Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/OCGkzKcDpyj2POV3iN0bZEFsE5g.roa
File: OCGkzKcDpyj2POV3iN0bZEFsE5g.roa (raw, json)
Hash identifier: kCzpEzT0B7KC3WEcqolRRwXBXyuB6n7HW4XTRo4QNng=
Subject key identifier: 38:21:A4:CC:A7:03:A7:28:F6:3C:E5:77:88:DD:1B:64:41:6C:13:98
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 0186E191FFAB5D06456927FE738C7AB06C44
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/OCGkzKcDpyj2POV3iN0bZEFsE5g.roa
Signing time: Tue 14 Mar 2023 19:21:27 +0000
ROA not before: Tue 14 Mar 2023 19:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201021
IP address blocks: 185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:91:ff:ab:5d:06:45:69:27:fe:73:8c:7a:b0:6c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Mar 14 19:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3821a4cca703a728f63ce57788dd1b64416c1398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2b:1d:b6:c1:6c:57:ea:c5:60:62:db:3d:ca:
50:09:f1:01:57:6c:81:64:21:78:e3:f7:a6:98:d4:
c3:79:44:5d:7c:50:32:47:4b:b0:f5:e3:9f:a3:f4:
79:64:62:a1:11:eb:d6:99:27:d5:73:2c:98:f9:06:
3d:1c:0b:3e:52:5e:20:d0:2c:f3:cb:08:f8:f5:3f:
64:9e:05:87:63:4d:7c:48:cd:30:9f:25:69:21:16:
0e:bf:a4:79:93:51:79:ed:42:a3:97:1c:f2:12:98:
47:5b:fc:12:b4:81:7b:65:4d:34:e1:61:0c:53:ee:
7c:48:25:c9:6c:b3:35:f7:f6:54:37:14:9a:ac:bc:
f2:67:66:af:9d:49:50:34:02:70:69:ae:b3:9a:32:
a5:82:04:72:25:61:d5:db:2a:08:56:81:f4:66:c0:
42:b0:9f:c8:a7:f2:6f:4f:e3:ba:b6:27:e1:68:22:
75:20:35:c3:3f:f8:6f:a3:bd:a5:c9:1a:75:b1:6f:
e0:10:77:d3:4d:27:2e:aa:87:e7:dc:da:48:05:f9:
48:7f:e4:cc:5c:04:e2:3f:33:39:eb:c5:cd:e6:1c:
6f:36:af:16:e1:ee:37:16:ac:db:ce:1e:88:d0:66:
8f:57:77:d0:99:b8:ee:09:6a:d8:2d:2b:76:42:75:
21:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:21:A4:CC:A7:03:A7:28:F6:3C:E5:77:88:DD:1B:64:41:6C:13:98
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/OCGkzKcDpyj2POV3iN0bZEFsE5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/22
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
76:ac:54:6f:63:2d:38:d5:07:04:5b:e9:be:b8:c3:aa:b5:e9:
61:ce:aa:7d:ea:0f:0c:35:3c:c2:d0:be:b7:e7:25:c9:2b:63:
e3:ea:41:2d:81:7a:f0:35:34:30:ee:a4:34:65:2e:60:cc:23:
6a:a2:b4:44:2c:0a:17:b3:aa:54:37:a3:2b:62:f8:6e:87:a0:
0d:a0:2d:7e:30:6f:f5:75:33:c0:6b:e4:33:50:25:39:dc:81:
82:f0:d7:75:e1:11:65:08:81:31:4c:57:23:ff:8a:cd:e2:49:
6c:b8:4f:29:57:77:1a:73:c4:21:ab:cb:1a:dd:fe:60:28:7e:
82:c0:26:e9:4f:e4:de:31:b0:9b:b1:8a:85:24:ad:65:a5:50:
31:64:e0:71:3b:20:55:c9:31:5e:b1:aa:17:55:a2:37:98:8f:
21:b4:7f:c9:f2:da:cc:78:3f:cb:ff:6b:f1:2d:e1:c5:d6:30:
a9:cf:ed:57:4c:75:d2:ba:21:f9:c4:de:7c:34:4c:3b:50:94:
6f:f2:be:e6:e4:ae:44:fd:05:63:a2:ec:e0:28:02:26:55:f8:
52:b4:41:ce:cc:3b:fd:21:7a:1d:e5:19:f0:fd:1a:bf:b0:55:
b8:3e:0e:44:78:0d:98:c3:6f:26:5d:85:b5:13:c0:a5:52:d2:
70:74:2e:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbhkf+rXQZFaSf+c4x6sGxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMzE0MTkyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODIxYTRjY2E3MDNhNzI4ZjYzY2U1Nzc4OGRkMWI2NDQxNmMxMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCsdtsFsV+rFYGLbPcpQCfEBV2yB
ZCF44/emmNTDeURdfFAyR0uw9eOfo/R5ZGKhEevWmSfVcyyY+QY9HAs+Ul4g0Czz
ywj49T9kngWHY018SM0wnyVpIRYOv6R5k1F57UKjlxzyEphHW/wStIF7ZU004WEM
U+58SCXJbLM19/ZUNxSarLzyZ2avnUlQNAJwaa6zmjKlggRyJWHV2yoIVoH0ZsBC
sJ/Ip/JvT+O6tifhaCJ1IDXDP/hvo72lyRp1sW/gEHfTTScuqofn3NpIBflIf+TM
XATiPzM568XN5hxvNq8W4e43Fqzbzh6I0GaPV3fQmbjuCWrYLSt2QnUhkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDghpMynA6co9jzld4jdG2RBbBOYMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvT0NHa3pLY0RweWoyUE9WM2lOMGJaRUZzRTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRw8AwQC
uWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQB2rFRvYy041QcEW+m+uMOqtelh
zqp96g8MNTzC0L635yXJK2Pj6kEtgXrwNTQw7qQ0ZS5gzCNqorRELAoXs6pUN6Mr
Yvhuh6ANoC1+MG/1dTPAa+QzUCU53IGC8Nd14RFlCIExTFcj/4rN4klsuE8pV3ca
c8Qhq8sa3f5gKH6CwCbpT+TeMbCbsYqFJK1lpVAxZOBxOyBVyTFesaoXVaI3mI8h
tH/J8trMeD/L/2vxLeHF1jCpz+1XTHXSuiH5xN58NEw7UJRv8r7m5K5E/QVjouzg
KAImVfhStEHOzDv9IXod5Rnw/Rq/sFW4Pg5EeA2Yw28mXYW1E8ClUtJwdC5c
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:43 2023 by rpki-client on console-fra.rpki-client.org