Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/S185PyvzuJ1wWKRciRZkxd3gzlg.roa
File: S185PyvzuJ1wWKRciRZkxd3gzlg.roa (raw, json)
Hash identifier: BpRBgvBkrhZlWwRsXUYanR3HkFhOSvIhETbk1BXQDJY=
Subject key identifier: 4B:5F:39:3F:2B:F3:B8:9D:70:58:A4:5C:89:16:64:C5:DD:E0:CE:58
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 01856D0AE032172674E1FA05D99DBBC24A53
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/S185PyvzuJ1wWKRciRZkxd3gzlg.roa
Signing time: Sun 01 Jan 2023 11:15:07 +0000
ROA not before: Sun 01 Jan 2023 11:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29549
IP address blocks: 193.105.240.0/24 maxlen: 24
185.63.121.0/24 maxlen: 24
185.63.123.0/24 maxlen: 24
185.63.120.0/24 maxlen: 24
185.63.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e0:32:17:26:74:e1:fa:05:d9:9d:bb:c2:4a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Jan 1 11:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5f393f2bf3b89d7058a45c891664c5dde0ce58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:ae:43:f2:7e:e1:17:bf:20:8e:db:e9:56:
e8:92:f0:d5:6a:b2:5e:6d:f4:75:20:dd:14:46:28:
65:67:dd:ff:2f:f0:ee:a7:98:04:90:cc:e9:9d:24:
cb:45:c1:79:a2:2e:2a:a6:23:9e:e1:d9:f7:f2:0d:
ee:62:c4:aa:10:8a:7d:35:e0:96:54:d2:e9:5c:6c:
10:64:6c:ad:11:79:0f:ec:04:8f:20:03:4f:88:f7:
59:17:fa:a0:83:cc:33:e0:7b:53:3c:0d:84:c6:5b:
45:4a:ac:db:d1:d5:0d:ee:0d:28:e3:d3:2e:b4:70:
83:a6:80:40:5a:91:3b:70:d1:e4:bf:6d:fa:62:8e:
c1:99:37:3b:a8:09:9d:73:3a:bb:99:26:1c:c2:38:
c0:97:18:c2:74:b0:8a:7e:49:1f:2c:68:06:6d:18:
5b:ae:92:d2:9d:f4:11:5f:1a:9b:4a:5b:aa:37:96:
e2:be:23:b8:64:ee:95:55:df:64:6d:70:68:03:68:
f3:5f:44:52:97:54:fe:80:55:41:c0:40:cf:2a:85:
31:6f:0c:8f:ea:c0:bb:d2:fe:a3:a4:4b:b2:3d:e7:
9f:bf:2e:03:55:c8:8b:b5:69:69:22:55:07:b8:9e:
60:4f:b2:14:22:da:0f:07:4e:0e:ba:99:db:2d:9b:
49:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5F:39:3F:2B:F3:B8:9D:70:58:A4:5C:89:16:64:C5:DD:E0:CE:58
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/S185PyvzuJ1wWKRciRZkxd3gzlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.120.0/22
193.105.240.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:1a:55:d7:b0:3a:5f:8b:48:64:35:0f:8b:ab:a7:32:99:e8:
c5:7a:5e:81:8c:db:59:37:34:cb:93:d5:66:d0:1b:76:46:35:
cf:78:f8:ec:dd:b5:2a:a1:36:fb:32:87:31:15:bd:d2:34:06:
c6:e5:fd:3d:30:7e:84:55:53:e0:3e:05:68:5c:af:63:db:f4:
e2:55:f1:4d:f2:f7:0d:39:78:e0:d6:13:e4:57:02:cf:40:41:
78:51:ca:45:0f:9f:11:af:20:df:57:5e:51:d1:7f:81:52:a6:
6e:5b:bc:14:d8:c1:b9:1c:d6:13:59:a3:f3:64:0f:44:fb:35:
53:c4:8f:c7:9d:ee:ad:4d:31:a7:ba:23:3d:41:be:2a:5a:09:
d1:ef:16:1a:9b:ee:fe:a3:8c:62:16:6d:73:31:60:f1:52:60:
63:4a:80:0f:f8:a2:32:9e:ed:d3:00:7f:5e:88:7b:a4:df:ce:
9b:18:72:09:5a:70:40:9f:80:70:c8:71:d3:2a:e2:7e:c3:af:
9f:49:c5:7b:e6:f0:1a:51:1e:8e:2c:45:23:1b:4d:5b:5f:91:
ad:ab:ff:78:ea:df:79:be:29:3d:14:dd:e0:d4:0e:e1:c9:f3:
e7:f4:45:c2:e3:b4:02:40:b7:45:07:ce:ff:df:0c:ac:e2:43:
8a:e7:88:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCuAyFyZ04foF2Z27wkpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx
OWY3Y2MwHhcNMjMwMTAxMTExNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVmMzkzZjJiZjNiODlkNzA1OGE0NWM4OTE2NjRjNWRkZTBjZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZGuQ/J+4Re/II7b6VbokvDVarJe
bfR1IN0URihlZ93/L/Dup5gEkMzpnSTLRcF5oi4qpiOe4dn38g3uYsSqEIp9NeCW
VNLpXGwQZGytEXkP7ASPIANPiPdZF/qgg8wz4HtTPA2ExltFSqzb0dUN7g0o49Mu
tHCDpoBAWpE7cNHkv236Yo7BmTc7qAmdczq7mSYcwjjAlxjCdLCKfkkfLGgGbRhb
rpLSnfQRXxqbSluqN5biviO4ZO6VVd9kbXBoA2jzX0RSl1T+gFVBwEDPKoUxbwyP
6sC70v6jpEuyPeefvy4DVciLtWlpIlUHuJ5gT7IUItoPB04OupnbLZtJdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEtfOT8r87idcFikXIkWZMXd4M5YMB8GA1UdIwQY
MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct
MzUxYzIxMTkyYzY1LzEvUzE4NVB5dnp1SjF3V0tSY2lSWmt4ZDNnemxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1
LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuT94AwQA
wWnwMA0GCSqGSIb3DQEBCwUAA4IBAQAMGlXXsDpfi0hkNQ+Lq6cymejFel6BjNtZ
NzTLk9Vm0Bt2RjXPePjs3bUqoTb7MocxFb3SNAbG5f09MH6EVVPgPgVoXK9j2/Ti
VfFN8vcNOXjg1hPkVwLPQEF4UcpFD58RryDfV15R0X+BUqZuW7wU2MG5HNYTWaPz
ZA9E+zVTxI/Hne6tTTGnuiM9Qb4qWgnR7xYam+7+o4xiFm1zMWDxUmBjSoAP+KIy
nu3TAH9eiHuk386bGHIJWnBAn4BwyHHTKuJ+w6+fScV75vAaUR6OLEUjG01bX5Gt
q/946t95vik9FN3g1A7hyfPn9EXC47QCQLdFB87/3wys4kOK54gC
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:08 2024 by rpki-client on console-ams.rpki-client.org