Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/oVII5ZQk4gxDYO6C5uqQUnKENPk.roa
File: oVII5ZQk4gxDYO6C5uqQUnKENPk.roa (raw, json)
Hash identifier: 6R5QZ7RUnfdiwX+EGU4ywnNfZ9H+cgucMkHTRSBNIlc=
Subject key identifier: A1:52:08:E5:94:24:E2:0C:43:60:EE:82:E6:EA:90:52:72:84:34:F9
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 0186E1920012D7B4292C505322F6008E0EC8
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/oVII5ZQk4gxDYO6C5uqQUnKENPk.roa
Signing time: Tue 14 Mar 2023 19:21:27 +0000
ROA not before: Tue 14 Mar 2023 19:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205192
IP address blocks: 185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:92:00:12:d7:b4:29:2c:50:53:22:f6:00:8e:0e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Mar 14 19:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a15208e59424e20c4360ee82e6ea9052728434f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ba:05:a9:4c:55:08:ad:07:af:ab:6d:5f:a9:
c3:8e:14:92:d2:c7:75:7d:3f:05:ab:52:4f:10:97:
f0:ec:e4:77:07:25:fc:78:36:67:93:c2:70:c8:f5:
66:a6:bd:9a:22:58:75:7b:df:4a:d7:51:67:57:56:
de:c3:e1:d8:69:93:6b:ce:a3:cc:a4:ec:24:12:c3:
ef:d2:d7:65:bb:25:9e:38:22:e7:0e:e5:e9:25:44:
ab:ce:38:39:b8:9f:39:87:ef:27:d2:c4:fe:7b:75:
d3:f8:a8:2e:5d:97:df:17:10:85:e8:c3:27:27:55:
7a:07:52:46:c5:96:3c:42:af:08:b1:55:42:d9:d2:
cb:65:95:e8:29:f2:54:45:95:9f:b2:29:4c:de:c1:
6d:6c:4f:30:d4:32:1b:d7:c1:94:0a:e8:77:7e:15:
82:fd:ca:42:44:54:de:a6:d3:dd:45:f4:9e:32:19:
b0:50:fc:e6:41:ac:65:29:0f:96:c8:9f:bd:d1:3d:
2e:6e:32:79:57:14:43:5c:c6:a9:59:80:42:2d:18:
47:53:42:a2:34:37:e0:c9:c1:37:bb:7a:0f:1f:ea:
fd:0e:5f:d0:b9:60:d1:db:c7:04:8d:bc:58:ed:f5:
ae:b1:a8:13:a4:cc:b2:eb:63:58:97:c8:8c:66:df:
27:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:52:08:E5:94:24:E2:0C:43:60:EE:82:E6:EA:90:52:72:84:34:F9
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/oVII5ZQk4gxDYO6C5uqQUnKENPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/24
185.28.62.0/23
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
10:19:d9:27:dd:d6:de:9c:1b:2d:12:b0:95:9a:d1:c0:bd:3b:
ed:ce:03:6f:ba:fb:d0:7c:13:ff:98:f3:0b:df:30:22:b9:61:
95:17:cb:8a:b6:44:02:7e:73:c5:4e:52:f4:09:59:d7:df:05:
75:68:35:07:72:1a:32:84:2a:3f:c7:c3:77:c4:e5:f7:a3:69:
30:0c:33:dd:3c:e5:8b:d9:5d:36:8c:5d:cf:54:27:f7:68:37:
57:da:0f:11:b7:86:96:23:4e:f4:21:53:fe:81:02:73:f3:61:
c7:f4:e5:3b:18:6f:4b:d4:f1:e8:0c:41:e3:cf:16:18:d0:54:
50:7f:dd:21:d8:3f:2d:1d:9c:b8:b2:7a:1a:5e:05:39:7b:90:
d3:66:04:de:dd:cf:c6:d8:e0:59:aa:d1:06:bc:d8:39:97:e8:
83:01:96:d6:51:ab:10:68:b4:5a:d3:08:cf:5c:3c:67:af:83:
d9:4d:4c:1e:fc:87:ab:63:fe:78:7d:fb:0b:10:0a:5c:7c:58:
10:dd:4d:06:57:38:70:98:35:9e:6b:d3:df:e6:72:c7:af:4d:
db:83:85:16:49:c1:d6:15:57:6f:2b:49:22:6b:9c:a9:30:84:
18:5f:c1:9e:04:b9:46:b6:28:20:00:48:4d:3d:c9:29:da:ef:
b7:c9:2c:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbhkgAS17QpLFBTIvYAjg7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMzE0MTkyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTUyMDhlNTk0MjRlMjBjNDM2MGVlODJlNmVhOTA1MjcyODQzNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLoFqUxVCK0Hr6ttX6nDjhSS0sd1
fT8Fq1JPEJfw7OR3ByX8eDZnk8JwyPVmpr2aIlh1e99K11FnV1bew+HYaZNrzqPM
pOwkEsPv0tdluyWeOCLnDuXpJUSrzjg5uJ85h+8n0sT+e3XT+KguXZffFxCF6MMn
J1V6B1JGxZY8Qq8IsVVC2dLLZZXoKfJURZWfsilM3sFtbE8w1DIb18GUCuh3fhWC
/cpCRFTeptPdRfSeMhmwUPzmQaxlKQ+WyJ+90T0ubjJ5VxRDXMapWYBCLRhHU0Ki
NDfgycE3u3oPH+r9Dl/QuWDR28cEjbxY7fWusagTpMyy62NYl8iMZt8nTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFSCOWUJOIMQ2DugubqkFJyhDT5MB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvb1ZJSTVaUWs0Z3hEWU82QzV1cVFVbktFTlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuRw8AwQB
uRw+AwQCuWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQAQGdkn3dbenBstErCV
mtHAvTvtzgNvuvvQfBP/mPML3zAiuWGVF8uKtkQCfnPFTlL0CVnX3wV1aDUHchoy
hCo/x8N3xOX3o2kwDDPdPOWL2V02jF3PVCf3aDdX2g8Rt4aWI070IVP+gQJz82HH
9OU7GG9L1PHoDEHjzxYY0FRQf90h2D8tHZy4snoaXgU5e5DTZgTe3c/G2OBZqtEG
vNg5l+iDAZbWUasQaLRa0wjPXDxnr4PZTUwe/IerY/54ffsLEApcfFgQ3U0GVzhw
mDWea9Pf5nLHr03bg4UWScHWFVdvK0kia5ypMIQYX8GeBLlGtiggAEhNPckp2u+3
ySw4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-ams.rpki-client.org