Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/s7tvxm1Pper9GSEI7BXPe987FFQ.roa
File: s7tvxm1Pper9GSEI7BXPe987FFQ.roa (raw, json)
Hash identifier: msJpz4nTWwLE4IKBIoXQcXqIt8+Z0Kl0M30jkHpbnTw=
Subject key identifier: B3:BB:6F:C6:6D:4F:A5:EA:FD:19:21:08:EC:15:CF:7B:DF:3B:14:54
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 0189CF62AEC6CB3C59F38EA1876F4D498919
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/s7tvxm1Pper9GSEI7BXPe987FFQ.roa
Signing time: Mon 07 Aug 2023 09:44:58 +0000
ROA not before: Mon 07 Aug 2023 09:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205192
IP address blocks: 185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:62:ae:c6:cb:3c:59:f3:8e:a1:87:6f:4d:49:89:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Aug 7 09:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3bb6fc66d4fa5eafd192108ec15cf7bdf3b1454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:65:42:86:9d:eb:19:b3:1d:c3:d4:bc:2e:1b:
df:18:bc:9c:c2:a3:ac:df:a4:55:ec:c9:be:6d:0d:
46:de:65:ef:7f:27:74:27:dd:61:ef:1e:f9:0f:a3:
88:ee:3b:5b:b1:62:29:95:0e:f5:04:3f:cf:3f:21:
c6:7e:7b:86:a4:08:72:c3:52:83:61:c1:96:1b:c8:
83:04:63:09:bb:87:d2:cc:89:ec:82:49:d6:80:b8:
4f:7b:ad:a4:67:2b:23:89:2f:9e:96:5d:55:f7:82:
a7:e7:6e:aa:2e:c8:62:a1:29:1c:8b:ee:1a:60:d2:
94:b2:d1:b1:94:7c:99:c6:92:1f:9c:4d:7f:eb:e7:
da:50:15:0b:b5:18:e0:2f:cf:ae:cd:24:1d:dc:c3:
f1:7a:42:e8:8e:8a:17:e8:9b:3e:90:23:5e:67:2f:
43:db:d7:5b:df:af:20:44:c9:b3:ca:44:ba:61:78:
59:60:1e:3a:7e:c5:15:e4:20:ec:fa:68:ed:43:14:
c0:23:4c:a3:24:fd:2c:67:2e:fa:0c:61:fb:8f:3e:
a3:ce:e9:db:47:4c:53:fa:ce:00:f2:e0:3e:af:72:
67:b0:b5:94:c1:f1:0f:cb:f8:9e:9f:7b:c2:6d:ad:
5e:59:93:ca:61:28:0d:c9:be:3e:28:96:55:0b:75:
72:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BB:6F:C6:6D:4F:A5:EA:FD:19:21:08:EC:15:CF:7B:DF:3B:14:54
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/s7tvxm1Pper9GSEI7BXPe987FFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/24
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
43:f9:32:8c:9f:44:87:f5:8a:10:c4:50:bd:11:48:b9:07:11:
e7:74:3b:78:f1:7b:02:cd:2d:ea:6e:c9:6e:ed:d5:29:2e:ae:
ea:3a:5e:a0:97:48:6c:a5:d0:33:bb:c8:fd:c8:a2:58:de:4e:
98:8a:ac:7e:19:16:53:5d:80:fd:ba:81:ee:ce:5d:90:cc:61:
02:fc:d1:5c:c4:26:1c:38:8f:42:5d:4d:7b:bc:76:4d:8e:d5:
e0:10:1c:dc:81:a2:8d:5b:55:15:5c:09:cc:5b:18:99:dd:a8:
db:1f:16:a2:ab:93:90:a0:29:63:9b:8f:a8:12:90:35:3d:23:
81:43:30:cd:81:cd:67:b2:aa:22:1b:eb:d8:87:f8:8e:d1:ca:
1a:4c:f1:94:ea:db:2b:bf:9c:fc:7a:78:c8:d5:6a:5e:dd:ab:
69:a1:16:79:6d:93:53:6e:a6:6b:0e:15:e2:c4:82:31:11:67:
48:7c:4a:e7:41:6c:db:55:63:76:06:60:39:ee:4b:f6:1d:21:
f9:64:65:01:73:bb:24:72:1f:19:3c:ca:21:ba:69:1b:13:0a:
6d:03:8c:6f:66:c3:b8:f1:67:8d:65:2f:62:7c:1e:57:9f:81:
76:19:2f:b2:32:46:ca:81:15:27:c1:0b:40:1b:93:7f:99:20:
57:1b:9d:ae
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYnPYq7GyzxZ846hh29NSYkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwODA3MDk0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JiNmZjNjZkNGZhNWVhZmQxOTIxMDhlYzE1Y2Y3YmRmM2IxNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGVChp3rGbMdw9S8LhvfGLycwqOs
36RV7Mm+bQ1G3mXvfyd0J91h7x75D6OI7jtbsWIplQ71BD/PPyHGfnuGpAhyw1KD
YcGWG8iDBGMJu4fSzInsgknWgLhPe62kZysjiS+ell1V94Kn526qLshioSkci+4a
YNKUstGxlHyZxpIfnE1/6+faUBULtRjgL8+uzSQd3MPxekLojooX6Js+kCNeZy9D
29db368gRMmzykS6YXhZYB46fsUV5CDs+mjtQxTAI0yjJP0sZy76DGH7jz6jzunb
R0xT+s4A8uA+r3JnsLWUwfEPy/ien3vCba1eWZPKYSgNyb4+KJZVC3VyCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLO7b8ZtT6Xq/RkhCOwVz3vfOxRUMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvczd0dnhtMVBwZXI5R1NFSTdCWFBlOTg3RkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAuRw8MAwD
BAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBAEP5MoyfRIf1ihDE
UL0RSLkHEed0O3jxewLNLepuyW7t1Skuruo6XqCXSGyl0DO7yP3IoljeTpiKrH4Z
FlNdgP26ge7OXZDMYQL80VzEJhw4j0JdTXu8dk2O1eAQHNyBoo1bVRVcCcxbGJnd
qNsfFqKrk5CgKWObj6gSkDU9I4FDMM2BzWeyqiIb69iH+I7RyhpM8ZTq2yu/nPx6
eMjVal7dq2mhFnltk1NupmsOFeLEgjERZ0h8SudBbNtVY3YGYDnuS/YdIflkZQFz
uyRyHxk8yiG6aRsTCm0DjG9mw7jxZ41lL2J8HlefgXYZL7IyRsqBFSfBC0Abk3+Z
IFcbna4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:58 2024 by rpki-client on console-fra.rpki-client.org