Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/Hwdjce-BMvvvo5bUet6cjQsOQuo.roa
File: Hwdjce-BMvvvo5bUet6cjQsOQuo.roa (raw, json)
Hash identifier: TOcQEWeoNG34LAEFS+Qj47Et7CDL41lyfx/BwmWT4GA=
Subject key identifier: 1F:07:63:71:EF:81:32:FB:EF:A3:96:D4:7A:DE:9C:8D:0B:0E:42:EA
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 0188101D8261C2E86FF862E25F24B5AA2049
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/Hwdjce-BMvvvo5bUet6cjQsOQuo.roa
Signing time: Fri 12 May 2023 13:19:09 +0000
ROA not before: Fri 12 May 2023 13:19:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201021
IP address blocks: 185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:1d:82:61:c2:e8:6f:f8:62:e2:5f:24:b5:aa:20:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: May 12 13:19:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f076371ef8132fbefa396d47ade9c8d0b0e42ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:42:d6:06:a5:2b:69:e5:58:f0:06:77:10:
de:f5:5e:26:40:b2:e5:76:d5:87:87:a8:ca:ea:c4:
18:50:5b:2f:f4:8f:ed:f7:1a:b9:d6:9e:ac:68:77:
a3:f7:61:27:4a:54:8b:72:28:2e:14:16:41:a6:04:
b4:df:d2:6b:3a:07:71:4b:61:f2:93:35:33:c1:72:
1a:bd:4a:16:13:73:16:e1:9d:29:9b:84:da:f2:ec:
46:5b:77:99:4b:61:75:dc:15:de:62:db:32:5e:46:
05:83:89:6c:5b:40:39:3a:cb:7f:08:76:73:89:93:
3a:a3:3a:d6:17:83:ee:77:55:6f:35:28:a6:d1:93:
17:bb:0a:38:75:c3:6d:d3:7a:c5:09:e7:c1:d4:d8:
74:58:18:82:da:3a:3a:47:13:fb:0e:1e:5d:7d:ec:
76:99:c4:37:69:a1:91:d5:df:05:91:eb:de:9c:e8:
65:40:cc:aa:c4:20:94:26:ce:d5:58:42:03:ef:a5:
03:ea:53:e4:57:fe:c7:43:44:eb:95:c4:36:92:af:
01:79:29:c3:42:55:6b:98:4c:47:4c:eb:11:60:d2:
b7:d8:40:f0:ff:84:5d:d9:13:3a:74:b0:aa:70:55:
06:c8:8b:19:c0:c8:6c:89:a8:25:76:ea:0e:71:12:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:07:63:71:EF:81:32:FB:EF:A3:96:D4:7A:DE:9C:8D:0B:0E:42:EA
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/Hwdjce-BMvvvo5bUet6cjQsOQuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.28.63.0/24
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:de:e0:95:48:02:2c:be:6e:ca:b7:54:1a:f3:5c:e0:93:71:
27:48:d9:b1:77:4f:17:54:35:58:f1:cf:3e:9a:72:cf:ae:7a:
84:4f:84:75:a4:30:a6:1d:2f:ba:bb:76:51:b4:ba:4b:33:32:
cc:da:5a:c3:10:6e:66:26:8e:46:06:59:af:59:c7:37:e9:e9:
60:d5:4a:92:64:60:6e:f9:cd:c7:b1:75:8a:5c:82:d8:63:55:
27:f6:dc:bc:e8:8b:75:fd:e2:d4:c5:a5:01:43:6b:64:59:aa:
fd:6a:36:d9:cb:b0:30:f2:3c:20:71:2d:30:a3:e0:ad:66:b3:
08:fa:7f:4d:4b:b1:45:f3:15:7e:66:0e:f0:76:d1:6f:97:0b:
f5:72:78:78:7b:5c:db:e9:23:65:73:77:f5:5f:10:8e:55:38:
32:1b:77:d7:e1:f6:71:6c:a8:81:cf:94:7e:37:73:ad:d7:b1:
3b:78:9e:fe:f1:5e:e0:76:10:3a:66:40:05:77:be:21:e4:37:
81:4b:06:db:62:55:c0:60:5b:1a:ca:e1:fd:14:03:43:73:bf:
3e:17:d6:c3:67:81:06:51:5b:d0:c5:69:b4:5c:9b:c4:fd:93:
e8:83:1d:75:ea:64:13:83:01:62:ba:93:c4:d4:00:39:c7:2f:
f6:ea:b2:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgQHYJhwuhv+GLiXyS1qiBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwNTEyMTMxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA3NjM3MWVmODEzMmZiZWZhMzk2ZDQ3YWRlOWM4ZDBiMGU0MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYlC1galK2nlWPAGdxDe9V4mQLLl
dtWHh6jK6sQYUFsv9I/t9xq51p6saHej92EnSlSLciguFBZBpgS039JrOgdxS2Hy
kzUzwXIavUoWE3MW4Z0pm4Ta8uxGW3eZS2F13BXeYtsyXkYFg4lsW0A5Ost/CHZz
iZM6ozrWF4Pud1VvNSim0ZMXuwo4dcNt03rFCefB1Nh0WBiC2jo6RxP7Dh5dfex2
mcQ3aaGR1d8FkevenOhlQMyqxCCUJs7VWEID76UD6lPkV/7HQ0TrlcQ2kq8BeSnD
QlVrmExHTOsRYNK32EDw/4Rd2RM6dLCqcFUGyIsZwMhsiaglduoOcRKaUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB8HY3HvgTL776OW1HrenI0LDkLqMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvSHdkamNlLUJNdnZ2bzViVWV0NmNqUXNPUXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuRw8AwQA
uRw/AwQCuWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQA/3uCVSAIsvm7Kt1Qa
81zgk3EnSNmxd08XVDVY8c8+mnLPrnqET4R1pDCmHS+6u3ZRtLpLMzLM2lrDEG5m
Jo5GBlmvWcc36elg1UqSZGBu+c3HsXWKXILYY1Un9ty86It1/eLUxaUBQ2tkWar9
ajbZy7Aw8jwgcS0wo+CtZrMI+n9NS7FF8xV+Zg7wdtFvlwv1cnh4e1zb6SNlc3f1
XxCOVTgyG3fX4fZxbKiBz5R+N3Ot17E7eJ7+8V7gdhA6ZkAFd74h5DeBSwbbYlXA
YFsayuH9FANDc78+F9bDZ4EGUVvQxWm0XJvE/ZPogx116mQTgwFiupPE1AA5xy/2
6rIS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-ams.rpki-client.org