Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/vPKceDBivEpqL_G9gCMZ_fZX3fc.roa
File: vPKceDBivEpqL_G9gCMZ_fZX3fc.roa (raw, json)
Hash identifier: c1a8RcqsCLaklWgW4ZtLiQQx02iLBiUIuxTlpTfIcvY=
Subject key identifier: BC:F2:9C:78:30:62:BC:4A:6A:2F:F1:BD:80:23:19:FD:F6:57:DD:F7
Certificate issuer: /CN=048b0c33776663cb4321a108f2f4d1635b5d2d8a
Certificate serial: 0185718C2FF1558CA347FC1276F66294BC13
Authority key identifier: 04:8B:0C:33:77:66:63:CB:43:21:A1:08:F2:F4:D1:63:5B:5D:2D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIsMM3dmY8tDIaEI8vTRY1tdLYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/vPKceDBivEpqL_G9gCMZ_fZX3fc.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204310
IP address blocks: 185.253.175.0/24 maxlen: 24
185.253.172.0/22 maxlen: 22
185.253.172.0/24 maxlen: 24
2a0c:3ec0::/29 maxlen: 29
2a0c:3ec7::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2f:f1:55:8c:a3:47:fc:12:76:f6:62:94:bc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048b0c33776663cb4321a108f2f4d1635b5d2d8a
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcf29c783062bc4a6a2ff1bd802319fdf657ddf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:59:11:87:96:b8:11:6a:ce:cc:c7:48:3e:7b:
a8:e9:ca:18:8c:0a:9e:3b:38:ec:0a:9d:1c:30:ae:
52:e0:35:e4:46:49:95:99:7b:26:f6:87:42:c5:25:
94:a5:b5:87:ec:2b:24:8e:f8:0e:19:a4:0c:e4:b4:
60:20:b7:aa:38:03:1f:be:50:d6:70:08:b6:13:ef:
5a:00:cc:60:62:58:a3:4c:27:b6:d6:4b:82:9b:d3:
02:d7:b5:57:20:8d:f7:e7:6f:43:d2:a7:56:57:d5:
50:d5:29:f9:2a:99:26:0b:11:4a:9f:b5:17:8b:b2:
79:cb:4c:45:c9:c4:cb:55:1d:d1:a2:7b:ba:2c:4a:
44:4d:e7:cb:31:24:19:dd:c6:13:64:e4:2c:74:92:
28:94:a8:7f:30:8d:0f:8e:cb:cc:f3:3d:a7:b4:32:
af:39:db:78:45:37:ae:7e:18:96:07:01:03:a6:89:
15:00:fd:26:0b:45:06:0c:0c:74:af:24:2d:74:f1:
b4:57:20:37:53:41:33:e4:6f:fd:db:1c:0e:5b:1b:
dc:ef:db:62:50:23:18:5f:74:d4:0e:42:e3:aa:72:
cb:85:cf:9a:0f:cd:38:83:2c:58:0b:07:56:c5:6e:
6a:6c:11:79:e2:ea:6d:65:83:59:81:7d:64:15:ed:
0e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F2:9C:78:30:62:BC:4A:6A:2F:F1:BD:80:23:19:FD:F6:57:DD:F7
X509v3 Authority Key Identifier:
keyid:04:8B:0C:33:77:66:63:CB:43:21:A1:08:F2:F4:D1:63:5B:5D:2D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIsMM3dmY8tDIaEI8vTRY1tdLYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/vPKceDBivEpqL_G9gCMZ_fZX3fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/BIsMM3dmY8tDIaEI8vTRY1tdLYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.172.0/22
IPv6:
2a0c:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
da:8c:f5:e0:c4:d3:ea:5c:3a:26:dd:18:0f:04:2c:e2:8f:e5:
dc:41:74:29:ec:1c:ea:91:7a:b0:ed:51:6a:3a:34:b4:14:67:
3b:31:24:89:d8:b9:2e:4f:94:40:bf:da:bc:0b:eb:a5:f2:a7:
ba:59:57:02:20:6a:c2:46:19:4c:31:95:4a:82:56:7f:f2:74:
1d:b3:61:f7:e6:d0:88:a6:86:d9:97:ab:33:3b:ab:bb:79:b4:
7b:ed:a5:3b:79:4d:62:39:3b:c2:f9:73:bb:e0:2b:54:65:ac:
04:a3:31:c4:e4:54:00:a5:db:2a:a0:a8:a9:94:86:0c:d5:1f:
fb:45:95:b3:8d:ce:56:a7:67:78:e9:e6:61:f9:b3:c5:67:40:
b7:c9:0c:52:cb:2b:ee:75:a6:be:98:bd:b9:55:8d:df:a4:26:
b1:57:db:46:26:0e:c5:2d:a9:12:de:1e:92:de:b2:3a:4f:cd:
ec:ab:9d:ae:a4:cb:41:b7:95:d4:91:b1:3a:8b:c0:9d:5e:95:
0f:e6:4b:29:79:53:5d:1c:a0:a3:8f:7b:fe:a2:b6:16:11:f5:
62:22:6c:73:40:23:22:37:86:c0:d6:af:5f:0a:b4:23:a1:4a:
50:04:6f:f1:49:82:0f:4a:ff:34:79:7f:7b:c3:a7:ea:00:59:
7b:bd:d0:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjC/xVYyjR/wSdvZilLwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGIwYzMzNzc2NjYzY2I0MzIxYTEwOGYyZjRkMTYzNWI1
ZDJkOGEwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2YyOWM3ODMwNjJiYzRhNmEyZmYxYmQ4MDIzMTlmZGY2NTdkZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41kRh5a4EWrOzMdIPnuo6coYjAqe
OzjsCp0cMK5S4DXkRkmVmXsm9odCxSWUpbWH7CskjvgOGaQM5LRgILeqOAMfvlDW
cAi2E+9aAMxgYlijTCe21kuCm9MC17VXII33529D0qdWV9VQ1Sn5KpkmCxFKn7UX
i7J5y0xFycTLVR3Ronu6LEpETefLMSQZ3cYTZOQsdJIolKh/MI0PjsvM8z2ntDKv
Odt4RTeufhiWBwEDpokVAP0mC0UGDAx0ryQtdPG0VyA3U0Ez5G/92xwOWxvc79ti
UCMYX3TUDkLjqnLLhc+aD804gyxYCwdWxW5qbBF54uptZYNZgX1kFe0OTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLzynHgwYrxKai/xvYAjGf32V933MB8GA1UdIwQY
MBaAFASLDDN3ZmPLQyGhCPL00WNbXS2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQklzTU0zZG1ZOHRESWFFSTh2VFJZMXRkTFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80YmI3ZjQtOTcwOS00MTA5LWIzMGUt
MjQxMTZjYjZlOTg2LzEvdlBLY2VEQml2RXBxTF9HOWdDTVpfZlpYM2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80YmI3ZjQtOTcwOS00MTA5LWIzMGUtMjQxMTZjYjZlOTg2
LzEvQklzTU0zZG1ZOHRESWFFSTh2VFJZMXRkTFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf2sMA0E
AgACMAcDBQMqDD7AMA0GCSqGSIb3DQEBCwUAA4IBAQDajPXgxNPqXDom3RgPBCzi
j+XcQXQp7BzqkXqw7VFqOjS0FGc7MSSJ2LkuT5RAv9q8C+ul8qe6WVcCIGrCRhlM
MZVKglZ/8nQds2H35tCIpobZl6szO6u7ebR77aU7eU1iOTvC+XO74CtUZawEozHE
5FQApdsqoKiplIYM1R/7RZWzjc5Wp2d46eZh+bPFZ0C3yQxSyyvudaa+mL25VY3f
pCaxV9tGJg7FLakS3h6S3rI6T83sq52upMtBt5XUkbE6i8CdXpUP5kspeVNdHKCj
j3v+orYWEfViImxzQCMiN4bA1q9fCrQjoUpQBG/xSYIPSv80eX97w6fqAFl7vdDH
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:48 2024 by rpki-client on console-fra.rpki-client.org