Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/P1deKId4oeJ0FqS9irqTE20skwI.roa
File: P1deKId4oeJ0FqS9irqTE20skwI.roa (raw, json)
Hash identifier: OqJUInRjKDYAPAm6vPgFOJj1pDjvCQoqF+BAPc9Cfbo=
Subject key identifier: 3F:57:5E:28:87:78:A1:E2:74:16:A4:BD:8A:BA:93:13:6D:2C:93:02
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0187380A42857B08FFA5912FC670AC1CCAFF
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/P1deKId4oeJ0FqS9irqTE20skwI.roa
Signing time: Fri 31 Mar 2023 14:20:09 +0000
ROA not before: Fri 31 Mar 2023 14:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199152
IP address blocks: 185.120.58.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.56.0/24 maxlen: 24
185.120.59.0/24 maxlen: 24
212.22.64.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
212.22.75.0/24 maxlen: 24
185.255.179.0/24 maxlen: 24
185.255.178.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:0a:42:85:7b:08:ff:a5:91:2f:c6:70:ac:1c:ca:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 31 14:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f575e288778a1e27416a4bd8aba93136d2c9302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6d:25:cb:8f:bd:2c:1d:ad:9f:7b:84:fb:b4:
42:18:37:b7:84:6e:e5:03:1a:b2:24:34:90:67:63:
53:24:b4:76:b7:95:98:44:2b:8b:16:9a:7b:dc:f8:
71:12:a6:94:95:2a:4c:4b:29:e3:51:eb:2b:35:74:
12:19:ae:c3:9a:c9:32:af:03:4b:66:59:b4:b6:65:
03:8c:af:66:af:7a:40:db:3a:6c:29:d2:b8:4c:3d:
83:13:b6:32:51:aa:e5:db:94:9f:25:41:83:e1:07:
5e:40:9a:18:1c:8b:bd:7a:1b:e9:eb:2f:9d:be:c6:
d3:3f:57:60:1a:83:8a:c0:ec:7d:37:37:3a:4c:c0:
99:05:a7:ae:da:62:af:20:90:3b:af:02:05:28:d4:
81:32:2f:9d:b8:5a:55:b9:ce:9a:24:81:f7:e8:db:
34:63:34:73:92:e0:64:b9:64:de:03:b6:05:13:2b:
fa:74:60:63:93:9a:1a:c4:11:86:d5:b6:fe:a7:7c:
52:d6:ee:6a:77:f4:1a:9a:72:fa:6a:52:f9:c1:ba:
7d:0b:f7:32:02:d3:22:b6:9e:d0:ae:86:7c:28:5c:
45:66:97:27:8b:14:af:f0:67:44:78:73:c4:bc:77:
92:84:7d:82:29:53:9c:13:82:d6:bd:e0:37:87:66:
c4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:57:5E:28:87:78:A1:E2:74:16:A4:BD:8A:BA:93:13:6D:2C:93:02
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/P1deKId4oeJ0FqS9irqTE20skwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0/22
185.255.178.0/23
212.22.64.0/24
212.22.75.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
61:13:3c:ed:71:f3:86:d3:8b:52:8b:fb:f8:56:76:19:ff:a8:
ce:ea:5e:96:6c:f7:31:cf:b4:87:09:61:24:c3:5c:12:1c:f5:
64:98:69:29:34:c3:77:06:8b:2a:0e:9e:2d:6a:67:43:86:d5:
68:f2:60:35:5b:f4:59:13:13:ab:01:a8:e7:c5:14:5e:3b:67:
9d:5a:5a:dc:8d:01:6e:09:f1:92:84:dd:01:86:e3:29:07:6f:
5c:4e:01:0c:b4:1b:94:bb:3b:11:68:2d:11:60:6d:f3:19:cb:
48:96:a6:d7:d8:38:9c:8c:fc:9c:6e:e9:9c:ef:d4:dd:ae:c0:
4b:fd:df:83:eb:77:f5:f3:b2:4b:81:52:ce:bd:ca:c5:50:16:
32:79:4e:e6:ee:59:5a:f0:aa:fd:79:82:a3:a7:19:3f:e4:b3:
44:bb:09:49:cd:7d:15:5f:73:04:79:b4:00:f5:8c:c2:0c:07:
2e:20:15:a6:4e:79:b0:da:67:94:a5:55:8f:02:07:1c:28:5f:
58:d7:54:72:bd:ae:a3:82:38:bc:9d:23:8b:3d:42:85:1f:fb:
c9:0c:07:a3:5d:ae:32:93:81:f3:b6:b2:ee:85:fd:b5:e5:15:
ee:b0:f4:04:d4:81:59:c0:0a:e4:95:b9:12:cd:5f:5f:f0:b7:
5c:48:91:ba
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYc4CkKFewj/pZEvxnCsHMr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMzMxMTQyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjU3NWUyODg3NzhhMWUyNzQxNmE0YmQ4YWJhOTMxMzZkMmM5MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq20ly4+9LB2tn3uE+7RCGDe3hG7l
AxqyJDSQZ2NTJLR2t5WYRCuLFpp73PhxEqaUlSpMSynjUesrNXQSGa7DmskyrwNL
Zlm0tmUDjK9mr3pA2zpsKdK4TD2DE7YyUarl25SfJUGD4QdeQJoYHIu9ehvp6y+d
vsbTP1dgGoOKwOx9Nzc6TMCZBaeu2mKvIJA7rwIFKNSBMi+duFpVuc6aJIH36Ns0
YzRzkuBkuWTeA7YFEyv6dGBjk5oaxBGG1bb+p3xS1u5qd/QamnL6alL5wbp9C/cy
AtMitp7QroZ8KFxFZpcnixSv8GdEeHPEvHeShH2CKVOcE4LWveA3h2bEAwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFD9XXiiHeKHidBakvYq6kxNtLJMCMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvUDFkZUtJZDRvZUowRnFTOWlycVRFMjBza3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCuXg4AwQB
uf+yAwQA1BZAAwQA1BZLAwQA1BZNMA8EAgACMAkDBwAqBsPAAAEwDQYJKoZIhvcN
AQELBQADggEBAGETPO1x84bTi1KL+/hWdhn/qM7qXpZs9zHPtIcJYSTDXBIc9WSY
aSk0w3cGiyoOni1qZ0OG1WjyYDVb9FkTE6sBqOfFFF47Z51aWtyNAW4J8ZKE3QGG
4ykHb1xOAQy0G5S7OxFoLRFgbfMZy0iWptfYOJyM/Jxu6Zzv1N2uwEv934Prd/Xz
skuBUs69ysVQFjJ5TubuWVrwqv15gqOnGT/ks0S7CUnNfRVfcwR5tAD1jMIMBy4g
FaZOebDaZ5SlVY8CBxwoX1jXVHK9rqOCOLydI4s9QoUf+8kMB6NdrjKTgfO2su6F
/bXlFe6w9ATUgVnACuSVuRLNX1/wt1xIkbo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:04 2024 by rpki-client on console-fra.rpki-client.org