Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e77412-b0d7-4104-926a-99ee616ca85b/1/x99NwkNRaqEPsMKlJr9PdfO5q-g.roa
File: x99NwkNRaqEPsMKlJr9PdfO5q-g.roa (raw, json)
Hash identifier: dcCfBKmA+uWSMcJKh6vTK4yPfv2gEE7uCiEAbzpNTNo=
Subject key identifier: C7:DF:4D:C2:43:51:6A:A1:0F:B0:C2:A5:26:BF:4F:75:F3:B9:AB:E8
Certificate issuer: /CN=2292d96dfb66cb18069d8bd15c9e90cd9124f003
Certificate serial: 0185709514A6D8008478C2BD2E163F5A5038
Authority key identifier: 22:92:D9:6D:FB:66:CB:18:06:9D:8B:D1:5C:9E:90:CD:91:24:F0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpLZbftmyxgGnYvRXJ6QzZEk8AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e77412-b0d7-4104-926a-99ee616ca85b/1/x99NwkNRaqEPsMKlJr9PdfO5q-g.roa
Signing time: Mon 02 Jan 2023 03:44:56 +0000
ROA not before: Mon 02 Jan 2023 03:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202013
IP address blocks: 185.105.248.0/24 maxlen: 24
185.105.251.0/24 maxlen: 24
185.105.250.0/24 maxlen: 24
185.105.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:14:a6:d8:00:84:78:c2:bd:2e:16:3f:5a:50:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2292d96dfb66cb18069d8bd15c9e90cd9124f003
Validity
Not Before: Jan 2 03:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7df4dc243516aa10fb0c2a526bf4f75f3b9abe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:41:64:5c:12:7d:19:f8:6b:94:53:03:6d:
67:a8:69:7b:a5:28:31:e6:29:69:1c:b2:51:9e:ff:
d9:cd:79:81:1f:c3:35:7b:8c:cc:1a:78:e3:b5:0b:
28:f6:25:dc:cc:4f:ba:c7:96:4c:b4:13:57:99:ad:
ae:50:cf:79:7f:7d:a9:49:be:97:11:6b:45:86:a5:
21:b7:db:a5:a4:fa:c5:0c:b4:87:34:6b:0f:87:cf:
c3:3f:63:b0:24:eb:4c:88:28:17:e8:1e:4d:05:86:
8a:5d:1c:64:2d:bc:35:33:4b:b6:13:0c:2a:2c:66:
38:be:6f:fd:c8:c9:ba:53:c7:ad:9f:15:89:74:f1:
0b:ed:24:a2:3d:61:69:ba:7d:ef:29:6d:9e:53:07:
ff:a3:d2:a9:0f:b1:d5:82:fc:a2:bb:ef:92:c7:bf:
7d:ec:80:67:63:8b:ef:a4:28:3b:da:19:92:fa:e5:
e5:ec:07:97:7e:66:d6:4d:2b:b1:77:ed:3e:f3:d8:
04:51:e2:39:60:78:f8:d2:d0:a0:ab:1e:24:c3:28:
8c:82:99:9f:f5:76:5e:ec:08:b2:6b:ee:41:85:07:
28:a6:fd:ea:10:be:e2:c4:6b:24:0d:a3:e4:1c:aa:
44:8c:d1:b2:95:24:a7:60:64:ad:6d:70:2f:5a:71:
7d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DF:4D:C2:43:51:6A:A1:0F:B0:C2:A5:26:BF:4F:75:F3:B9:AB:E8
X509v3 Authority Key Identifier:
keyid:22:92:D9:6D:FB:66:CB:18:06:9D:8B:D1:5C:9E:90:CD:91:24:F0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpLZbftmyxgGnYvRXJ6QzZEk8AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e77412-b0d7-4104-926a-99ee616ca85b/1/x99NwkNRaqEPsMKlJr9PdfO5q-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e77412-b0d7-4104-926a-99ee616ca85b/1/IpLZbftmyxgGnYvRXJ6QzZEk8AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:a6:6e:56:a8:59:e3:62:ce:b7:5d:62:9c:2a:49:4a:2e:02:
52:6b:86:62:78:db:86:86:83:05:f9:46:de:6d:a8:6a:d6:e2:
57:69:21:3f:90:d5:fb:f9:f3:97:51:78:da:92:78:e0:72:8c:
34:95:87:a3:2e:55:c3:31:c4:f8:86:02:ac:25:5e:5a:d2:d5:
4c:e8:47:02:00:c8:9a:16:65:b3:ce:88:bd:f0:37:c5:0f:ae:
b2:85:13:a0:65:20:0e:87:dd:ba:7b:0c:d3:81:34:d5:cf:3f:
a8:7e:3e:96:a0:b8:ac:02:61:2d:88:81:d8:a5:2a:a1:29:33:
b0:10:11:c6:4a:38:1a:de:e0:fc:72:da:34:d9:0c:4c:b8:5b:
c7:11:b8:c1:22:56:2e:2f:f6:33:59:cc:55:50:22:e1:53:f1:
3f:a9:2e:cf:3e:4b:d7:f9:fb:38:8d:cd:fe:30:30:cf:69:bd:
30:6a:20:6e:1b:1d:1f:66:6c:4a:5b:f5:c6:ef:7f:fe:02:ae:
8a:76:36:4e:30:77:f7:aa:0c:fd:3e:69:23:b7:30:9f:b7:76:
94:4f:dc:d5:78:15:d4:b4:af:ab:7b:ba:a3:e9:03:ac:9c:0a:
4d:9d:8f:2a:67:70:0f:c7:6d:3d:7d:63:bb:dc:58:b3:d5:ad:
72:aa:4f:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRSm2ACEeMK9LhY/WlA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOTJkOTZkZmI2NmNiMTgwNjlkOGJkMTVjOWU5MGNkOTEy
NGYwMDMwHhcNMjMwMTAyMDM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RmNGRjMjQzNTE2YWExMGZiMGMyYTUyNmJmNGY3NWYzYjlhYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIRBZFwSfRn4a5RTA21nqGl7pSgx
5ilpHLJRnv/ZzXmBH8M1e4zMGnjjtQso9iXczE+6x5ZMtBNXma2uUM95f32pSb6X
EWtFhqUht9ulpPrFDLSHNGsPh8/DP2OwJOtMiCgX6B5NBYaKXRxkLbw1M0u2Ewwq
LGY4vm/9yMm6U8etnxWJdPEL7SSiPWFpun3vKW2eUwf/o9KpD7HVgvyiu++Sx799
7IBnY4vvpCg72hmS+uXl7AeXfmbWTSuxd+0+89gEUeI5YHj40tCgqx4kwyiMgpmf
9XZe7Aiya+5BhQcopv3qEL7ixGskDaPkHKpEjNGylSSnYGStbXAvWnF9FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMffTcJDUWqhD7DCpSa/T3XzuavoMB8GA1UdIwQY
MBaAFCKS2W37ZssYBp2L0VyekM2RJPADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBMWmJmdG15eGdHbll2UlhKNlF6WkVrOEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lNzc0MTItYjBkNy00MTA0LTkyNmEt
OTllZTYxNmNhODViLzEveDk5TndrTlJhcUVQc01LbEpyOVBkZk81cS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lNzc0MTItYjBkNy00MTA0LTkyNmEtOTllZTYxNmNhODVi
LzEvSXBMWmJmdG15eGdHbll2UlhKNlF6WkVrOEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWn4MA0G
CSqGSIb3DQEBCwUAA4IBAQAcpm5WqFnjYs63XWKcKklKLgJSa4ZieNuGhoMF+Ube
bahq1uJXaSE/kNX7+fOXUXjaknjgcow0lYejLlXDMcT4hgKsJV5a0tVM6EcCAMia
FmWzzoi98DfFD66yhROgZSAOh926ewzTgTTVzz+ofj6WoLisAmEtiIHYpSqhKTOw
EBHGSjga3uD8cto02QxMuFvHEbjBIlYuL/YzWcxVUCLhU/E/qS7PPkvX+fs4jc3+
MDDPab0waiBuGx0fZmxKW/XG73/+Aq6KdjZOMHf3qgz9PmkjtzCft3aUT9zVeBXU
tK+re7qj6QOsnApNnY8qZ3APx209fWO73Fiz1a1yqk8t
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:41 2024 by rpki-client on console-fra.rpki-client.org