Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/96HG3PrgDCiMpZKxmtwZDB1Wggc.roa
File: 96HG3PrgDCiMpZKxmtwZDB1Wggc.roa (raw, json)
Hash identifier: xujmo8rHCQVFNW/Uvw3lSLqYXJR0RCmCs0vX1g0i8es=
Subject key identifier: F7:A1:C6:DC:FA:E0:0C:28:8C:A5:92:B1:9A:DC:19:0C:1D:56:82:07
Certificate issuer: /CN=d7ca53ae8442236757a78066e4e21733f758407a
Certificate serial: 018572C3893B54ED979169268E23548AB5DE
Authority key identifier: D7:CA:53:AE:84:42:23:67:57:A7:80:66:E4:E2:17:33:F7:58:40:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18pTroRCI2dXp4Bm5OIXM_dYQHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/96HG3PrgDCiMpZKxmtwZDB1Wggc.roa
Signing time: Mon 02 Jan 2023 13:54:55 +0000
ROA not before: Mon 02 Jan 2023 13:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211941
IP address blocks: 185.197.237.0/24 maxlen: 24
185.197.236.0/24 maxlen: 24
185.197.236.0/22 maxlen: 24
2a0a:7fc0:4::/46 maxlen: 46
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:89:3b:54:ed:97:91:69:26:8e:23:54:8a:b5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7ca53ae8442236757a78066e4e21733f758407a
Validity
Not Before: Jan 2 13:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7a1c6dcfae00c288ca592b19adc190c1d568207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b6:e6:8e:d7:84:42:40:f6:04:a0:b1:e0:ae:
13:5d:16:cd:33:6a:19:9e:8e:2e:46:07:b5:1e:c0:
bc:d0:6f:86:e9:71:ec:f3:56:f3:e9:a9:e5:da:f4:
d9:dc:be:20:01:ad:ee:10:df:b0:11:50:5f:71:b4:
2d:82:06:21:81:52:f3:4e:84:e9:01:cd:3e:ec:fe:
9c:e9:93:b1:de:71:9f:43:95:91:14:e2:05:8d:91:
84:33:31:1f:1b:bd:06:16:fc:47:da:e8:04:57:3e:
b9:00:9d:b0:fd:31:74:86:83:37:13:12:8e:3f:5f:
00:0c:cd:08:93:ef:bf:3a:24:b8:ef:2d:79:4f:de:
4c:ce:a4:81:f7:ac:21:b1:81:2a:8d:8e:16:5c:1a:
a9:90:9b:9c:cb:60:80:64:2e:6f:c3:0f:bf:df:21:
d4:b5:7c:93:57:ab:e9:bd:4f:fd:86:76:fd:45:99:
82:ae:04:9a:7c:d6:8d:14:4a:3e:c0:90:a1:cd:6b:
75:d1:18:b4:f9:61:20:48:e3:70:a0:78:ba:f1:a3:
d2:45:75:9c:3c:69:51:7e:95:af:55:5a:8d:1a:a4:
12:85:2a:a2:f4:45:9a:b2:99:ad:a7:d3:75:2c:d7:
0f:de:02:88:ae:24:49:99:26:6b:dc:be:7e:e3:8c:
8f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A1:C6:DC:FA:E0:0C:28:8C:A5:92:B1:9A:DC:19:0C:1D:56:82:07
X509v3 Authority Key Identifier:
keyid:D7:CA:53:AE:84:42:23:67:57:A7:80:66:E4:E2:17:33:F7:58:40:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18pTroRCI2dXp4Bm5OIXM_dYQHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/96HG3PrgDCiMpZKxmtwZDB1Wggc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/18pTroRCI2dXp4Bm5OIXM_dYQHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.236.0/22
IPv6:
2a0a:7fc0:4::/46
Signature Algorithm: sha256WithRSAEncryption
01:d7:9b:42:58:48:2a:fa:89:0b:58:58:2e:05:ff:c7:e7:d2:
b4:19:64:42:4b:15:72:8e:e3:76:c6:f7:49:6b:f9:57:6b:2b:
e1:18:c1:07:c0:28:b6:ba:bd:2f:03:da:7a:7a:67:c3:0a:53:
c7:2e:61:d9:4b:5b:07:37:c1:b1:fd:e7:d8:68:ec:38:27:19:
97:4a:55:2a:84:e0:96:98:14:b3:d2:c7:f1:65:3a:e7:df:2a:
46:2a:ea:92:cd:e4:a1:fc:d4:0c:91:8c:7e:ed:ef:ba:e7:e8:
9f:38:e6:14:60:a6:27:7e:98:7b:f8:80:cd:5e:58:f9:f4:ea:
c5:c9:40:27:01:8d:b3:45:d1:25:eb:30:0c:b8:11:e9:a5:c7:
f0:c9:57:70:23:65:18:75:a7:75:13:be:a6:e2:b3:07:51:c5:
51:d0:f4:e8:11:19:f9:be:1c:44:de:a2:f3:3c:72:36:bf:cd:
de:bd:f1:34:f2:ee:e1:f0:c2:f3:38:f2:c7:1d:06:bf:8e:7f:
a7:f2:c7:5d:07:72:52:6c:82:7f:55:47:a8:e7:25:eb:a4:c0:
f1:05:71:3e:36:3e:04:61:99:1a:80:94:02:78:65:59:15:43:
30:3c:9c:f1:8f:04:f4:74:9b:15:da:ba:6a:6c:0d:1a:fb:f0:
ee:1e:ca:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyw4k7VO2XkWkmjiNUirXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Y2E1M2FlODQ0MjIzNjc1N2E3ODA2NmU0ZTIxNzMzZjc1
ODQwN2EwHhcNMjMwMTAyMTM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2ExYzZkY2ZhZTAwYzI4OGNhNTkyYjE5YWRjMTkwYzFkNTY4MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrbmjteEQkD2BKCx4K4TXRbNM2oZ
no4uRge1HsC80G+G6XHs81bz6anl2vTZ3L4gAa3uEN+wEVBfcbQtggYhgVLzToTp
Ac0+7P6c6ZOx3nGfQ5WRFOIFjZGEMzEfG70GFvxH2ugEVz65AJ2w/TF0hoM3ExKO
P18ADM0Ik++/OiS47y15T95MzqSB96whsYEqjY4WXBqpkJucy2CAZC5vww+/3yHU
tXyTV6vpvU/9hnb9RZmCrgSafNaNFEo+wJChzWt10Ri0+WEgSONwoHi68aPSRXWc
PGlRfpWvVVqNGqQShSqi9EWaspmtp9N1LNcP3gKIriRJmSZr3L5+44yP2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPehxtz64AwojKWSsZrcGQwdVoIHMB8GA1UdIwQY
MBaAFNfKU66EQiNnV6eAZuTiFzP3WEB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMThwVHJvUkNJMmRYcDRCbTVPSVhNX2RZUUhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82YjE2OWQtN2YxZi00MjE0LWEyNWIt
OGM0OTgwNzc1NzhmLzEvOTZIRzNQcmdEQ2lNcFpLeG10d1pEQjFXZ2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82YjE2OWQtN2YxZi00MjE0LWEyNWItOGM0OTgwNzc1Nzhm
LzEvMThwVHJvUkNJMmRYcDRCbTVPSVhNX2RZUUhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucXsMA8E
AgACMAkDBwIqCn/AAAQwDQYJKoZIhvcNAQELBQADggEBAAHXm0JYSCr6iQtYWC4F
/8fn0rQZZEJLFXKO43bG90lr+VdrK+EYwQfAKLa6vS8D2np6Z8MKU8cuYdlLWwc3
wbH959ho7DgnGZdKVSqE4JaYFLPSx/FlOuffKkYq6pLN5KH81AyRjH7t77rn6J84
5hRgpid+mHv4gM1eWPn06sXJQCcBjbNF0SXrMAy4Eemlx/DJV3AjZRh1p3UTvqbi
swdRxVHQ9OgRGfm+HETeovM8cja/zd698TTy7uHwwvM48scdBr+Of6fyx10HclJs
gn9VR6jnJeukwPEFcT42PgRhmRqAlAJ4ZVkVQzA8nPGPBPR0mxXaumpsDRr78O4e
yiU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:35 2024 by rpki-client on console-fra.rpki-client.org