Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/tjp6VSkdqJk1PzWD8zBWThP1IlA.roa
File: tjp6VSkdqJk1PzWD8zBWThP1IlA.roa (raw, json)
Hash identifier: VVap+fzqcp4935DoGjnI1UYrbVOALVzPtK0NjDy/GMk=
Subject key identifier: B6:3A:7A:55:29:1D:A8:99:35:3F:35:83:F3:30:56:4E:13:F5:22:50
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 01860E8F3A08ECBB094E53A2085AA6184C85
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/tjp6VSkdqJk1PzWD8zBWThP1IlA.roa
Signing time: Wed 01 Feb 2023 19:58:32 +0000
ROA not before: Wed 01 Feb 2023 19:58:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205192
IP address blocks: 185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:8f:3a:08:ec:bb:09:4e:53:a2:08:5a:a6:18:4c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Feb 1 19:58:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63a7a55291da899353f3583f330564e13f52250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:4a:04:c8:b3:0b:c5:ac:b7:13:4f:11:82:
33:ac:e5:df:5e:1e:b9:15:45:81:ef:be:69:f1:ca:
a7:7f:6a:e6:bf:9c:32:45:8b:19:b0:b5:eb:c8:26:
5d:75:2e:95:ec:82:b6:ca:2f:94:93:59:8a:50:eb:
02:65:0f:02:69:16:60:af:f1:69:0a:46:6a:ba:9b:
90:34:96:ea:e2:fd:78:32:f4:69:ef:6a:51:3c:f4:
32:9c:11:1a:40:23:d1:e4:02:0b:b6:f0:89:5d:37:
d7:c6:c2:3e:cb:e6:78:27:88:f7:10:e6:30:6a:dc:
24:59:82:06:ed:53:8e:af:a3:03:79:b2:5f:cd:99:
63:84:d7:0f:6b:0b:66:6e:e9:63:cb:e9:38:34:51:
d0:46:df:79:e5:32:81:72:38:e4:e8:c4:5c:02:70:
55:49:a8:fe:66:5f:37:23:39:77:27:a6:37:f6:63:
4a:d9:e4:c0:9f:ec:79:2e:07:71:ae:75:e7:36:22:
b3:88:63:0f:19:44:b1:0f:6f:c0:9d:79:bd:9d:78:
43:ca:06:81:fc:17:d3:79:ca:5c:af:d6:37:eb:6a:
86:5c:4a:60:f3:3c:f8:bf:56:16:14:ba:b9:35:a9:
b3:dc:a5:ec:b5:bc:7b:de:12:d4:d5:a0:d1:c5:ad:
c5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3A:7A:55:29:1D:A8:99:35:3F:35:83:F3:30:56:4E:13:F5:22:50
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/tjp6VSkdqJk1PzWD8zBWThP1IlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/24
185.28.62.0/23
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
60:ea:e1:27:68:42:49:96:97:6a:be:1d:e3:1b:9c:e2:aa:54:
ae:65:60:48:36:1b:08:c9:d2:e2:29:d1:48:98:67:43:42:92:
08:54:f1:0c:66:af:67:b0:44:15:fa:e5:97:31:7c:e6:f5:95:
c1:4c:83:4e:83:cb:07:9b:5a:31:f1:97:e8:f1:a0:b6:22:1a:
e3:34:96:39:83:b6:ce:0d:a1:d4:cc:6a:5c:a8:81:1b:6a:0a:
5a:51:1e:b5:22:d7:d8:c2:13:01:79:ec:aa:a0:2f:40:0a:9e:
13:d6:cc:66:39:73:cb:00:07:e5:38:d4:fd:7d:9f:81:54:f2:
a7:ab:08:de:02:b1:57:78:1f:0a:f3:c1:ad:a6:40:69:06:8f:
8f:9b:ed:ab:57:26:2b:3a:78:20:f6:cb:43:7b:fc:e0:6f:59:
73:00:07:2f:db:93:a4:b3:b3:35:b9:f1:87:64:66:59:e7:66:
32:ac:df:16:e3:69:a5:38:ea:47:ec:dc:1f:ed:12:4f:13:19:
24:bc:99:fb:81:25:d5:85:9d:24:61:cc:23:f3:ee:14:29:e2:
db:7a:a6:9c:45:29:a4:10:36:2d:3b:61:a4:e8:5a:65:1a:df:
5d:b9:e4:40:03:58:56:d4:e5:35:2a:20:5d:71:83:f1:79:43:
e8:e2:08:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYOjzoI7LsJTlOiCFqmGEyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMjAxMTk1ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNhN2E1NTI5MWRhODk5MzUzZjM1ODNmMzMwNTY0ZTEzZjUyMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhNKBMizC8WstxNPEYIzrOXfXh65
FUWB775p8cqnf2rmv5wyRYsZsLXryCZddS6V7IK2yi+Uk1mKUOsCZQ8CaRZgr/Fp
CkZqupuQNJbq4v14MvRp72pRPPQynBEaQCPR5AILtvCJXTfXxsI+y+Z4J4j3EOYw
atwkWYIG7VOOr6MDebJfzZljhNcPawtmbuljy+k4NFHQRt955TKBcjjk6MRcAnBV
Saj+Zl83Izl3J6Y39mNK2eTAn+x5LgdxrnXnNiKziGMPGUSxD2/AnXm9nXhDygaB
/BfTecpcr9Y362qGXEpg8zz4v1YWFLq5Namz3KXstbx73hLU1aDRxa3FmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLY6elUpHaiZNT81g/MwVk4T9SJQMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvdGpwNlZTa2RxSmsxUHpXRDh6QldUaFAxSWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAuRw8AwQB
uRw+MAwDBAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBAGDq4Sdo
QkmWl2q+HeMbnOKqVK5lYEg2GwjJ0uIp0UiYZ0NCkghU8Qxmr2ewRBX65ZcxfOb1
lcFMg06DywebWjHxl+jxoLYiGuM0ljmDts4NodTMalyogRtqClpRHrUi19jCEwF5
7KqgL0AKnhPWzGY5c8sAB+U41P19n4FU8qerCN4CsVd4Hwrzwa2mQGkGj4+b7atX
Jis6eCD2y0N7/OBvWXMABy/bk6SzszW58YdkZlnnZjKs3xbjaaU46kfs3B/tEk8T
GSS8mfuBJdWFnSRhzCPz7hQp4tt6ppxFKaQQNi07YaToWmUa31255EADWFbU5TUq
IF1xg/F5Q+jiCMw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-ams.rpki-client.org