Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/ODklcJgoeG4hEpkmdtm4SJoq4tQ.roa
File: ODklcJgoeG4hEpkmdtm4SJoq4tQ.roa (raw, json)
Hash identifier: 4gFn+O/MtDrAa6QqDHscRQmrrPU1uaCDNNEB6Pao2aY=
Subject key identifier: 38:39:25:70:98:28:78:6E:21:12:99:26:76:D9:B8:48:9A:2A:E2:D4
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 018A8E7BC2D80829DAE3524453BC31FAC19A
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/ODklcJgoeG4hEpkmdtm4SJoq4tQ.roa
Signing time: Wed 13 Sep 2023 12:19:50 +0000
ROA not before: Wed 13 Sep 2023 12:19:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199775
IP address blocks: 185.95.108.0/22 maxlen: 24
185.6.152.0/22 maxlen: 24
185.242.218.0/24 maxlen: 24
185.208.240.0/22 maxlen: 22
185.168.132.0/23 maxlen: 24
185.168.135.0/24 maxlen: 24
185.168.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:7b:c2:d8:08:29:da:e3:52:44:53:bc:31:fa:c1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Sep 13 12:19:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=383925709828786e2112992676d9b8489a2ae2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c8:90:45:11:65:03:2f:6e:1e:c5:57:84:cb:
1f:8c:ef:9f:85:78:97:30:88:db:42:1e:b3:ef:46:
c4:ca:ad:62:57:69:60:f2:86:52:ba:29:e5:85:4c:
70:38:bb:84:3f:ea:d9:b3:b3:aa:e5:7f:bc:ec:0e:
39:fe:7d:12:b9:c1:2f:8b:15:7a:9f:2d:cf:1e:ef:
1f:b4:62:60:80:29:f4:fd:54:98:6a:69:ec:fd:3c:
07:65:68:96:d2:86:9d:e4:8b:3b:cd:d8:65:dd:bb:
98:b2:79:4f:ce:d5:a9:ab:3f:51:40:65:06:7b:f7:
1d:7b:1d:33:d6:05:cb:3f:94:55:80:76:e7:a9:6f:
2c:a7:1e:80:95:5e:78:c4:b3:bd:e8:fd:f7:20:b2:
c5:32:77:34:00:7d:77:94:23:61:ed:6d:13:42:54:
6d:b0:9e:f2:01:1b:f5:66:29:fc:13:52:07:bb:56:
a1:ab:c0:ce:7b:ba:8f:1f:4d:a2:ac:01:dc:bc:8e:
67:7e:0f:51:a5:fb:69:da:70:c7:ce:0c:c3:3e:08:
85:7f:4c:e0:e5:1f:47:18:33:b4:03:53:d1:c6:79:
cb:c7:9a:12:87:4e:e0:c2:42:d9:9a:35:a2:b4:e0:
fc:83:d3:78:9e:fa:a4:c7:29:44:ae:b8:a0:66:72:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:39:25:70:98:28:78:6E:21:12:99:26:76:D9:B8:48:9A:2A:E2:D4
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/ODklcJgoeG4hEpkmdtm4SJoq4tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.152.0/22
185.95.108.0/22
185.168.132.0/22
185.208.240.0/22
185.242.218.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a1:ef:3d:15:c3:b8:96:a3:35:f4:b7:43:db:2d:22:5f:9a:
e3:e5:54:da:72:e0:f5:2e:c5:63:b7:24:43:2f:c0:ca:e4:18:
a9:53:e4:b2:b9:1d:78:89:0f:3d:09:2f:af:c7:63:b0:0d:2b:
c7:11:95:fb:58:f4:9d:57:12:71:13:61:6f:2b:9b:4d:65:c9:
24:54:f3:30:47:6b:15:ba:35:d1:e2:e1:48:e5:1c:c6:0b:2d:
44:38:cf:c3:5d:54:23:e4:f4:2b:29:42:de:9b:d0:15:d4:a6:
49:8e:2a:46:52:fe:e5:6c:08:c9:3e:de:36:84:d0:8f:a0:c6:
2e:99:fe:f1:1b:a5:bd:eb:d1:f1:32:8b:22:96:d9:67:82:16:
38:a1:a2:b5:5a:7e:77:81:29:5e:00:d6:70:2d:23:4c:79:82:
56:9a:94:fe:7b:62:0d:d8:80:b3:96:e7:41:d9:ca:83:8f:c3:
3c:fc:25:4e:86:1a:ad:22:ed:e1:86:08:79:70:db:9e:6b:8a:
7f:cc:0e:5e:a9:e8:c9:9a:94:21:39:44:30:a9:45:3f:2f:7d:
fc:72:d7:d5:02:b1:d2:8f:75:8b:4a:4c:61:3a:96:19:aa:16:
41:e5:6f:bc:0b:e0:16:25:ef:44:36:5e:c3:f5:48:2e:6f:f7:
c2:e0:be:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqOe8LYCCna41JEU7wx+sGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwOTEzMTIxOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM5MjU3MDk4Mjg3ODZlMjExMjk5MjY3NmQ5Yjg0ODlhMmFlMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMiQRRFlAy9uHsVXhMsfjO+fhXiX
MIjbQh6z70bEyq1iV2lg8oZSuinlhUxwOLuEP+rZs7Oq5X+87A45/n0SucEvixV6
ny3PHu8ftGJggCn0/VSYamns/TwHZWiW0oad5Is7zdhl3buYsnlPztWpqz9RQGUG
e/cdex0z1gXLP5RVgHbnqW8spx6AlV54xLO96P33ILLFMnc0AH13lCNh7W0TQlRt
sJ7yARv1Zin8E1IHu1ahq8DOe7qPH02irAHcvI5nfg9Rpftp2nDHzgzDPgiFf0zg
5R9HGDO0A1PRxnnLx5oSh07gwkLZmjWitOD8g9N4nvqkxylErrigZnLVnwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDg5JXCYKHhuIRKZJnbZuEiaKuLUMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvT0RrbGNKZ29lRzRoRXBrbWR0bTRTSm9xNHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuQaYAwQC
uV9sAwQCuaiEAwQCudDwAwQAufLaMA0GCSqGSIb3DQEBCwUAA4IBAQBzoe89FcO4
lqM19LdD2y0iX5rj5VTacuD1LsVjtyRDL8DK5BipU+SyuR14iQ89CS+vx2OwDSvH
EZX7WPSdVxJxE2FvK5tNZckkVPMwR2sVujXR4uFI5RzGCy1EOM/DXVQj5PQrKULe
m9AV1KZJjipGUv7lbAjJPt42hNCPoMYumf7xG6W969HxMosiltlnghY4oaK1Wn53
gSleANZwLSNMeYJWmpT+e2IN2ICzludB2cqDj8M8/CVOhhqtIu3hhgh5cNuea4p/
zA5eqejJmpQhOUQwqUU/L338ctfVArHSj3WLSkxhOpYZqhZB5W+8C+AWJe9ENl7D
9Ugub/fC4L7s
-----END CERTIFICATE-----
Generated at Mon Oct 2 14:27:09 2023 by rpki-client on console-fra.rpki-client.org