Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/KSpG61AoZXUfVWY4qsIrpA0bgi8.roa
File: KSpG61AoZXUfVWY4qsIrpA0bgi8.roa (raw, json)
Hash identifier: gppbKnA9rWHynhEy+ft6Xc2KgxXYn0VnRZ2Q1CzWVKk=
Subject key identifier: 29:2A:46:EB:50:28:65:75:1F:55:66:38:AA:C2:2B:A4:0D:1B:82:2F
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 0186D0E1EF27D56109087FE2B21BB567454F
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/KSpG61AoZXUfVWY4qsIrpA0bgi8.roa
Signing time: Sat 11 Mar 2023 13:35:13 +0000
ROA not before: Sat 11 Mar 2023 13:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.132.187.0/24 maxlen: 24
185.212.204.0/23 maxlen: 24
185.212.206.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d0:e1:ef:27:d5:61:09:08:7f:e2:b2:1b:b5:67:45:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Mar 11 13:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=292a46eb502865751f556638aac22ba40d1b822f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:ba:36:5d:ef:73:6b:5e:db:5b:7b:e8:7c:
8c:94:9e:de:d4:10:2a:76:68:c7:60:8e:37:c6:33:
82:4a:57:c6:d1:91:63:3e:ef:c1:c4:10:42:0b:1c:
0f:3e:a0:b6:f0:51:52:8a:62:d9:e6:19:26:c0:fe:
36:8e:91:09:01:02:ff:a2:ee:fc:f7:93:f9:4e:1c:
74:37:36:e2:66:fa:42:7f:0a:72:13:aa:ab:c5:b8:
c7:33:f8:4f:d3:fe:c3:d8:e0:be:19:7b:27:05:7a:
6e:31:a7:4a:6d:ba:bd:70:9c:7f:19:7b:94:f2:f2:
fa:88:33:e8:ae:8f:d7:23:66:27:5c:6c:3f:10:61:
31:c8:5f:67:0f:d4:69:41:4e:52:4e:55:2c:32:92:
dc:d5:ec:7e:55:7f:e0:fb:53:5c:41:54:76:1d:43:
b7:a5:4e:9d:d2:00:02:a9:d2:83:0c:a8:98:ba:c5:
75:9b:61:04:95:20:53:28:27:a9:cd:8b:bb:f2:9a:
90:41:e6:79:01:06:74:fa:54:03:89:b0:96:2d:8f:
f0:29:90:d5:17:6c:c5:e6:39:04:e7:70:14:d9:c9:
c2:23:9e:cd:fb:94:d6:49:85:b3:78:44:4d:5f:fd:
4b:63:e2:9d:89:7f:5e:03:a2:70:1c:65:42:ce:a1:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2A:46:EB:50:28:65:75:1F:55:66:38:AA:C2:2B:A4:0D:1B:82:2F
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/KSpG61AoZXUfVWY4qsIrpA0bgi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.187.0/24
185.212.204.0/22
Signature Algorithm: sha256WithRSAEncryption
55:d8:18:77:72:e7:09:e7:c0:9e:4d:e6:34:a3:dd:97:29:06:
72:ae:43:fb:a9:fb:56:0e:55:36:52:5c:5e:e7:32:69:6f:e5:
e2:c9:7b:5f:9c:ff:bf:01:e5:ab:e0:20:f8:80:e2:9f:c7:bb:
1f:92:ba:17:e6:6e:10:89:e1:91:51:3e:14:17:be:c3:59:1f:
a2:4d:dd:3a:6f:ee:7c:b8:cc:b6:92:c8:b9:f2:32:62:5b:c1:
7f:90:1e:c9:69:fe:eb:6b:61:ca:23:15:cd:ba:5d:d4:dd:0d:
37:1d:2a:40:87:3d:88:32:7b:f8:f5:60:fb:3d:4a:4c:39:e5:
dc:1b:32:fb:04:4b:93:b4:35:d2:e2:89:af:70:55:bf:2b:93:
25:20:46:b1:30:c8:e8:f9:dd:b8:40:3e:eb:59:21:d8:e3:a3:
f1:45:6f:73:26:fe:43:84:8e:0d:e0:ed:78:27:a7:aa:2d:32:
0a:61:89:6c:bc:3f:7b:a0:3a:2d:91:17:a9:06:a1:17:12:4d:
ab:90:95:30:ea:f2:0a:92:34:55:a6:f2:b6:5d:04:e5:c8:7d:
a6:8f:46:c0:16:03:e8:7f:77:63:14:81:ca:4e:4d:08:4d:5c:
86:32:56:16:ea:9e:1d:ec:a4:3b:d7:30:46:ac:9f:f6:0a:bc:
58:cf:7f:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbQ4e8n1WEJCH/ishu1Z0VPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMwMzExMTMzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTJhNDZlYjUwMjg2NTc1MWY1NTY2MzhhYWMyMmJhNDBkMWI4MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOi6Nl3vc2te21t76HyMlJ7e1BAq
dmjHYI43xjOCSlfG0ZFjPu/BxBBCCxwPPqC28FFSimLZ5hkmwP42jpEJAQL/ou78
95P5Thx0NzbiZvpCfwpyE6qrxbjHM/hP0/7D2OC+GXsnBXpuMadKbbq9cJx/GXuU
8vL6iDPoro/XI2YnXGw/EGExyF9nD9RpQU5STlUsMpLc1ex+VX/g+1NcQVR2HUO3
pU6d0gACqdKDDKiYusV1m2EElSBTKCepzYu78pqQQeZ5AQZ0+lQDibCWLY/wKZDV
F2zF5jkE53AU2cnCI57N+5TWSYWzeERNX/1LY+KdiX9eA6JwHGVCzqG7EQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCkqRutQKGV1H1VmOKrCK6QNG4IvMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvS1NwRzYxQW9aWFVmVldZNHFzSXJwQTBiZ2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYS7AwQC
udTMMA0GCSqGSIb3DQEBCwUAA4IBAQBV2Bh3cucJ58CeTeY0o92XKQZyrkP7qftW
DlU2Ulxe5zJpb+XiyXtfnP+/AeWr4CD4gOKfx7sfkroX5m4QieGRUT4UF77DWR+i
Td06b+58uMy2ksi58jJiW8F/kB7Jaf7ra2HKIxXNul3U3Q03HSpAhz2IMnv49WD7
PUpMOeXcGzL7BEuTtDXS4omvcFW/K5MlIEaxMMjo+d24QD7rWSHY46PxRW9zJv5D
hI4N4O14J6eqLTIKYYlsvD97oDotkRepBqEXEk2rkJUw6vIKkjRVpvK2XQTlyH2m
j0bAFgPof3djFIHKTk0ITVyGMlYW6p4d7KQ71zBGrJ/2CrxYz3/j
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:57 2023 by rpki-client on console-fra.rpki-client.org