Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa
File: 7DvbmbXdGzal12mQvNkOHoNmdiQ.roa (raw, json)
Hash identifier: G9GsU8scxGEiN1qq/aqLGPc3BVMxtC3hkHFcHFMOtcg=
Subject key identifier: EC:3B:DB:99:B5:DD:1B:36:A5:D7:69:90:BC:D9:0E:1E:83:66:76:24
Certificate issuer: /CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
Certificate serial: 01856D81BB3D42BAB82068AC4D3CE021274D
Authority key identifier: BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa
Signing time: Sun 01 Jan 2023 13:24:56 +0000
ROA not before: Sun 01 Jan 2023 13:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.103.202.0/24 maxlen: 24
185.103.203.0/24 maxlen: 24
185.103.200.0/24 maxlen: 24
2a06:2d40::/48 maxlen: 48
2a06:2d40:3::/48 maxlen: 48
2a06:2d40:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:bb:3d:42:ba:b8:20:68:ac:4d:3c:e0:21:27:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
Validity
Not Before: Jan 1 13:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec3bdb99b5dd1b36a5d76990bcd90e1e83667624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:35:2c:69:1b:a7:a1:96:b5:bc:a1:07:69:3f:
11:24:0e:d1:2e:c2:89:cd:96:b3:27:35:97:0d:36:
c5:36:5c:48:3b:5c:f5:18:10:40:db:30:48:e9:22:
9e:c8:f9:d9:3b:3d:d7:62:58:e0:d0:e0:11:fc:f9:
3c:15:1d:c2:7a:e4:d5:62:29:cf:c4:24:f4:75:1d:
96:93:b5:5b:17:33:f2:56:8c:d9:03:f8:f0:1e:25:
70:ad:e6:b0:57:c9:93:34:34:02:69:5f:8b:26:ee:
cb:ee:25:9a:97:1f:65:3d:14:3c:fe:40:fa:d6:96:
f1:60:42:2f:fb:31:f1:b1:1e:ea:eb:11:1a:d7:3d:
d1:42:1a:ba:12:2e:dd:f7:bc:b9:35:58:43:1e:6f:
5f:21:0e:92:b4:11:a3:fd:7c:0a:2e:38:07:b7:b1:
4e:e7:e0:91:9f:8b:c7:05:c4:b5:a7:f4:d6:17:92:
10:10:f6:4a:28:0c:68:d7:55:49:ad:c5:62:95:fc:
14:60:dd:64:80:9a:7e:3d:a8:49:e4:61:b5:13:49:
38:bf:28:ce:60:6f:25:78:83:c2:90:7a:ea:db:e0:
3d:50:f6:63:32:32:45:d2:be:87:5f:4b:98:d3:d3:
c2:c1:2d:51:dd:6c:e0:94:65:21:a4:9e:8f:f0:30:
ca:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:3B:DB:99:B5:DD:1B:36:A5:D7:69:90:BC:D9:0E:1E:83:66:76:24
X509v3 Authority Key Identifier:
keyid:BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/upwZM_Hv14cA791f2w3InMi2c0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.200.0/24
185.103.202.0/23
IPv6:
2a06:2d40::/47
2a06:2d40:3::/48
Signature Algorithm: sha256WithRSAEncryption
15:09:bc:52:df:a7:9e:77:c5:39:69:71:7b:df:5d:37:38:ed:
ca:51:70:3f:0d:47:9e:1f:17:49:3b:e0:f0:8a:b7:76:e8:71:
ee:8e:75:10:c0:61:28:93:3f:ba:3d:46:55:da:e3:69:e0:73:
a1:e9:33:1b:83:ea:f2:0d:de:63:44:38:68:82:eb:99:1d:fd:
97:9b:f5:f3:de:3a:b6:5e:1d:b2:33:24:0f:19:00:ff:40:e6:
26:4f:ba:3a:2e:f3:b7:51:ab:60:44:6a:77:31:b7:a7:bd:ed:
c5:3f:07:a8:b8:5f:e5:2c:15:30:3b:15:e1:a7:f1:d1:20:0a:
8a:52:48:3e:91:81:2f:d8:89:32:36:67:ce:f5:5d:a0:2f:45:
aa:6b:f8:fc:e0:00:3f:de:84:a9:31:c6:34:43:4a:e3:72:7a:
dc:99:26:6d:a2:18:68:b2:1f:30:81:8e:3b:a6:d4:f0:84:a4:
85:09:2d:e0:87:ae:0a:a0:42:32:a5:5b:0c:a2:a9:4b:b7:81:
2d:c8:97:64:b1:b4:f8:34:cb:d1:e3:24:e8:a8:ae:a6:9f:1f:
27:e7:0c:63:7d:5c:c0:95:19:3f:3d:c3:0b:48:57:5f:4d:b3:
f1:31:7a:4c:65:71:b1:c2:ba:e8:f9:2e:4d:e6:ea:17:e8:1c:
01:51:dc:62
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVtgbs9Qrq4IGisTTzgISdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWMxOTMzZjFlZmQ3ODcwMGVmZGQ1ZmRiMGRjODljYzhi
NjczNGEwHhcNMjMwMTAxMTMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNiZGI5OWI1ZGQxYjM2YTVkNzY5OTBiY2Q5MGUxZTgzNjY3NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTUsaRunoZa1vKEHaT8RJA7RLsKJ
zZazJzWXDTbFNlxIO1z1GBBA2zBI6SKeyPnZOz3XYljg0OAR/Pk8FR3CeuTVYinP
xCT0dR2Wk7VbFzPyVozZA/jwHiVwreawV8mTNDQCaV+LJu7L7iWalx9lPRQ8/kD6
1pbxYEIv+zHxsR7q6xEa1z3RQhq6Ei7d97y5NVhDHm9fIQ6StBGj/XwKLjgHt7FO
5+CRn4vHBcS1p/TWF5IQEPZKKAxo11VJrcVilfwUYN1kgJp+PahJ5GG1E0k4vyjO
YG8leIPCkHrq2+A9UPZjMjJF0r6HX0uY09PCwS1R3WzglGUhpJ6P8DDKkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOw725m13Rs2pddpkLzZDh6DZnYkMB8GA1UdIwQY
MBaAFLqcGTPx79eHAO/dX9sNyJzItnNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB3Wk1fSHYxNGNBNzkxZjJ3M0luTWkyYzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mZjM0MjItMGVjZC00YmI1LThiMjct
NWQ5NjAzNjM4MzIyLzEvN0R2Ym1iWGRHemFsMTJtUXZOa09Ib05tZGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mZjM0MjItMGVjZC00YmI1LThiMjctNWQ5NjAzNjM4MzIy
LzEvdXB3Wk1fSHYxNGNBNzkxZjJ3M0luTWkyYzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuWfIAwQB
uWfKMBgEAgACMBIDBwEqBi1AAAADBwAqBi1AAAMwDQYJKoZIhvcNAQELBQADggEB
ABUJvFLfp553xTlpcXvfXTc47cpRcD8NR54fF0k74PCKt3boce6OdRDAYSiTP7o9
RlXa42ngc6HpMxuD6vIN3mNEOGiC65kd/Zeb9fPeOrZeHbIzJA8ZAP9A5iZPujou
87dRq2BEancxt6e97cU/B6i4X+UsFTA7FeGn8dEgCopSSD6RgS/YiTI2Z871XaAv
Rapr+PzgAD/ehKkxxjRDSuNyetyZJm2iGGiyHzCBjjum1PCEpIUJLeCHrgqgQjKl
WwyiqUu3gS3Il2SxtPg0y9HjJOiorqafHyfnDGN9XMCVGT89wwtIV19Ns/Exekxl
cbHCuuj5Lk3m6hfoHAFR3GI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:14 2024 by rpki-client on console-fra.rpki-client.org