Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/5wLYkP_Z89S4w22nhKWV9mSoGTw.roa
File: 5wLYkP_Z89S4w22nhKWV9mSoGTw.roa (raw, json)
Hash identifier: C4i17Cd0rZ7T2Yuq9LaenKKtLJq6FV+4ofPVMqMArKE=
Subject key identifier: E7:02:D8:90:FF:D9:F3:D4:B8:C3:6D:A7:84:A5:95:F6:64:A8:19:3C
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 018A66E302931DA377B23BF9082FD2DAEA7E
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/5wLYkP_Z89S4w22nhKWV9mSoGTw.roa
Signing time: Tue 05 Sep 2023 19:47:47 +0000
ROA not before: Tue 05 Sep 2023 19:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:e3:02:93:1d:a3:77:b2:3b:f9:08:2f:d2:da:ea:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Sep 5 19:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e702d890ffd9f3d4b8c36da784a595f664a8193c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:74:78:25:de:f6:d3:77:5b:4c:68:18:c5:15:
93:5e:58:de:ca:f1:1b:ad:1b:da:dc:c8:74:cb:da:
ba:9d:0c:32:48:39:ae:9d:68:25:49:ac:58:07:0d:
d1:aa:38:69:c5:9f:30:fd:70:95:aa:4f:7b:73:68:
30:46:bf:98:85:eb:5c:08:62:44:2c:53:83:be:47:
08:b1:c9:fa:93:22:7c:4c:5b:7e:b7:2b:b5:af:b8:
64:dc:1c:11:84:38:6c:30:30:9a:bf:ba:99:c7:19:
ff:8e:5d:7c:3a:3f:f1:f3:a6:d6:82:8e:29:e8:dc:
04:cc:bb:b5:fa:72:99:4c:77:0e:a6:30:d3:dd:33:
b9:42:73:d5:7c:48:de:99:42:e2:2c:7f:14:02:df:
91:f4:6f:7d:88:8a:bb:84:42:c6:b2:69:04:c4:ab:
c0:1d:9e:97:0e:c9:cc:d1:ea:d3:ba:94:b8:4b:00:
d8:ff:74:a1:39:f9:a4:d8:c7:e9:39:dd:af:17:44:
6d:5b:c1:ee:38:cd:2a:86:f2:d6:28:ce:c1:61:10:
e0:84:55:ec:59:5b:77:5d:e1:0c:68:9f:b7:f2:bb:
48:fa:01:81:d8:cf:b2:37:ad:fd:f8:16:0d:a7:bf:
c2:0a:dc:c4:bb:5f:4c:ec:e7:49:7e:f2:97:32:fe:
cc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:02:D8:90:FF:D9:F3:D4:B8:C3:6D:A7:84:A5:95:F6:64:A8:19:3C
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/5wLYkP_Z89S4w22nhKWV9mSoGTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.28.63.0/24
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:17:4a:e8:71:59:ea:6c:69:30:1f:10:c3:7d:16:d7:83:0c:
12:53:b5:fa:20:6e:e3:7b:a3:0f:fd:03:df:a3:32:d2:1f:14:
0f:e5:38:dd:89:22:73:fe:f7:44:b1:3b:a6:e8:c8:40:aa:cf:
d4:90:dc:34:49:63:3c:45:49:0a:54:de:40:49:15:1f:15:57:
a0:d8:6a:dd:2b:29:d7:c1:29:83:cb:50:5a:7a:6b:84:4f:ad:
d4:84:f5:07:a5:f6:d5:28:a4:2b:98:28:5f:f1:d8:b7:4a:4f:
f6:86:f1:d2:58:a2:4b:5a:d2:1d:a2:7b:2e:20:34:37:72:a7:
8a:f7:85:82:8f:81:2b:f8:3d:4b:8c:89:b8:39:db:a8:9e:3e:
5c:33:6e:cf:6d:12:0e:90:fe:e6:c4:39:99:e0:d6:ce:30:ad:
e5:f5:80:41:0e:8f:09:50:45:bd:63:d7:4f:0f:9b:4b:fa:50:
39:48:ad:fe:25:6d:46:f7:cd:fb:01:14:c5:cd:d4:9d:c5:14:
07:3c:ce:02:d8:7e:6b:90:0f:d4:a9:a1:52:dc:fd:27:35:a1:
63:99:f5:ea:8b:b3:24:fe:24:fc:77:6d:38:56:c5:7a:de:4c:
6a:c2:5d:02:c5:0b:f5:42:68:83:bd:be:3a:1f:e1:36:5b:4e:
2d:e8:c9:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpm4wKTHaN3sjv5CC/S2up+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwOTA1MTk0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAyZDg5MGZmZDlmM2Q0YjhjMzZkYTc4NGE1OTVmNjY0YTgxOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HR4Jd7203dbTGgYxRWTXljeyvEb
rRva3Mh0y9q6nQwySDmunWglSaxYBw3RqjhpxZ8w/XCVqk97c2gwRr+YhetcCGJE
LFODvkcIscn6kyJ8TFt+tyu1r7hk3BwRhDhsMDCav7qZxxn/jl18Oj/x86bWgo4p
6NwEzLu1+nKZTHcOpjDT3TO5QnPVfEjemULiLH8UAt+R9G99iIq7hELGsmkExKvA
HZ6XDsnM0erTupS4SwDY/3ShOfmk2MfpOd2vF0RtW8HuOM0qhvLWKM7BYRDghFXs
WVt3XeEMaJ+38rtI+gGB2M+yN639+BYNp7/CCtzEu19M7OdJfvKXMv7MZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOcC2JD/2fPUuMNtp4SllfZkqBk8MB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvNXdMWWtQX1o4OVM0dzIybmhLV1Y5bVNvR1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuRw8AwQA
uRw/AwQCuWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQCNF0rocVnqbGkwHxDD
fRbXgwwSU7X6IG7je6MP/QPfozLSHxQP5TjdiSJz/vdEsTum6MhAqs/UkNw0SWM8
RUkKVN5ASRUfFVeg2GrdKynXwSmDy1BaemuET63UhPUHpfbVKKQrmChf8di3Sk/2
hvHSWKJLWtIdonsuIDQ3cqeK94WCj4Er+D1LjIm4Oduonj5cM27PbRIOkP7mxDmZ
4NbOMK3l9YBBDo8JUEW9Y9dPD5tL+lA5SK3+JW1G9837ARTFzdSdxRQHPM4C2H5r
kA/UqaFS3P0nNaFjmfXqi7Mk/iT8d204VsV63kxqwl0CxQv1QmiDvb46H+E2W04t
6Ml8
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:40 2024 by rpki-client on console-ams.rpki-client.org