Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/dIC07nb26vXmSR8AxD51p-TBP20.roa
File: dIC07nb26vXmSR8AxD51p-TBP20.roa (raw, json)
Hash identifier: LihxQwnX03F2wY+3vmTPXfo7SJfqFoR/jw1XLE6hw1Q=
Subject key identifier: 74:80:B4:EE:76:F6:EA:F5:E6:49:1F:00:C4:3E:75:A7:E4:C1:3F:6D
Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Certificate serial: 01856CCAFA7B97289DABB31DD1CF0EE590D3
Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/dIC07nb26vXmSR8AxD51p-TBP20.roa
Signing time: Sun 01 Jan 2023 10:05:19 +0000
ROA not before: Sun 01 Jan 2023 10:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202005
IP address blocks: 185.216.252.0/24 maxlen: 24
185.216.252.0/22 maxlen: 22
185.216.253.0/24 maxlen: 24
185.216.255.0/24 maxlen: 24
185.216.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:fa:7b:97:28:9d:ab:b3:1d:d1:cf:0e:e5:90:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Validity
Not Before: Jan 1 10:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7480b4ee76f6eaf5e6491f00c43e75a7e4c13f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:e6:cd:e2:6f:82:36:c2:22:15:4d:3f:2e:
ec:6a:96:42:ec:fc:eb:cd:24:94:01:7a:65:b6:06:
b4:99:12:56:f4:a9:7c:7f:10:02:95:2a:d7:72:27:
ae:7b:98:e2:44:68:6e:f0:bc:77:c5:e7:29:6f:a2:
aa:c3:8b:8f:62:a5:d5:64:78:43:b0:55:5e:6e:19:
2c:49:cd:42:75:6d:90:71:0f:ec:9d:c9:45:a8:3f:
cb:17:05:f2:41:2d:0a:cd:3c:b4:0f:62:59:f5:c9:
39:32:7c:2d:8d:3b:2e:52:64:15:5e:06:a9:99:25:
09:c2:74:e5:40:7b:1c:fc:5e:09:31:48:36:db:74:
e2:01:b8:41:e4:a6:13:7f:e3:3c:10:68:16:ab:88:
bf:13:bf:c0:f4:b2:49:b0:92:03:d2:0b:d5:ed:bf:
ad:08:9d:60:0b:f7:73:01:0e:3d:16:f2:98:1e:8b:
8d:16:23:21:64:17:8c:af:65:a0:82:40:94:b1:67:
9b:f1:82:4a:52:04:02:0a:b2:e9:b7:b2:6e:56:e0:
74:b1:e1:e5:41:37:c0:83:bc:53:01:d1:4b:0f:27:
68:7f:08:65:62:cb:7a:68:4d:10:64:48:bf:b2:e7:
71:49:77:b6:9f:1d:cf:a9:62:a6:49:92:ba:dc:7e:
49:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:80:B4:EE:76:F6:EA:F5:E6:49:1F:00:C4:3E:75:A7:E4:C1:3F:6D
X509v3 Authority Key Identifier:
keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/dIC07nb26vXmSR8AxD51p-TBP20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
67:00:85:d5:0d:08:ba:a9:c4:ef:8b:0c:6e:ae:16:33:10:89:
7a:84:6c:b7:19:21:c2:13:d2:b5:4a:34:0b:1a:01:8b:75:c6:
53:c2:bb:e5:f9:02:60:12:27:8d:f1:a8:40:7e:59:04:86:6e:
58:d1:df:39:96:38:da:12:08:a4:a2:6d:eb:58:3a:ff:fb:c4:
9b:7b:2d:54:b0:57:9e:19:a1:be:6e:d7:82:8f:aa:6f:28:22:
58:8a:f3:bf:9f:e2:54:8e:19:cc:d0:a3:9b:99:2f:ce:76:93:
69:5b:df:93:f4:9b:08:af:3a:de:48:96:45:04:f0:8d:b8:43:
82:3f:77:33:33:4e:13:f2:92:c8:e5:5d:ba:a7:fe:29:2a:ec:
24:0b:04:53:77:f1:05:f0:17:52:4e:c4:20:4b:a4:29:6b:cf:
3c:53:11:cb:6d:33:12:32:75:c7:c6:c5:f4:4c:a7:f6:fe:18:
5c:da:7a:f3:43:6d:9c:85:87:f1:d1:ab:82:1f:9c:06:fa:44:
11:27:16:30:b2:1b:7d:f7:5e:b6:62:20:a0:5a:17:2a:bd:20:
56:4a:50:89:71:9d:79:a3:96:f2:30:59:f5:d6:71:e3:29:f2:
93:80:f2:7a:19:85:16:da:c8:6d:0a:f1:bf:f6:f4:d4:c1:91:
91:16:de:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyvp7lyidq7Md0c8O5ZDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw
MzIwYzMwHhcNMjMwMTAxMTAwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgwYjRlZTc2ZjZlYWY1ZTY0OTFmMDBjNDNlNzVhN2U0YzEzZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOvmzeJvgjbCIhVNPy7sapZC7Pzr
zSSUAXpltga0mRJW9Kl8fxAClSrXcieue5jiRGhu8Lx3xecpb6Kqw4uPYqXVZHhD
sFVebhksSc1CdW2QcQ/snclFqD/LFwXyQS0KzTy0D2JZ9ck5MnwtjTsuUmQVXgap
mSUJwnTlQHsc/F4JMUg223TiAbhB5KYTf+M8EGgWq4i/E7/A9LJJsJID0gvV7b+t
CJ1gC/dzAQ49FvKYHouNFiMhZBeMr2WggkCUsWeb8YJKUgQCCrLpt7JuVuB0seHl
QTfAg7xTAdFLDydofwhlYst6aE0QZEi/sudxSXe2nx3PqWKmSZK63H5JAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSAtO529ur15kkfAMQ+dafkwT9tMB8GA1UdIwQY
MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct
ODIxMGRiNzA0OWIxLzEvZElDMDduYjI2dlhtU1I4QXhENTFwLVRCUDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx
LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBnAIXVDQi6qcTviwxurhYzEIl6hGy3GSHCE9K1SjQL
GgGLdcZTwrvl+QJgEieN8ahAflkEhm5Y0d85ljjaEgikom3rWDr/+8Sbey1UsFee
GaG+bteCj6pvKCJYivO/n+JUjhnM0KObmS/OdpNpW9+T9JsIrzreSJZFBPCNuEOC
P3czM04T8pLI5V26p/4pKuwkCwRTd/EF8BdSTsQgS6Qpa888UxHLbTMSMnXHxsX0
TKf2/hhc2nrzQ22chYfx0auCH5wG+kQRJxYwsht99162YiCgWhcqvSBWSlCJcZ15
o5byMFn11nHjKfKTgPJ6GYUW2shtCvG/9vTUwZGRFt6l
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:15 2024 by rpki-client on console-fra.rpki-client.org