Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/763sHU3qRQKGcSOsDpi3vFaovtE.roa
File: 763sHU3qRQKGcSOsDpi3vFaovtE.roa (raw, json)
Hash identifier: yMThXu6cG82VwvrzuatKKKX3TA36Zibx0FveVxx6EBg=
Subject key identifier: EF:AD:EC:1D:4D:EA:45:02:86:71:23:AC:0E:98:B7:BC:56:A8:BE:D1
Certificate issuer: /CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Certificate serial: 01856DCB15217DDC00E73EEB86131F46EAB8
Authority key identifier: D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/763sHU3qRQKGcSOsDpi3vFaovtE.roa
Signing time: Sun 01 Jan 2023 14:45:03 +0000
ROA not before: Sun 01 Jan 2023 14:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204176
IP address blocks: 185.112.63.0/24 maxlen: 24
185.112.62.0/24 maxlen: 24
185.112.61.0/24 maxlen: 24
185.112.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:15:21:7d:dc:00:e7:3e:eb:86:13:1f:46:ea:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Validity
Not Before: Jan 1 14:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efadec1d4dea4502867123ac0e98b7bc56a8bed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fd:2c:b5:a0:a1:0e:de:0a:d8:06:7e:54:35:
74:4c:5d:d9:62:c9:85:e8:35:1d:db:44:5c:58:85:
b4:df:30:e1:0a:3e:b2:12:3d:d2:6e:91:ac:d9:6e:
db:20:45:3d:ce:72:8f:d9:7a:16:2d:18:17:ba:0f:
51:15:88:ac:6f:4d:5f:62:9f:e6:44:ff:d7:46:d2:
ea:7c:29:98:0b:00:a8:cf:1a:33:77:16:d6:c9:f7:
03:cd:6b:59:b6:ad:58:59:4d:5b:5f:64:ba:bd:6f:
fb:3f:1f:54:d0:e9:28:f5:1f:5f:5a:78:f0:c5:7f:
f8:bf:40:1a:fc:6b:fd:d6:bc:95:e3:65:bf:c1:4d:
13:74:1a:a6:c4:9b:b4:59:5c:2c:b7:c2:79:df:f5:
76:e8:9c:fc:e4:77:db:b8:95:bb:bb:b1:dd:c0:3a:
4f:57:89:98:b4:71:4a:18:5f:2c:63:6b:fc:36:bc:
65:db:89:e0:4a:a8:8b:ca:b8:2f:5e:61:32:15:ee:
7d:12:7f:9a:b5:60:81:b0:25:e9:c0:26:af:78:f9:
74:ef:01:47:7a:45:2c:aa:b1:c0:1a:ff:26:19:43:
d5:9d:62:d2:42:5e:ad:e9:67:60:14:d6:95:9d:25:
c2:6c:7c:58:f6:37:6b:2e:12:7e:32:ef:16:68:52:
d7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AD:EC:1D:4D:EA:45:02:86:71:23:AC:0E:98:B7:BC:56:A8:BE:D1
X509v3 Authority Key Identifier:
keyid:D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/763sHU3qRQKGcSOsDpi3vFaovtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/0cSRMJSiEmjHOmdlOjc41z5cWac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.60.0/22
Signature Algorithm: sha256WithRSAEncryption
25:40:90:30:98:e5:ed:c7:82:3c:f0:95:c1:c8:94:47:ab:af:
96:2a:44:4d:d8:29:4a:73:65:8e:c9:74:85:50:e0:f2:79:85:
9e:fd:6b:c7:33:56:18:70:16:8d:b6:b1:91:01:40:90:f2:ac:
38:f7:fb:1b:38:a1:b4:98:e2:28:1e:83:86:1e:5a:29:cd:7b:
02:a5:35:be:b1:94:09:09:a4:78:f1:b8:22:fe:3d:33:75:81:
4d:fb:b0:fb:87:be:3b:e3:db:d3:3b:a0:44:71:bf:f7:84:14:
c0:76:5f:c9:98:0c:c5:65:4c:0a:57:a8:61:27:bc:96:ee:68:
06:62:20:4b:6c:0e:4b:c2:6b:fa:e1:af:b1:d9:79:f9:7a:8a:
ff:64:07:dd:76:0a:2f:b6:35:9a:36:99:54:e8:e5:49:57:e4:
cd:70:52:0a:a3:25:f2:4f:53:2f:aa:80:05:36:cd:21:e1:cb:
f2:e0:d0:2a:b8:da:a3:28:d0:3f:d7:2d:bb:ea:08:04:07:65:
0f:94:26:fb:47:2a:42:dc:ae:74:14:de:e3:e1:3a:26:1f:f7:
ec:9b:9f:6d:c3:5f:a2:b2:15:fd:fb:87:43:c0:06:80:7b:3e:
52:a0:29:4c:d0:c9:3d:f3:68:71:94:85:bd:87:af:ce:05:01:
c9:fb:de:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyxUhfdwA5z7rhhMfRuq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYzQ5MTMwOTRhMjEyNjhjNzNhNjc2NTNhMzczOGQ3M2U1
YzU5YTcwHhcNMjMwMTAxMTQ0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmFkZWMxZDRkZWE0NTAyODY3MTIzYWMwZTk4YjdiYzU2YThiZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf0staChDt4K2AZ+VDV0TF3ZYsmF
6DUd20RcWIW03zDhCj6yEj3SbpGs2W7bIEU9znKP2XoWLRgXug9RFYisb01fYp/m
RP/XRtLqfCmYCwCozxozdxbWyfcDzWtZtq1YWU1bX2S6vW/7Px9U0Oko9R9fWnjw
xX/4v0Aa/Gv91ryV42W/wU0TdBqmxJu0WVwst8J53/V26Jz85HfbuJW7u7HdwDpP
V4mYtHFKGF8sY2v8Nrxl24ngSqiLyrgvXmEyFe59En+atWCBsCXpwCavePl07wFH
ekUsqrHAGv8mGUPVnWLSQl6t6WdgFNaVnSXCbHxY9jdrLhJ+Mu8WaFLXfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+t7B1N6kUChnEjrA6Yt7xWqL7RMB8GA1UdIwQY
MBaAFNHEkTCUohJoxzpnZTo3ONc+XFmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAt
MzNhODJhYjVmNTEzLzEvNzYzc0hVM3FSUUtHY1NPc0RwaTN2RmFvdnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAtMzNhODJhYjVmNTEz
LzEvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXA8MA0G
CSqGSIb3DQEBCwUAA4IBAQAlQJAwmOXtx4I88JXByJRHq6+WKkRN2ClKc2WOyXSF
UODyeYWe/WvHM1YYcBaNtrGRAUCQ8qw49/sbOKG0mOIoHoOGHlopzXsCpTW+sZQJ
CaR48bgi/j0zdYFN+7D7h74749vTO6BEcb/3hBTAdl/JmAzFZUwKV6hhJ7yW7mgG
YiBLbA5Lwmv64a+x2Xn5eor/ZAfddgovtjWaNplU6OVJV+TNcFIKoyXyT1MvqoAF
Ns0h4cvy4NAquNqjKNA/1y276ggEB2UPlCb7RypC3K50FN7j4TomH/fsm59tw1+i
shX9+4dDwAaAez5SoClM0Mk982hxlIW9h6/OBQHJ+95R
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:03 2024 by rpki-client on console-fra.rpki-client.org