Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/lDng7n56DyZT7PWVxT8XRVN60tk.roa
File: lDng7n56DyZT7PWVxT8XRVN60tk.roa (raw, json)
Hash identifier: tcwUcGUyh3ufHw3UmzujJZNySqj707aBA76uIJ7s9l8=
Subject key identifier: 94:39:E0:EE:7E:7A:0F:26:53:EC:F5:95:C5:3F:17:45:53:7A:D2:D9
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 01856B9C7906D49926E7F3F545C8B682B473
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/lDng7n56DyZT7PWVxT8XRVN60tk.roa
Signing time: Sun 01 Jan 2023 04:34:54 +0000
ROA not before: Sun 01 Jan 2023 04:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210472
IP address blocks: 185.112.3.0/24 maxlen: 24
185.112.2.0/24 maxlen: 24
185.112.1.0/24 maxlen: 24
185.112.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:79:06:d4:99:26:e7:f3:f5:45:c8:b6:82:b4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Jan 1 04:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9439e0ee7e7a0f2653ecf595c53f1745537ad2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a4:3d:1e:75:82:7b:67:85:b9:3c:3e:24:17:
4b:41:bf:8c:06:cc:97:90:fe:df:80:7f:fb:2d:7a:
3d:52:0d:ad:ec:b1:71:fa:ca:5e:4d:86:3f:52:0c:
da:92:32:00:07:7d:5d:e5:40:01:47:28:11:72:c4:
fc:19:6c:1f:13:12:b3:c2:b3:f3:e8:e7:10:3f:fb:
3f:4f:8c:38:cd:ed:23:77:58:cb:86:c7:18:6e:a6:
75:c9:6b:70:2d:5a:83:bd:5f:de:7b:a4:b0:72:68:
39:fe:dc:c9:82:58:dc:da:8f:1e:05:34:d4:65:4c:
56:ed:3d:d9:fa:6c:59:60:a1:d1:67:86:00:a5:92:
86:95:5a:31:bf:e4:25:a8:90:88:0a:20:ea:38:77:
db:5c:13:01:a2:02:dc:9f:0d:9e:87:0c:4c:8c:27:
3a:67:2e:21:0a:3f:5e:80:e6:c6:e2:94:9b:d5:ab:
81:e7:d9:c6:f2:d6:91:3a:94:c9:b7:44:f2:13:8b:
35:13:b7:fc:16:c2:30:f5:c6:64:68:bd:2e:e8:61:
ae:d9:11:b3:81:ad:e9:89:b8:fa:ac:b7:28:c9:06:
83:27:c6:8d:2b:82:4b:14:db:06:32:a6:e0:43:6b:
66:25:8c:fc:6c:30:f1:fc:96:02:6d:11:8d:0c:62:
cf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:39:E0:EE:7E:7A:0F:26:53:EC:F5:95:C5:3F:17:45:53:7A:D2:D9
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/lDng7n56DyZT7PWVxT8XRVN60tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:d7:79:0b:31:d8:ea:ee:66:90:b6:1c:88:d0:b5:49:ad:69:
bb:99:6f:4e:b2:d4:cf:68:fb:1f:16:e4:a9:6f:fd:f8:2f:79:
1f:d7:42:4d:30:91:6f:11:a8:00:e8:e8:98:11:65:ba:1e:cc:
45:aa:64:d6:39:26:01:b4:4a:73:cf:9a:d7:c2:14:0b:4e:79:
79:48:f8:66:84:b7:77:7d:6d:ae:38:a2:d2:d4:f0:8e:d9:0a:
ee:36:d6:cd:3d:ab:3a:cf:b0:9b:66:71:88:96:f7:30:d8:1b:
ed:84:65:c1:74:b4:1b:a6:45:a5:59:a7:2a:a5:69:c1:37:c3:
83:56:ca:0c:67:44:3b:79:e9:de:99:89:15:20:4b:0c:de:72:
51:5a:2d:1f:31:a6:bb:34:83:48:b8:35:9c:5c:77:5b:27:07:
06:8a:96:d4:07:ff:0c:dd:7a:49:01:26:0a:0c:31:69:80:0d:
99:03:a0:59:b8:b5:4b:44:31:aa:45:90:81:9d:72:4d:36:19:
cb:97:74:3b:d1:d1:06:d5:8f:9f:ed:27:a5:98:6e:d3:d1:9a:
d3:3a:d0:a1:9b:ec:73:e3:bb:71:6d:7f:57:d7:79:7e:05:0a:
ec:80:95:d3:58:0a:ca:53:34:ff:f0:0d:91:b4:94:54:7f:60:
cf:26:76:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrnHkG1Jkm5/P1Rci2grRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjMwMTAxMDQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM5ZTBlZTdlN2EwZjI2NTNlY2Y1OTVjNTNmMTc0NTUzN2FkMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaQ9HnWCe2eFuTw+JBdLQb+MBsyX
kP7fgH/7LXo9Ug2t7LFx+speTYY/UgzakjIAB31d5UABRygRcsT8GWwfExKzwrPz
6OcQP/s/T4w4ze0jd1jLhscYbqZ1yWtwLVqDvV/ee6Swcmg5/tzJgljc2o8eBTTU
ZUxW7T3Z+mxZYKHRZ4YApZKGlVoxv+QlqJCICiDqOHfbXBMBogLcnw2ehwxMjCc6
Zy4hCj9egObG4pSb1auB59nG8taROpTJt0TyE4s1E7f8FsIw9cZkaL0u6GGu2RGz
ga3pibj6rLcoyQaDJ8aNK4JLFNsGMqbgQ2tmJYz8bDDx/JYCbRGNDGLPVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQ54O5+eg8mU+z1lcU/F0VTetLZMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvbERuZzduNTZEeVpUN1BXVnhUOFhSVk42MHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCO13kLMdjq7maQthyI0LVJrWm7mW9OstTPaPsfFuSp
b/34L3kf10JNMJFvEagA6OiYEWW6HsxFqmTWOSYBtEpzz5rXwhQLTnl5SPhmhLd3
fW2uOKLS1PCO2QruNtbNPas6z7CbZnGIlvcw2BvthGXBdLQbpkWlWacqpWnBN8OD
VsoMZ0Q7eenemYkVIEsM3nJRWi0fMaa7NINIuDWcXHdbJwcGipbUB/8M3XpJASYK
DDFpgA2ZA6BZuLVLRDGqRZCBnXJNNhnLl3Q70dEG1Y+f7SelmG7T0ZrTOtChm+xz
47txbX9X13l+BQrsgJXTWArKUzT/8A2RtJRUf2DPJnZ5
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:01 2024 by rpki-client on console-fra.rpki-client.org