Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/rbAbRPt8_PnxZ9V0-GWlqOnQBVU.roa
File: rbAbRPt8_PnxZ9V0-GWlqOnQBVU.roa (raw, json)
Hash identifier: LoG7txZpuKtbIZgMHtdU2zjyeot9l5Rod1IyhA7yI+I=
Subject key identifier: AD:B0:1B:44:FB:7C:FC:F9:F1:67:D5:74:F8:65:A5:A8:E9:D0:05:55
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 01860E8F394A4AA943AB8BD5E7BCF6BC44EA
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/rbAbRPt8_PnxZ9V0-GWlqOnQBVU.roa
Signing time: Wed 01 Feb 2023 19:58:32 +0000
ROA not before: Wed 01 Feb 2023 19:58:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201021
IP address blocks: 185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:8f:39:4a:4a:a9:43:ab:8b:d5:e7:bc:f6:bc:44:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Feb 1 19:58:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adb01b44fb7cfcf9f167d574f865a5a8e9d00555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:45:67:de:a7:43:19:6a:93:a8:3a:58:86:6e:
eb:3c:57:fc:dd:db:14:f1:9e:94:28:6a:1f:28:5f:
5d:66:61:a7:5a:ce:27:c2:68:1a:d2:60:d5:fb:ee:
4c:b2:a5:d5:8c:b5:ea:fd:30:c3:cf:42:93:fa:92:
58:36:2f:ca:8c:1d:a6:62:23:d9:56:1a:22:82:69:
e4:ed:ed:12:6f:d0:c9:b6:db:8b:40:31:a4:c9:7e:
8c:49:8a:c8:05:86:f7:95:b3:a5:9d:f6:f3:a4:31:
78:62:38:67:9f:49:c8:d4:3e:65:43:70:49:8b:e7:
3c:70:df:19:c8:4f:56:46:5f:c8:4b:1e:30:20:68:
d8:d4:d3:d4:b1:98:f6:f2:e5:48:45:94:d0:11:f3:
bc:e3:f8:eb:af:9d:5f:49:b2:7c:d5:7d:9b:1c:d7:
75:24:7c:ee:78:1a:c4:4e:d4:e1:73:6d:8b:84:25:
3a:56:9e:f1:fe:0c:7e:49:8a:bf:c5:26:9b:8d:3f:
b5:e9:3b:ef:b3:4d:c7:12:bc:4c:84:1d:96:52:67:
55:d9:e9:65:ab:24:d5:22:52:5f:2b:2c:2d:13:8b:
94:40:db:5e:ee:d2:22:da:08:b0:4b:48:12:0c:e5:
fa:09:b3:30:f8:13:2c:03:53:57:2f:e0:96:78:f4:
99:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B0:1B:44:FB:7C:FC:F9:F1:67:D5:74:F8:65:A5:A8:E9:D0:05:55
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/rbAbRPt8_PnxZ9V0-GWlqOnQBVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/22
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
36:aa:df:a4:21:98:94:6c:f9:a4:ae:7f:bb:78:12:33:10:20:
17:e2:df:a6:ca:c2:38:15:b3:9d:21:a5:30:1e:33:99:0e:38:
93:24:85:d9:02:73:c0:9c:c8:69:41:01:64:d3:f3:0e:b5:31:
49:e2:0a:4c:ca:55:7f:07:4e:ed:bf:e0:a9:98:06:72:d3:33:
b0:ba:2e:db:cd:67:a2:3e:51:f5:a8:fb:00:18:70:95:6a:3c:
8d:88:d1:22:0c:b8:66:0a:f9:08:db:c3:50:b9:95:6a:7e:3e:
20:2d:83:1d:e8:5b:de:d4:3d:60:2b:4f:fa:6f:28:4b:d8:7c:
1b:84:fc:65:dc:8b:c3:a4:ce:86:37:6d:99:30:b7:b6:08:74:
b8:98:fc:91:34:83:a8:b4:32:f0:96:7e:d3:12:82:38:d1:1b:
bf:a6:11:69:a2:87:50:73:8b:c8:f5:47:03:0c:b0:a3:f5:8d:
a2:5b:0e:36:2d:57:b1:62:73:88:3a:8e:84:48:e7:16:c7:86:
bd:2c:b2:33:94:e0:85:05:38:c3:42:83:a9:4b:fb:b8:55:a1:
6e:9e:89:f9:f1:58:07:dc:18:8b:84:f9:fe:a9:39:e1:3d:4b:
77:20:73:13:c9:f0:6a:09:cd:cb:85:ff:d1:91:3c:40:5e:88:
8a:ab:ec:95
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYOjzlKSqlDq4vV57z2vETqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMjAxMTk1ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGIwMWI0NGZiN2NmY2Y5ZjE2N2Q1NzRmODY1YTVhOGU5ZDAwNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0Vn3qdDGWqTqDpYhm7rPFf83dsU
8Z6UKGofKF9dZmGnWs4nwmga0mDV++5MsqXVjLXq/TDDz0KT+pJYNi/KjB2mYiPZ
Vhoigmnk7e0Sb9DJttuLQDGkyX6MSYrIBYb3lbOlnfbzpDF4Yjhnn0nI1D5lQ3BJ
i+c8cN8ZyE9WRl/ISx4wIGjY1NPUsZj28uVIRZTQEfO84/jrr51fSbJ81X2bHNd1
JHzueBrETtThc22LhCU6Vp7x/gx+SYq/xSabjT+16Tvvs03HErxMhB2WUmdV2ell
qyTVIlJfKywtE4uUQNte7tIi2giwS0gSDOX6CbMw+BMsA1NXL+CWePSZmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK2wG0T7fPz58WfVdPhlpajp0AVVMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvcmJBYlJQdDhfUG54WjlWMC1HV2xxT25RQlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuRw8MAwD
BAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBADaq36QhmJRs+aSu
f7t4EjMQIBfi36bKwjgVs50hpTAeM5kOOJMkhdkCc8CcyGlBAWTT8w61MUniCkzK
VX8HTu2/4KmYBnLTM7C6LtvNZ6I+UfWo+wAYcJVqPI2I0SIMuGYK+Qjbw1C5lWp+
PiAtgx3oW97UPWArT/pvKEvYfBuE/GXci8OkzoY3bZkwt7YIdLiY/JE0g6i0MvCW
ftMSgjjRG7+mEWmih1Bzi8j1RwMMsKP1jaJbDjYtV7Fic4g6joRI5xbHhr0ssjOU
4IUFOMNCg6lL+7hVoW6eifnxWAfcGIuE+f6pOeE9S3cgcxPJ8GoJzcuF/9GRPEBe
iIqr7JU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:43 2023 by rpki-client on console-fra.rpki-client.org