Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/xab1dz8oge4JG9pyaq1h41Tq1tk.roa
File: xab1dz8oge4JG9pyaq1h41Tq1tk.roa (raw, json)
Hash identifier: yFu3pwHkg8ccpTFXMQQaZ0Fkd13cZy+KUGqPyP1aavo=
Subject key identifier: C5:A6:F5:77:3F:28:81:EE:09:1B:DA:72:6A:AD:61:E3:54:EA:D6:D9
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 018894A176A4201626993BC682FED15A54BA
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/xab1dz8oge4JG9pyaq1h41Tq1tk.roa
Signing time: Wed 07 Jun 2023 06:53:09 +0000
ROA not before: Wed 07 Jun 2023 06:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:a1:76:a4:20:16:26:99:3b:c6:82:fe:d1:5a:54:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jun 7 06:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a6f5773f2881ee091bda726aad61e354ead6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:20:42:34:f1:a5:d4:4c:ac:68:68:64:3c:45:
92:d8:b9:1c:07:5e:74:6d:18:29:2a:49:2d:11:14:
4f:81:fa:39:6e:45:1a:31:11:ae:63:aa:1e:77:2c:
44:f9:13:19:34:49:6b:70:d2:98:0a:d1:51:46:43:
3b:17:d5:7e:39:ff:dc:02:bb:f3:6e:63:6f:38:f6:
73:56:96:dc:92:6e:4b:ac:4e:73:1d:00:4a:42:25:
dd:f1:f3:5c:2b:50:11:18:3c:ce:a5:58:df:75:47:
b7:6e:b9:2a:ff:45:94:60:4f:4b:22:85:1d:97:11:
b0:b0:04:2e:34:b6:15:3e:aa:25:ef:0f:e9:a7:ad:
31:11:59:84:70:43:6a:56:58:b3:42:02:f4:44:6f:
54:f2:c1:e2:5e:96:70:1d:12:0d:0c:3f:b4:1b:b1:
f6:2c:68:0d:6e:ed:b0:34:ff:46:bd:0e:16:b2:ba:
55:47:fa:79:42:fa:25:7f:f6:89:d2:f3:52:91:06:
ff:2f:65:cd:20:de:db:24:c0:9a:93:25:d9:9d:b5:
fe:63:01:63:18:2a:c9:dc:a4:50:e9:63:45:16:1f:
9b:b5:2d:b8:bd:90:79:21:31:d7:8d:20:79:07:8a:
eb:0e:f3:b2:7b:4b:dc:71:35:a4:c1:1c:93:fc:5d:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A6:F5:77:3F:28:81:EE:09:1B:DA:72:6A:AD:61:E3:54:EA:D6:D9
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/xab1dz8oge4JG9pyaq1h41Tq1tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.28.63.0/24
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:88:97:c7:b0:af:1a:24:f1:df:45:fd:b7:04:bd:f8:f9:11:
f2:c5:cf:42:02:99:90:58:33:5d:9f:58:88:8d:ba:4c:0b:1d:
b8:8f:e5:a6:f0:b8:9d:26:71:c9:bb:66:e9:2b:92:32:fc:d7:
65:05:8c:1a:f3:cc:37:7a:cf:59:2c:c4:00:08:e0:06:ca:ac:
66:03:6f:cf:e3:5d:79:cb:e0:bd:6a:36:3a:f5:1b:e1:98:66:
86:c1:2a:33:21:4f:2a:26:83:f6:c8:18:da:5a:3c:c6:aa:6d:
db:e7:38:6d:aa:d6:9a:aa:02:c9:d9:06:5b:52:b3:87:be:30:
e0:a7:53:f8:cb:a5:7f:3b:0e:97:00:aa:2b:91:a1:4d:1e:0c:
b6:63:4a:ab:bd:20:2b:fb:14:e8:d6:a3:3d:40:4a:8e:8f:54:
7c:ea:dd:75:1f:41:a8:ec:f5:ef:32:3e:24:cc:52:41:46:c0:
3f:33:3c:0a:41:34:31:38:33:f1:2b:14:31:9a:5d:5a:ad:3e:
fd:c6:5d:67:7c:16:e5:b8:dd:d2:9f:4c:db:b0:8f:ba:43:ac:
3a:f7:92:e3:60:58:4d:2d:10:b5:13:4c:44:ef:f0:7b:14:ca:
99:d9:a8:90:9c:c4:c8:45:26:e8:af:e1:18:07:2c:e4:74:5e:
3a:bc:05:c1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYiUoXakIBYmmTvGgv7RWlS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwNjA3MDY1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE2ZjU3NzNmMjg4MWVlMDkxYmRhNzI2YWFkNjFlMzU0ZWFkNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyBCNPGl1EysaGhkPEWS2LkcB150
bRgpKkktERRPgfo5bkUaMRGuY6oedyxE+RMZNElrcNKYCtFRRkM7F9V+Of/cArvz
bmNvOPZzVpbckm5LrE5zHQBKQiXd8fNcK1ARGDzOpVjfdUe3brkq/0WUYE9LIoUd
lxGwsAQuNLYVPqol7w/pp60xEVmEcENqVlizQgL0RG9U8sHiXpZwHRINDD+0G7H2
LGgNbu2wNP9GvQ4WsrpVR/p5Qvolf/aJ0vNSkQb/L2XNIN7bJMCakyXZnbX+YwFj
GCrJ3KRQ6WNFFh+btS24vZB5ITHXjSB5B4rrDvOye0vccTWkwRyT/F25mwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMWm9Xc/KIHuCRvacmqtYeNU6tbZMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEveGFiMWR6OG9nZTRKRzlweWFxMWg0MVRxMXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBuRw8AwQA
uRw/MAwDBAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBAK6Il8ew
rxok8d9F/bcEvfj5EfLFz0ICmZBYM12fWIiNukwLHbiP5abwuJ0mccm7ZukrkjL8
12UFjBrzzDd6z1ksxAAI4AbKrGYDb8/jXXnL4L1qNjr1G+GYZobBKjMhTyomg/bI
GNpaPMaqbdvnOG2q1pqqAsnZBltSs4e+MOCnU/jLpX87DpcAqiuRoU0eDLZjSqu9
ICv7FOjWoz1ASo6PVHzq3XUfQajs9e8yPiTMUkFGwD8zPApBNDE4M/ErFDGaXVqt
Pv3GXWd8FuW43dKfTNuwj7pDrDr3kuNgWE0tELUTTETv8HsUypnZqJCcxMhFJuiv
4RgHLOR0Xjq8BcE=
-----END CERTIFICATE-----
Generated at Tue Sep 5 20:28:36 2023 by rpki-client on console-fra.rpki-client.org