Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/19BMrGf3bZoVkDzeLTbMRQ8H9J8.roa
File: 19BMrGf3bZoVkDzeLTbMRQ8H9J8.roa (raw, json)
Hash identifier: eko39550gGLt6LhYrN7TTWQEYA9a57KVmcfEYGIvo8g=
Subject key identifier: D7:D0:4C:AC:67:F7:6D:9A:15:90:3C:DE:2D:36:CC:45:0F:07:F4:9F
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 018CC9BBEFF878673AF5EDA7D87308CAB527
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/19BMrGf3bZoVkDzeLTbMRQ8H9J8.roa
Signing time: Tue 02 Jan 2024 10:33:06 +0000
ROA not before: Tue 02 Jan 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201021
IP address blocks: 185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 17:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ef:f8:78:67:3a:f5:ed:a7:d8:73:08:ca:b5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 2 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7d04cac67f76d9a15903cde2d36cc450f07f49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:db:a0:48:0b:e1:8a:ac:fe:b0:90:3a:c5:
41:46:24:16:45:35:c1:3b:e0:8a:8d:ef:83:13:de:
69:d7:82:4d:06:04:51:64:ad:da:3c:c5:bb:5e:a8:
17:aa:0c:42:bb:11:1d:5d:44:39:8a:c6:f6:60:90:
a4:3e:26:a0:b5:c3:8e:30:d5:8c:8a:08:9b:95:64:
43:96:cc:e9:f9:c0:78:1c:e6:0d:3e:18:b4:21:c9:
5f:92:5d:b1:41:16:52:3d:93:5b:26:c4:3d:37:a1:
23:c0:cc:d4:0c:96:c2:a8:7f:e6:4d:bb:87:dd:10:
06:09:c1:b6:4a:39:b3:35:16:e3:b8:6e:fd:62:b1:
59:37:3d:d6:da:61:c0:1d:fa:8b:f4:98:33:e1:b6:
4c:00:e1:75:03:d3:e4:a2:c3:30:13:70:19:71:49:
6b:2e:d4:d2:09:52:6d:3f:5a:17:2b:90:86:56:4a:
f2:0a:28:cb:0b:12:1a:d3:d5:e5:72:c0:b8:27:3e:
e7:0a:3c:79:2e:4c:99:29:ad:ba:6e:ef:c7:3c:53:
6c:55:2f:c1:80:43:4f:e7:d2:80:0b:7e:cd:64:0f:
23:b2:16:27:73:c4:26:26:36:34:87:47:56:af:0b:
23:59:0e:07:64:ca:98:b8:1a:ac:e1:94:a8:0d:c4:
da:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:D0:4C:AC:67:F7:6D:9A:15:90:3C:DE:2D:36:CC:45:0F:07:F4:9F
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/19BMrGf3bZoVkDzeLTbMRQ8H9J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0-185.28.62.255
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:96:33:e2:9d:86:88:37:b1:90:16:4d:e2:a9:d0:1c:78:61:
bc:25:b6:db:88:16:b5:89:e2:17:3e:34:00:73:12:28:5b:30:
28:f0:d4:e7:91:cf:df:45:12:f8:15:2b:31:f8:7d:ec:67:43:
c9:81:ae:39:bb:f8:47:59:3d:fb:85:84:94:30:f3:06:c0:af:
46:11:15:18:4e:8b:10:49:50:f3:5d:ff:2b:20:d8:44:84:c4:
b9:aa:f8:6e:8b:96:bd:d7:73:1e:f2:0e:5a:45:07:93:7e:04:
02:42:14:f4:b9:6f:bd:84:e2:7a:8e:d3:e0:26:8d:ff:0f:8f:
fb:1b:98:3c:3d:d7:10:aa:84:03:09:58:9c:4d:06:02:42:fe:
9f:73:10:62:d6:ae:12:14:73:59:95:ab:ce:94:6b:67:45:1c:
5f:24:d9:f6:5a:9f:53:d2:12:ba:67:82:c7:36:2d:2a:75:e9:
d5:8c:56:c4:ec:44:97:de:c4:cb:0e:52:f3:b4:9c:26:f0:e4:
c4:56:c7:cf:41:38:0f:2c:44:d4:09:fa:1f:db:5d:d4:8d:d9:
82:16:d3:35:2a:80:40:0a:38:c1:f2:f5:54:c1:66:d8:ca:12:
c4:8e:6a:0f:80:0f:92:71:b9:05:0d:1a:dd:5d:8f:cb:72:97:
8b:95:b0:4d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJu+/4eGc69e2n2HMIyrUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjQwMTAyMTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2QwNGNhYzY3Zjc2ZDlhMTU5MDNjZGUyZDM2Y2M0NTBmMDdmNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo63boEgL4Yqs/rCQOsVBRiQWRTXB
O+CKje+DE95p14JNBgRRZK3aPMW7XqgXqgxCuxEdXUQ5isb2YJCkPiagtcOOMNWM
igiblWRDlszp+cB4HOYNPhi0Iclfkl2xQRZSPZNbJsQ9N6EjwMzUDJbCqH/mTbuH
3RAGCcG2SjmzNRbjuG79YrFZNz3W2mHAHfqL9Jgz4bZMAOF1A9PkosMwE3AZcUlr
LtTSCVJtP1oXK5CGVkryCijLCxIa09XlcsC4Jz7nCjx5LkyZKa26bu/HPFNsVS/B
gENP59KAC37NZA8jshYnc8QmJjY0h0dWrwsjWQ4HZMqYuBqs4ZSoDcTajQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNfQTKxn922aFZA83i02zEUPB/SfMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvMTlCTXJHZjNiWm9Wa0R6ZUxUYk1SUThIOUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAK5HDwD
BAC5HD4wDAMEArlnxAMEALlnxgMEArlqFDANBgkqhkiG9w0BAQsFAAOCAQEAG5Yz
4p2GiDexkBZN4qnQHHhhvCW224gWtYniFz40AHMSKFswKPDU55HP30US+BUrMfh9
7GdDyYGuObv4R1k9+4WElDDzBsCvRhEVGE6LEElQ813/KyDYRITEuar4bouWvddz
HvIOWkUHk34EAkIU9LlvvYTieo7T4CaN/w+P+xuYPD3XEKqEAwlYnE0GAkL+n3MQ
YtauEhRzWZWrzpRrZ0UcXyTZ9lqfU9ISumeCxzYtKnXp1YxWxOxEl97Eyw5S87Sc
JvDkxFbHz0E4DyxE1An6H9td1I3ZghbTNSqAQAo4wfL1VMFm2MoSxI5qD4APknG5
BQ0a3V2Py3KXi5WwTQ==
-----END CERTIFICATE-----
Generated at Tue Jan 23 20:26:26 2024 by rpki-client on console-fra.rpki-client.org