Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/12q_5TzzH803FXwF5RiU3bZeL4o.roa
File: 12q_5TzzH803FXwF5RiU3bZeL4o.roa (raw, json)
Hash identifier: iFRyrN8M0l1U9IHJaUW/cWs3W+oFEgKN9izeWlweSps=
Subject key identifier: D7:6A:BF:E5:3C:F3:1F:CD:37:15:7C:05:E5:18:94:DD:B6:5E:2F:8A
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018BF7C0FB249177C1985CC8A1B7589ADEAF
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/12q_5TzzH803FXwF5RiU3bZeL4o.roa
Signing time: Wed 22 Nov 2023 15:58:21 +0000
ROA not before: Wed 22 Nov 2023 15:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.251.213.0/24 maxlen: 24
185.171.104.0/22 maxlen: 24
185.251.212.0/22 maxlen: 24
185.251.215.0/24 maxlen: 24
185.171.107.0/24 maxlen: 24
185.171.106.0/24 maxlen: 24
185.251.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:c0:fb:24:91:77:c1:98:5c:c8:a1:b7:58:9a:de:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Nov 22 15:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d76abfe53cf31fcd37157c05e51894ddb65e2f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f0:d4:34:a9:f3:1f:35:78:58:59:10:28:c8:
e7:a9:16:a1:82:47:89:2c:dc:e3:6c:11:d6:55:52:
4b:95:92:60:f8:82:ec:85:78:d8:49:7d:cb:fa:e3:
c4:7e:92:ea:78:06:8b:8f:39:de:72:a8:86:12:d8:
f2:55:64:1a:9b:42:d8:83:df:3d:71:8e:be:8c:ed:
7d:e4:3b:ae:1c:e2:ab:91:2a:05:00:56:7e:9d:42:
3d:fc:b6:97:7a:19:f6:08:bc:03:d3:f3:0c:91:1c:
c3:08:ad:86:6b:c3:99:92:da:c9:88:6e:a5:4f:a7:
8c:e4:f8:8f:de:10:05:d1:49:5e:bc:e5:04:7b:bc:
66:f6:37:d4:89:e5:db:eb:6e:a3:97:28:da:66:aa:
0a:c3:92:b8:fb:12:c5:60:69:84:1a:c1:89:ac:f5:
ca:5f:1d:c3:41:6a:f8:87:3d:59:aa:ea:b3:f1:f1:
a9:9d:fa:d0:2b:57:fb:0d:4a:e1:84:64:33:81:21:
af:02:fc:ff:7c:54:6d:2c:15:01:ec:ca:c2:cf:54:
40:58:a8:02:0a:f5:37:bc:7c:91:3b:9d:30:43:a4:
58:c5:73:45:c7:58:d0:35:ae:7f:98:f3:71:86:08:
a1:36:45:ed:31:fc:0a:2a:ee:9c:13:c3:fb:b2:6e:
f5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6A:BF:E5:3C:F3:1F:CD:37:15:7C:05:E5:18:94:DD:B6:5E:2F:8A
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/12q_5TzzH803FXwF5RiU3bZeL4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/22
185.251.212.0/22
Signature Algorithm: sha256WithRSAEncryption
79:24:2f:b3:ac:73:c4:7b:8b:60:6e:f7:b7:84:cf:41:df:5f:
62:02:b2:da:bf:1f:4a:75:c5:ec:d7:d0:c5:96:00:7d:42:b7:
64:03:e1:b3:7e:95:ee:7b:96:1d:8e:88:be:0a:57:89:ff:7b:
ac:6b:8c:66:ca:75:0b:eb:b8:00:82:d8:58:e9:94:79:88:a4:
38:a9:ab:57:e5:10:ff:3b:f9:7d:f3:8f:e6:b2:e4:6d:4b:96:
40:0f:74:1d:17:9d:16:c3:0c:b8:e8:8d:a8:ed:14:00:b7:1f:
a4:30:cc:e8:36:7f:08:6c:7c:f7:0d:b0:c5:b3:8a:29:18:e4:
69:18:fd:20:48:cd:f9:9f:81:be:4a:ed:cf:df:7a:89:a3:30:
67:98:7a:0e:3d:51:30:61:2c:34:c4:a4:ce:27:e1:c0:7a:1b:
47:16:ac:b7:d3:dd:55:b3:a3:d2:90:42:8e:de:a6:ab:38:f3:
12:95:d9:64:50:82:d2:97:73:4c:0e:71:32:7a:a0:53:30:11:
74:01:6d:00:47:d7:c0:8d:51:42:66:16:b9:c6:ad:99:22:25:
f6:1d:27:12:c0:e7:a0:8e:63:a4:e3:49:3a:5a:3c:79:21:9a:
fd:e4:a7:a6:ff:f4:3a:48:88:b2:7e:9c:a7:04:f6:94:49:75:
f9:a5:55:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv3wPskkXfBmFzIobdYmt6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjMxMTIyMTU1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzZhYmZlNTNjZjMxZmNkMzcxNTdjMDVlNTE4OTRkZGI2NWUyZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPDUNKnzHzV4WFkQKMjnqRahgkeJ
LNzjbBHWVVJLlZJg+ILshXjYSX3L+uPEfpLqeAaLjznecqiGEtjyVWQam0LYg989
cY6+jO195DuuHOKrkSoFAFZ+nUI9/LaXehn2CLwD0/MMkRzDCK2Ga8OZktrJiG6l
T6eM5PiP3hAF0UlevOUEe7xm9jfUieXb626jlyjaZqoKw5K4+xLFYGmEGsGJrPXK
Xx3DQWr4hz1Zquqz8fGpnfrQK1f7DUrhhGQzgSGvAvz/fFRtLBUB7MrCz1RAWKgC
CvU3vHyRO50wQ6RYxXNFx1jQNa5/mPNxhgihNkXtMfwKKu6cE8P7sm71zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNdqv+U88x/NNxV8BeUYlN22Xi+KMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEvMTJxXzVUenpIODAzRlh3RjVSaVUzYlplTDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuatoAwQC
ufvUMA0GCSqGSIb3DQEBCwUAA4IBAQB5JC+zrHPEe4tgbve3hM9B319iArLavx9K
dcXs19DFlgB9QrdkA+GzfpXue5Ydjoi+CleJ/3usa4xmynUL67gAgthY6ZR5iKQ4
qatX5RD/O/l984/msuRtS5ZAD3QdF50Wwwy46I2o7RQAtx+kMMzoNn8IbHz3DbDF
s4opGORpGP0gSM35n4G+Su3P33qJozBnmHoOPVEwYSw0xKTOJ+HAehtHFqy3091V
s6PSkEKO3qarOPMSldlkUILSl3NMDnEyeqBTMBF0AW0AR9fAjVFCZha5xq2ZIiX2
HScSwOegjmOk40k6Wjx5IZr95Kem//Q6SIiyfpynBPaUSXX5pVW+
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:52 2024 by rpki-client on console-fra.rpki-client.org