Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/I3w749qUH0VgIPrtfEjxcyWHtIQ.roa
File: I3w749qUH0VgIPrtfEjxcyWHtIQ.roa (raw, json)
Hash identifier: iZOCr4i0qG68qCS8aE0I4x613mC6LsoS+UnOvWsKRec=
Subject key identifier: 23:7C:3B:E3:DA:94:1F:45:60:20:FA:ED:7C:48:F1:73:25:87:B4:84
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01856CE60335FC125E1053406F0BE0FFEBE5
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/I3w749qUH0VgIPrtfEjxcyWHtIQ.roa
Signing time: Sun 01 Jan 2023 10:34:51 +0000
ROA not before: Sun 01 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 185.121.83.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:03:35:fc:12:5e:10:53:40:6f:0b:e0:ff:eb:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=237c3be3da941f456020faed7c48f1732587b484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d6:8b:c4:62:b6:c4:e6:3b:39:fb:bb:e6:35:
eb:8f:6b:07:7e:74:f4:38:3f:4f:b5:13:f9:63:77:
5b:16:ea:9f:e1:ec:20:28:a7:7f:05:63:31:09:5c:
13:58:67:aa:2f:98:cb:47:3f:e4:c4:be:07:33:93:
2f:c0:07:1c:35:b3:1d:f0:50:31:9c:dd:2d:03:50:
19:8b:4c:03:0b:60:50:18:22:4a:46:8e:a9:44:c9:
81:60:a5:83:05:cd:6d:c9:7a:ca:a7:4c:b7:31:16:
2a:dd:a6:a9:1d:66:cc:b1:8e:bf:cb:19:65:4b:90:
fe:48:48:54:e6:06:1a:1d:c0:2e:5d:08:1d:27:2b:
15:df:77:05:dc:b6:9d:15:00:7e:7e:ec:0d:0c:cc:
f4:14:71:fc:6b:1c:1d:8d:6a:03:32:9b:aa:6c:e2:
25:f7:af:b6:ca:35:85:f9:78:7d:e6:fe:92:48:a0:
42:71:53:94:a6:31:bd:8a:e8:ca:83:c0:14:0e:fb:
f4:4a:06:69:df:a0:12:09:05:24:8e:91:4d:45:0d:
fc:f1:72:98:d7:b2:1c:30:dd:ac:bc:22:be:b2:70:
30:b3:ef:5f:58:57:bd:24:3a:10:b6:4d:42:02:e1:
dc:d3:ed:97:4d:36:7a:05:d3:55:87:27:f9:29:dc:
1e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7C:3B:E3:DA:94:1F:45:60:20:FA:ED:7C:48:F1:73:25:87:B4:84
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/I3w749qUH0VgIPrtfEjxcyWHtIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.192.0/22
185.121.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:f1:e2:4a:49:12:29:f6:37:6e:a5:de:58:7c:93:01:d9:81:
bd:8d:73:fe:76:08:d3:2b:03:39:ce:e2:c5:86:ab:ff:2c:f9:
c2:2b:5a:94:d7:50:61:92:dd:95:57:c5:3d:9e:8b:dc:ee:8e:
3a:d6:f2:17:da:ef:6e:57:a1:04:16:7f:17:fe:81:49:c6:bc:
8f:95:be:92:5e:25:7b:b5:43:54:b5:cf:93:a1:a6:2c:d9:15:
8e:0e:4f:b0:6d:8d:99:7e:8c:f9:00:aa:28:9c:6a:ff:26:94:
58:a0:f3:9a:37:d1:26:b3:79:e9:cd:91:67:5c:2d:f4:66:8f:
18:14:af:e6:98:7d:5e:de:7f:5e:9f:45:77:3f:67:87:c5:f3:
0c:ed:3b:3f:ac:2e:43:11:11:65:02:70:74:6d:32:be:31:5d:
05:fb:60:e6:23:67:39:eb:86:33:5e:d6:60:27:fb:dc:df:6b:
7d:0b:0e:ac:8f:44:85:f0:07:f0:13:11:04:c7:1a:f8:1b:aa:
b9:4a:2b:59:1b:13:8d:54:ad:a7:71:8e:ff:00:3a:e6:f3:91:
4d:22:3b:a7:08:d1:60:30:ef:52:91:d7:52:0c:67:86:a4:8e:
a3:3c:62:e8:8d:d9:56:95:37:1b:bb:74:d6:a5:36:19:42:ab:
10:fc:7d:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5gM1/BJeEFNAbwvg/+vlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMTAxMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdjM2JlM2RhOTQxZjQ1NjAyMGZhZWQ3YzQ4ZjE3MzI1ODdiNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndaLxGK2xOY7Ofu75jXrj2sHfnT0
OD9PtRP5Y3dbFuqf4ewgKKd/BWMxCVwTWGeqL5jLRz/kxL4HM5MvwAccNbMd8FAx
nN0tA1AZi0wDC2BQGCJKRo6pRMmBYKWDBc1tyXrKp0y3MRYq3aapHWbMsY6/yxll
S5D+SEhU5gYaHcAuXQgdJysV33cF3LadFQB+fuwNDMz0FHH8axwdjWoDMpuqbOIl
96+2yjWF+Xh95v6SSKBCcVOUpjG9iujKg8AUDvv0SgZp36ASCQUkjpFNRQ388XKY
17IcMN2svCK+snAws+9fWFe9JDoQtk1CAuHc0+2XTTZ6BdNVhyf5KdweMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCN8O+PalB9FYCD67XxI8XMlh7SEMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvSTN3NzQ5cVVIMFZnSVBydGZFanhjeVdIdElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXTAAwQC
uXlQMA0GCSqGSIb3DQEBCwUAA4IBAQBK8eJKSRIp9jdupd5YfJMB2YG9jXP+dgjT
KwM5zuLFhqv/LPnCK1qU11Bhkt2VV8U9novc7o461vIX2u9uV6EEFn8X/oFJxryP
lb6SXiV7tUNUtc+ToaYs2RWODk+wbY2Zfoz5AKoonGr/JpRYoPOaN9Ems3npzZFn
XC30Zo8YFK/mmH1e3n9en0V3P2eHxfMM7Ts/rC5DERFlAnB0bTK+MV0F+2DmI2c5
64YzXtZgJ/vc32t9Cw6sj0SF8AfwExEExxr4G6q5SitZGxONVK2ncY7/ADrm85FN
IjunCNFgMO9SkddSDGeGpI6jPGLojdlWlTcbu3TWpTYZQqsQ/H1M
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:27 2024 by rpki-client on console-ams.rpki-client.org