Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/KBcPr8CPsU-Saxnr5wRPvFuo__4.roa
File: KBcPr8CPsU-Saxnr5wRPvFuo__4.roa (raw, json)
Hash identifier: C3TAs4H3SYJH0rIfqSXwMmjpW8MJ013J8iyUlUdMaYw=
Subject key identifier: 28:17:0F:AF:C0:8F:B1:4F:92:6B:19:EB:E7:04:4F:BC:5B:A8:FF:FE
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 01860E8D633CFC0439A417868E9BB3B4E8BE
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/KBcPr8CPsU-Saxnr5wRPvFuo__4.roa
Signing time: Wed 01 Feb 2023 19:56:32 +0000
ROA not before: Wed 01 Feb 2023 19:56:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:8d:63:3c:fc:04:39:a4:17:86:8e:9b:b3:b4:e8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Feb 1 19:56:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28170fafc08fb14f926b19ebe7044fbc5ba8fffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:02:9e:60:32:01:c4:af:f3:69:48:a1:69:
a6:0c:64:75:7e:50:8c:70:3a:c1:65:00:68:cf:0a:
ee:ea:e8:64:59:9d:9c:66:d0:81:68:c1:9d:c3:fb:
fa:6d:76:b8:54:70:74:1e:be:7b:b1:72:32:aa:3c:
b0:ac:32:c6:ae:3f:ff:fd:61:60:4a:ae:f8:75:82:
dc:2d:bc:bd:64:48:37:cb:3e:81:30:96:7c:c1:c0:
89:0e:92:98:3a:00:58:da:ef:f2:d4:4c:07:44:e0:
8b:4e:dc:5e:54:ef:f2:20:5a:2a:88:da:31:d4:ac:
3f:5a:0f:3b:a7:d1:08:36:6c:80:d3:24:df:1c:45:
ab:a0:1c:76:76:c8:7e:27:a1:a4:cc:af:0f:8d:73:
2a:b0:f6:0c:3b:44:97:0f:dd:94:0f:0b:17:8d:a0:
69:60:7c:5d:68:df:a9:01:48:57:47:aa:15:cb:e0:
da:e7:d9:63:ba:d9:f2:60:7b:90:76:5a:bc:1c:e0:
93:0d:9a:12:98:f3:88:8c:b8:f5:cc:d2:c1:6e:63:
c4:c2:0e:de:21:39:5c:a7:34:dd:3f:4e:93:1e:cf:
8a:9d:59:45:b4:bd:26:d1:29:a2:16:b9:e2:b4:37:
1e:0f:4a:33:2f:d2:0e:d0:89:29:3a:3d:d0:34:bb:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:0F:AF:C0:8F:B1:4F:92:6B:19:EB:E7:04:4F:BC:5B:A8:FF:FE
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/KBcPr8CPsU-Saxnr5wRPvFuo__4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
24:ac:a0:f9:3e:3f:41:42:6a:50:2e:22:12:ec:65:24:cd:ee:
8f:27:d8:b7:cb:a2:81:aa:c3:1a:dd:74:9e:e3:b8:26:69:f1:
4b:6b:eb:b9:25:e5:2b:8f:cb:81:8a:aa:8f:98:5f:e6:30:3b:
2b:67:33:3f:62:95:96:e4:1c:60:bc:6b:f1:ce:15:ee:e7:f6:
d8:34:13:b1:3e:9c:46:d3:e9:6d:23:08:70:d8:ed:23:93:80:
40:53:ad:f0:67:82:eb:03:af:c1:3d:29:76:9a:23:bf:1b:0f:
26:f1:fb:5b:b1:18:75:1e:49:bc:48:5f:4d:01:c8:74:f0:99:
17:c4:1c:f3:c1:ed:c4:11:c3:00:3f:48:d0:31:29:91:93:39:
14:52:2d:f7:c5:8c:fa:1e:32:85:7d:82:7d:e5:50:cf:94:b4:
5c:d4:1b:9b:57:a7:18:dd:a2:93:33:13:29:88:71:f3:66:b8:
8a:43:39:8c:ff:9d:c3:0e:26:16:4b:0b:c5:e1:eb:d2:5c:58:
9e:81:9b:ec:83:65:85:41:a5:86:a6:44:55:9b:27:8e:51:f6:
a2:eb:7c:54:91:9f:70:81:50:3b:77:32:82:36:91:d6:ac:ff:
92:79:00:fd:49:ef:61:1f:71:6d:9d:a0:3a:31:5e:98:76:5d:
3e:77:33:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYOjWM8/AQ5pBeGjpuztOi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMjAxMTk1NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE3MGZhZmMwOGZiMTRmOTI2YjE5ZWJlNzA0NGZiYzViYThmZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlACnmAyAcSv82lIoWmmDGR1flCM
cDrBZQBozwru6uhkWZ2cZtCBaMGdw/v6bXa4VHB0Hr57sXIyqjywrDLGrj///WFg
Sq74dYLcLby9ZEg3yz6BMJZ8wcCJDpKYOgBY2u/y1EwHROCLTtxeVO/yIFoqiNox
1Kw/Wg87p9EINmyA0yTfHEWroBx2dsh+J6GkzK8PjXMqsPYMO0SXD92UDwsXjaBp
YHxdaN+pAUhXR6oVy+Da59ljutnyYHuQdlq8HOCTDZoSmPOIjLj1zNLBbmPEwg7e
ITlcpzTdP06THs+KnVlFtL0m0SmiFrnitDceD0ozL9IO0IkpOj3QNLsXfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCgXD6/Aj7FPkmsZ6+cET7xbqP/+MB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvS0JjUHI4Q1BzVS1TYXhucjV3UlB2RnVvX180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBuRw8MAwD
BAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBACSsoPk+P0FCalAu
IhLsZSTN7o8n2LfLooGqwxrddJ7juCZp8Utr67kl5SuPy4GKqo+YX+YwOytnMz9i
lZbkHGC8a/HOFe7n9tg0E7E+nEbT6W0jCHDY7SOTgEBTrfBngusDr8E9KXaaI78b
Dybx+1uxGHUeSbxIX00ByHTwmRfEHPPB7cQRwwA/SNAxKZGTORRSLffFjPoeMoV9
gn3lUM+UtFzUG5tXpxjdopMzEymIcfNmuIpDOYz/ncMOJhZLC8Xh69JcWJ6Bm+yD
ZYVBpYamRFWbJ45R9qLrfFSRn3CBUDt3MoI2kdas/5J5AP1J72EfcW2doDoxXph2
XT53Mxg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:43 2023 by rpki-client on console-fra.rpki-client.org