Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/JRyjEq6eODkR0t4o2ct-fQbHLAE.roa
File: JRyjEq6eODkR0t4o2ct-fQbHLAE.roa (raw, json)
Hash identifier: roZIoTJvr/T/kAvMCV5EEWk9NpQ0lF1CRCHegROHGdQ=
Subject key identifier: 25:1C:A3:12:AE:9E:38:39:11:D2:DE:28:D9:CB:7E:7D:06:C7:2C:01
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 01857246C8510CD8BC66A8535E1801A9F716
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/JRyjEq6eODkR0t4o2ct-fQbHLAE.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198651
IP address blocks: 185.220.176.0/24 maxlen: 24
185.220.179.0/24 maxlen: 24
185.220.177.0/24 maxlen: 24
185.220.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c8:51:0c:d8:bc:66:a8:53:5e:18:01:a9:f7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=251ca312ae9e383911d2de28d9cb7e7d06c72c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:a4:03:d0:ce:e4:15:a3:51:03:e2:10:3b:
84:f3:73:b2:dd:89:80:80:03:71:89:29:a3:62:23:
f2:71:fe:74:6d:d5:35:43:0b:eb:53:6b:05:91:09:
18:cf:3d:8b:17:c7:80:5e:c2:bc:d2:9b:b8:cb:46:
0a:da:9a:f3:94:3c:5a:97:ce:c5:bd:ad:64:64:26:
fa:a9:00:ca:d7:93:af:ee:e3:ef:6d:07:56:22:35:
01:f8:cb:9c:cf:07:e9:d2:3f:0f:e5:e9:00:2c:0f:
90:e7:1e:5a:6b:d3:63:f4:2e:6a:c1:70:d2:c5:16:
86:59:06:ab:a1:d1:ce:3c:a9:c2:9e:93:f2:d7:a7:
9b:ac:8f:ea:28:51:52:5c:fc:0c:a3:bc:e8:6a:94:
cf:aa:d4:b0:21:45:32:6e:43:7a:6a:7f:ae:53:3f:
4b:b6:ea:e3:a3:6e:f1:bc:88:3f:60:9b:a9:23:16:
fe:56:19:c9:3b:b6:03:de:9e:22:e0:be:5e:02:b4:
17:fd:4c:bf:b5:8c:d0:12:45:7b:f2:13:4f:26:57:
7b:0a:e8:da:40:56:18:46:33:60:ec:1c:a6:3e:ff:
fe:34:52:7c:9a:92:e7:92:7b:e9:7d:2f:1c:ab:91:
d6:bf:68:bd:08:a8:33:fd:46:24:7c:96:a0:60:8b:
ec:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1C:A3:12:AE:9E:38:39:11:D2:DE:28:D9:CB:7E:7D:06:C7:2C:01
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/JRyjEq6eODkR0t4o2ct-fQbHLAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.176.0/22
Signature Algorithm: sha256WithRSAEncryption
70:06:20:0b:76:27:56:89:29:6b:88:a5:59:21:91:28:2b:95:
80:3d:69:25:ff:29:ba:f4:e0:dc:41:39:00:1a:41:88:65:e0:
a7:d0:a9:ef:70:ef:cc:da:80:36:4b:dc:91:ce:39:43:8a:49:
88:f2:29:41:c4:d8:b2:76:2d:86:8c:38:72:51:82:f2:be:89:
33:a2:f6:5d:4e:4d:88:30:36:3e:ae:63:58:2e:9f:3c:e1:39:
57:0b:da:1b:ce:e4:37:9e:23:ff:a0:56:55:9c:66:a9:f8:60:
f4:a4:c1:0a:14:2a:66:39:6b:f3:78:d8:7a:60:12:b0:6f:8a:
b5:90:e5:60:2b:cd:cf:52:7c:cd:df:88:7d:6f:34:6b:85:5f:
ce:5a:05:45:07:d5:75:1a:d0:53:f0:3d:fd:aa:43:fd:f2:44:
1c:18:4d:18:9c:25:8c:5a:d1:f2:05:75:39:ed:ec:c4:2c:fd:
e6:f7:df:c5:01:ed:7a:8a:dc:c4:37:6b:fb:23:99:08:c0:de:
4b:55:a7:24:9c:5e:92:73:cc:52:27:be:43:4f:15:24:bc:41:
d3:ce:cc:ce:1d:cd:a3:0f:15:e2:57:da:a3:43:b4:e1:19:0d:
81:25:ac:64:7f:26:e4:b1:b6:c1:22:81:28:98:39:c0:cb:3a:
45:e0:63:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRshRDNi8ZqhTXhgBqfcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTFjYTMxMmFlOWUzODM5MTFkMmRlMjhkOWNiN2U3ZDA2YzcyYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU2kA9DO5BWjUQPiEDuE83Oy3YmA
gANxiSmjYiPycf50bdU1QwvrU2sFkQkYzz2LF8eAXsK80pu4y0YK2przlDxal87F
va1kZCb6qQDK15Ov7uPvbQdWIjUB+Muczwfp0j8P5ekALA+Q5x5aa9Nj9C5qwXDS
xRaGWQarodHOPKnCnpPy16ebrI/qKFFSXPwMo7zoapTPqtSwIUUybkN6an+uUz9L
turjo27xvIg/YJupIxb+VhnJO7YD3p4i4L5eArQX/Uy/tYzQEkV78hNPJld7Cuja
QFYYRjNg7BymPv/+NFJ8mpLnknvpfS8cq5HWv2i9CKgz/UYkfJagYIvsawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUcoxKunjg5EdLeKNnLfn0GxywBMB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvSlJ5akVxNmVPRGtSMHQ0bzJjdC1mUWJITEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudywMA0G
CSqGSIb3DQEBCwUAA4IBAQBwBiALdidWiSlriKVZIZEoK5WAPWkl/ym69ODcQTkA
GkGIZeCn0KnvcO/M2oA2S9yRzjlDikmI8ilBxNiydi2GjDhyUYLyvokzovZdTk2I
MDY+rmNYLp884TlXC9obzuQ3niP/oFZVnGap+GD0pMEKFCpmOWvzeNh6YBKwb4q1
kOVgK83PUnzN34h9bzRrhV/OWgVFB9V1GtBT8D39qkP98kQcGE0YnCWMWtHyBXU5
7ezELP3m99/FAe16itzEN2v7I5kIwN5LVacknF6Sc8xSJ75DTxUkvEHTzszOHc2j
DxXiV9qjQ7ThGQ2BJaxkfybksbbBIoEomDnAyzpF4GNX
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:42 2024 by rpki-client on console-ams.rpki-client.org