef222a7d375b29901d
Certificate serial: 018573038B8A509E419A988D0677B0D42C91
Authority key identifier: 95:85:C1:99:15:45:58:35:45:74:13:EF:22:2A:7D:37:5B:29:90:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lYXBmRVFWDVFdBPvIip9N1spkB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/d99K0VvbAdKbLTvp3QOWmPSPXu4.roa
Signing time: Mon 02 Jan 2023 15:04:50 +0000
ROA not before: Mon 02 Jan 2023 15:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12798
IP address blocks: 185.82.48.0/24 maxlen: 24
185.82.51.0/24 maxlen: 24
185.82.50.0/24 maxlen: 24
212.22.224.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8b:8a:50:9e:41:9a:98:8d:06:77:b0:d4:2c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9585c19915455835457413ef222a7d375b29901d
Validity
Not Before: Jan 2 15:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77df4ad15bdb01d29b2d3be9dd039698f48f5eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:58:8b:5c:e5:0a:80:63:a1:3b:15:64:d7:f4:
bb:1a:33:7b:ac:67:16:c1:12:ad:c1:0f:13:5f:d9:
2f:b7:10:e7:ae:76:47:25:25:df:dc:89:92:84:13:
51:5e:0e:f0:12:2a:ba:cb:ef:04:0f:d1:41:ae:e4:
38:06:df:96:34:7d:91:6c:a3:77:8c:fe:2b:82:e7:
dd:68:8e:f3:c0:de:fb:80:34:37:f2:8f:f8:01:16:
36:0a:b6:df:6a:a0:bd:87:1a:8b:e4:02:db:c0:19:
c0:c2:7b:bf:f2:14:6e:28:10:1b:ea:87:f4:95:8b:
04:cf:11:b8:84:a6:3b:df:e5:46:a5:f1:6f:23:60:
97:12:7b:70:4d:8a:1c:cb:7b:95:3a:ea:ce:d3:9b:
2a:9f:a6:9a:b8:a0:33:ff:ca:10:91:5c:8a:88:92:
c6:60:81:14:32:1f:b1:6b:da:3d:b5:61:29:be:df:
57:5d:3a:1d:13:fd:82:22:cd:09:2d:dc:e2:33:43:
7f:56:9c:b8:a9:2c:f4:68:5e:fe:19:c8:67:b7:43:
08:54:0d:02:1a:31:b9:64:ad:1e:04:51:de:7f:0d:
58:0c:23:52:ae:27:27:d3:17:6d:fb:7e:c8:aa:bf:
f2:d9:67:a3:d3:16:14:fa:78:41:c1:51:17:67:5b:
b3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:4A:D1:5B:DB:01:D2:9B:2D:3B:E9:DD:03:96:98:F4:8F:5E:EE
X509v3 Authority Key Identifier:
keyid:95:85:C1:99:15:45:58:35:45:74:13:EF:22:2A:7D:37:5B:29:90:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYXBmRVFWDVFdBPvIip9N1spkB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/d99K0VvbAdKbLTvp3QOWmPSPXu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/lYXBmRVFWDVFdBPvIip9N1spkB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.48.0/24
185.82.50.0/23
212.22.224.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:9e:ba:58:76:1f:7e:44:11:67:82:f0:19:0f:98:49:34:89:
e5:68:08:aa:c6:bc:46:72:51:78:cf:74:dc:53:1d:91:b5:70:
da:f4:94:1d:70:6a:33:6f:29:cb:44:7a:25:d3:0c:2a:73:24:
e6:fb:47:28:44:c9:23:7a:0c:8b:f2:9c:ce:96:07:19:78:d8:
3e:a9:fe:af:1c:6d:8a:35:cf:a9:ca:a2:23:74:f3:75:83:b1:
27:fd:8b:59:bd:e7:49:36:2e:0d:5f:d1:65:19:fa:81:e4:5b:
f4:e8:fc:91:60:35:24:a3:3f:59:5e:a3:29:5b:46:d9:52:0a:
05:56:cf:f4:7c:3f:d1:fa:5c:5f:8a:25:e8:3e:a2:d6:4c:a0:
d8:4f:82:72:9a:0b:13:dd:62:37:71:c8:5e:0f:5e:b4:f2:ce:
24:93:ad:e6:6b:07:f2:32:3e:b8:cc:c2:6e:31:fd:7f:ef:1f:
ae:d9:06:38:b4:52:81:0a:4b:e1:5a:58:79:2b:89:28:51:af:
2d:9d:bd:14:bc:a3:8c:27:4b:84:2f:99:00:c8:97:83:bc:5c:
e7:28:7f:f6:97:2b:fd:fa:46:61:e2:45:c3:c5:73:4f:ef:3a:
22:fe:7f:35:de:d4:b9:3f:c7:8e:ec:5c:42:08:00:cc:b3:51:
c6:e6:6b:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzA4uKUJ5BmpiNBnew1CyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ODVjMTk5MTU0NTU4MzU0NTc0MTNlZjIyMmE3ZDM3NWIy
OTkwMWQwHhcNMjMwMTAyMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmNGFkMTViZGIwMWQyOWIyZDNiZTlkZDAzOTY5OGY0OGY1ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFiLXOUKgGOhOxVk1/S7GjN7rGcW
wRKtwQ8TX9kvtxDnrnZHJSXf3ImShBNRXg7wEiq6y+8ED9FBruQ4Bt+WNH2RbKN3
jP4rgufdaI7zwN77gDQ38o/4ARY2CrbfaqC9hxqL5ALbwBnAwnu/8hRuKBAb6of0
lYsEzxG4hKY73+VGpfFvI2CXEntwTYocy3uVOurO05sqn6aauKAz/8oQkVyKiJLG
YIEUMh+xa9o9tWEpvt9XXTodE/2CIs0JLdziM0N/Vpy4qSz0aF7+Gchnt0MIVA0C
GjG5ZK0eBFHefw1YDCNSricn0xdt+37Iqr/y2Wej0xYU+nhBwVEXZ1uzTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHffStFb2wHSmy076d0Dlpj0j17uMB8GA1UdIwQY
MBaAFJWFwZkVRVg1RXQT7yIqfTdbKZAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlYQm1SVkZXRFZGZEJQdklpcDlOMXNwa0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZjU3NTgtYWZmNy00ZDg4LWI3ZGMt
NzcyOTE4ZmZmNTQ0LzEvZDk5SzBWdmJBZEtiTFR2cDNRT1dtUFNQWHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZjU3NTgtYWZmNy00ZDg4LWI3ZGMtNzcyOTE4ZmZmNTQ0
LzEvbFlYQm1SVkZXRFZGZEJQdklpcDlOMXNwa0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVIwAwQB
uVIyAwQF1BbgMA0GCSqGSIb3DQEBCwUAA4IBAQB/nrpYdh9+RBFngvAZD5hJNInl
aAiqxrxGclF4z3TcUx2RtXDa9JQdcGozbynLRHol0wwqcyTm+0coRMkjegyL8pzO
lgcZeNg+qf6vHG2KNc+pyqIjdPN1g7En/YtZvedJNi4NX9FlGfqB5Fv06PyRYDUk
oz9ZXqMpW0bZUgoFVs/0fD/R+lxfiiXoPqLWTKDYT4JymgsT3WI3ccheD1608s4k
k63mawfyMj64zMJuMf1/7x+u2QY4tFKBCkvhWlh5K4koUa8tnb0UvKOMJ0uEL5kA
yJeDvFznKH/2lyv9+kZh4kXDxXNP7zoi/n813tS5P8eO7FxCCADMs1HG5mun
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:19 2024 by rpki-client on console-fra.rpki-client.org