Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/gFZWFc009Bcg66VWwU6QBGJkTHY.roa
File: gFZWFc009Bcg66VWwU6QBGJkTHY.roa (raw, json)
Hash identifier: V9MB3MdK1a4SD3YNeLQjOO47nqze5V0l/tElfK+giw8=
Subject key identifier: 80:56:56:15:CD:34:F4:17:20:EB:A5:56:C1:4E:90:04:62:64:4C:76
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 018CC9BBEF8707DF220DAFEA741575A3D517
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/gFZWFc009Bcg66VWwU6QBGJkTHY.roa
Signing time: Tue 02 Jan 2024 10:33:06 +0000
ROA not before: Tue 02 Jan 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 03:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ef:87:07:df:22:0d:af:ea:74:15:75:a3:d5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 2 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80565615cd34f41720eba556c14e900462644c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:aa:ba:2b:99:e0:fd:10:81:c1:b7:be:75:d8:
69:8c:ff:f6:95:bb:be:13:df:93:2a:11:d9:d4:e0:
ef:be:57:48:42:90:26:3b:f2:f7:74:03:34:c2:fc:
86:98:43:ac:f5:fb:bd:57:b5:76:48:42:ca:cf:1c:
9d:af:ee:f2:5c:52:02:ac:ae:67:c5:bd:1b:db:bc:
a8:86:57:1c:36:7b:d2:65:71:8c:65:a8:c2:ba:5c:
fe:65:ae:e3:78:88:1e:21:9a:d8:4b:dc:3e:c0:95:
5e:a5:86:5b:0e:40:17:04:50:df:76:b0:b2:c2:63:
0b:e5:7b:42:5d:02:6f:38:63:37:61:32:ff:c4:94:
93:46:3a:8c:ad:30:3a:9f:c1:19:02:c6:fb:c8:51:
fa:5c:62:2d:52:83:81:e6:53:d7:e5:0e:47:39:52:
f8:e7:d9:be:cd:f1:60:39:8f:86:f0:78:85:a2:06:
6e:f6:f6:39:13:2a:6d:38:be:97:1d:27:9c:83:c4:
ec:75:f1:3f:08:e8:7e:0b:82:9c:a4:9d:4d:8a:7a:
df:c0:31:2a:26:ed:56:bf:b8:0d:88:8b:76:97:93:
cf:81:c1:55:70:21:ef:b5:78:3e:2e:c1:ab:43:c7:
66:a3:22:da:d0:64:71:1c:31:a2:a8:30:16:38:13:
f0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:56:56:15:CD:34:F4:17:20:EB:A5:56:C1:4E:90:04:62:64:4C:76
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/gFZWFc009Bcg66VWwU6QBGJkTHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.28.63.0/24
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:fc:cb:fe:54:f0:66:92:fc:18:2e:6a:28:c2:77:e1:20:d1:
6e:e7:18:31:74:71:af:1b:4b:7d:16:29:2d:8b:18:e4:07:d6:
60:36:34:61:3b:d2:bf:2e:7e:36:ee:1d:fc:a7:45:64:fe:b0:
aa:18:37:fa:de:c1:da:d5:87:c6:62:3a:c8:1b:d3:db:e5:33:
8a:4d:3e:b4:37:58:25:b0:72:a6:6a:7b:f8:fe:24:73:04:eb:
41:17:4b:2f:73:c1:c5:4b:f6:b9:df:63:f5:30:a6:0f:e0:12:
40:21:5f:2a:32:d2:bc:57:2c:0f:79:66:a5:70:2b:a8:f9:55:
05:35:e3:98:c2:9c:c3:38:d5:a2:cf:de:23:93:63:4f:76:dd:
19:13:3c:53:2e:69:86:44:bd:54:2b:db:72:46:72:d6:f1:85:
11:e9:05:62:df:5d:17:47:f5:1b:45:e7:47:65:e9:90:0c:c9:
40:82:0f:e8:fc:72:66:13:80:6f:b5:43:cb:38:7b:47:26:ed:
14:8c:d4:59:8b:23:e3:94:58:61:90:ae:e6:4e:8f:f1:1e:0f:
49:84:46:eb:dc:55:da:15:cd:8d:f3:71:b7:dd:11:98:22:08:
69:d7:a3:4b:89:6a:f2:e7:39:59:d3:7c:95:5b:e8:e8:2b:91:
2c:30:ab:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJu++HB98iDa/qdBV1o9UXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjQwMTAyMTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU2NTYxNWNkMzRmNDE3MjBlYmE1NTZjMTRlOTAwNDYyNjQ0Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKq6K5ng/RCBwbe+ddhpjP/2lbu+
E9+TKhHZ1ODvvldIQpAmO/L3dAM0wvyGmEOs9fu9V7V2SELKzxydr+7yXFICrK5n
xb0b27yohlccNnvSZXGMZajCulz+Za7jeIgeIZrYS9w+wJVepYZbDkAXBFDfdrCy
wmML5XtCXQJvOGM3YTL/xJSTRjqMrTA6n8EZAsb7yFH6XGItUoOB5lPX5Q5HOVL4
59m+zfFgOY+G8HiFogZu9vY5EyptOL6XHSecg8TsdfE/COh+C4KcpJ1NinrfwDEq
Ju1Wv7gNiIt2l5PPgcFVcCHvtXg+LsGrQ8dmoyLa0GRxHDGiqDAWOBPw9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIBWVhXNNPQXIOulVsFOkARiZEx2MB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvZ0ZaV0ZjMDA5QmNnNjZWV3dVNlFCR0prVEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuRw8AwQA
uRw/AwQCuWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQDG/Mv+VPBmkvwYLmoo
wnfhINFu5xgxdHGvG0t9FiktixjkB9ZgNjRhO9K/Ln427h38p0Vk/rCqGDf63sHa
1YfGYjrIG9Pb5TOKTT60N1glsHKmanv4/iRzBOtBF0svc8HFS/a532P1MKYP4BJA
IV8qMtK8VywPeWalcCuo+VUFNeOYwpzDONWiz94jk2NPdt0ZEzxTLmmGRL1UK9ty
RnLW8YUR6QVi310XR/UbRedHZemQDMlAgg/o/HJmE4BvtUPLOHtHJu0UjNRZiyPj
lFhhkK7mTo/xHg9JhEbr3FXaFc2N83G33RGYIghp16NLiWry5zlZ03yVW+joK5Es
MKst
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:07 2024 by rpki-client on console-fra.rpki-client.org