Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/wL2CBbKOMqJhxPlTj7Sumf979gc.roa
File: wL2CBbKOMqJhxPlTj7Sumf979gc.roa (raw, json)
Hash identifier: G2U1Qbze+Pe+e1QBEilQL/UEJjjsVLVgQe00p7bMf7I=
Subject key identifier: C0:BD:82:05:B2:8E:32:A2:61:C4:F9:53:8F:B4:AE:99:FF:7B:F6:07
Certificate issuer: /CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Certificate serial: 01856ECB8E61AADF085B63C30454C8FBF2D9
Authority key identifier: 1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/wL2CBbKOMqJhxPlTj7Sumf979gc.roa
Signing time: Sun 01 Jan 2023 19:25:11 +0000
ROA not before: Sun 01 Jan 2023 19:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29144
IP address blocks: 194.0.142.0/24 maxlen: 24
185.76.200.0/24 maxlen: 24
185.76.200.0/23 maxlen: 23
185.76.203.0/24 maxlen: 24
185.76.202.0/23 maxlen: 23
185.76.202.0/24 maxlen: 24
185.76.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:8e:61:aa:df:08:5b:63:c3:04:54:c8:fb:f2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Validity
Not Before: Jan 1 19:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0bd8205b28e32a261c4f9538fb4ae99ff7bf607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:75:c8:39:b0:e8:c8:62:ee:55:ef:4f:63:26:
a2:ed:53:43:53:eb:28:9f:e9:dd:cf:36:ea:08:1c:
37:77:d0:4d:f9:2b:32:31:26:81:f7:40:8d:f6:ac:
b2:4b:42:2b:19:20:f1:d2:17:9f:e9:b5:1c:54:44:
5f:05:88:0b:0e:88:de:58:65:d9:20:14:99:28:4b:
63:15:cd:e0:4c:93:c2:22:a9:e6:dd:3c:c5:d6:b9:
bf:72:31:43:a5:e9:d3:a1:11:09:6c:b8:04:e0:5f:
e2:1b:9d:52:f4:89:ec:73:44:ef:c0:63:cd:65:94:
ad:e9:de:e8:38:5c:bf:7f:07:d8:85:64:20:1b:9f:
18:65:33:1a:e2:43:6a:00:97:5f:6f:bd:33:26:9d:
b8:f7:28:07:48:c7:5b:b4:98:75:0e:90:e6:66:3c:
0b:d0:d8:09:ee:0d:3b:5d:65:9b:59:a6:2c:9c:f4:
00:10:02:3f:c4:fd:c4:92:6c:7b:fa:03:cf:8b:1b:
53:b6:bc:74:4c:fb:95:fa:ec:74:10:ac:5d:30:11:
4e:88:8e:37:b2:8d:cb:69:79:07:65:1a:97:1b:ad:
f0:9f:fe:c3:86:d2:29:74:68:04:2f:f4:fe:c6:6c:
23:03:26:f6:06:89:94:75:5c:d1:45:93:37:f8:b6:
50:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BD:82:05:B2:8E:32:A2:61:C4:F9:53:8F:B4:AE:99:FF:7B:F6:07
X509v3 Authority Key Identifier:
keyid:1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/wL2CBbKOMqJhxPlTj7Sumf979gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.200.0/22
194.0.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cc:63:91:5a:cf:01:3a:1e:04:6a:0e:5e:dd:2a:b4:92:ff:
cf:8d:b5:90:3f:d7:1b:18:bd:dd:41:21:ee:b2:7a:55:c4:ec:
6d:dc:4e:42:c7:42:76:53:a3:f0:06:80:42:d6:e3:ad:61:44:
f7:8f:cd:2b:b9:5b:69:4b:c1:56:93:f4:4e:9d:0b:12:d7:cb:
2d:05:8a:f0:be:38:35:7b:e9:42:02:d6:48:53:f2:b6:19:96:
7b:66:dc:48:cb:17:7b:7b:dc:6d:8c:0d:ac:fa:35:ac:99:af:
d4:0e:7a:35:5d:24:06:f6:20:e1:83:d2:77:cd:b1:18:7c:41:
70:5f:6e:81:36:c5:9d:a4:57:2a:07:37:7b:d5:1b:bd:d3:1c:
ae:66:a5:05:9a:86:7a:79:e1:1f:9e:18:81:8e:10:2f:e7:23:
99:82:07:6a:cb:ba:c4:d4:5e:38:9c:cb:9a:96:c0:be:d5:53:
1f:e1:ec:a9:e9:9b:81:41:0a:18:29:fe:18:0e:06:ae:f0:af:
9e:b6:5e:54:25:11:57:15:d3:03:be:2e:b0:9b:b6:4a:5a:6e:
a1:ca:6a:e6:da:4e:b2:fe:0f:08:ec:27:2c:21:7b:cd:32:d4:
b2:da:b9:bf:52:1c:47:95:bf:07:2e:66:8b:1a:fa:e8:58:e4:
92:94:79:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy45hqt8IW2PDBFTI+/LZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTI1MDllNGYyYTczMGUxNjk5MzdkNDA4MzNiYjg5M2Vl
N2I5OGMwHhcNMjMwMTAxMTkyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJkODIwNWIyOGUzMmEyNjFjNGY5NTM4ZmI0YWU5OWZmN2JmNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXXIObDoyGLuVe9PYyai7VNDU+so
n+ndzzbqCBw3d9BN+SsyMSaB90CN9qyyS0IrGSDx0hef6bUcVERfBYgLDojeWGXZ
IBSZKEtjFc3gTJPCIqnm3TzF1rm/cjFDpenToREJbLgE4F/iG51S9Insc0TvwGPN
ZZSt6d7oOFy/fwfYhWQgG58YZTMa4kNqAJdfb70zJp249ygHSMdbtJh1DpDmZjwL
0NgJ7g07XWWbWaYsnPQAEAI/xP3Ekmx7+gPPixtTtrx0TPuV+ux0EKxdMBFOiI43
so3LaXkHZRqXG63wn/7DhtIpdGgEL/T+xmwjAyb2BomUdVzRRZM3+LZQpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMC9ggWyjjKiYcT5U4+0rpn/e/YHMB8GA1UdIwQY
MBaAFBoSUJ5PKnMOFpk31Agzu4k+57mMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMt
NDE5NmIwZWFjZDI3LzEvd0wyQ0JiS09NcUpoeFBsVGo3U3VtZjk3OWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMtNDE5NmIwZWFjZDI3
LzEvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUzIAwQA
wgCOMA0GCSqGSIb3DQEBCwUAA4IBAQA7zGORWs8BOh4Eag5e3Sq0kv/PjbWQP9cb
GL3dQSHusnpVxOxt3E5Cx0J2U6PwBoBC1uOtYUT3j80ruVtpS8FWk/ROnQsS18st
BYrwvjg1e+lCAtZIU/K2GZZ7ZtxIyxd7e9xtjA2s+jWsma/UDno1XSQG9iDhg9J3
zbEYfEFwX26BNsWdpFcqBzd71Ru90xyuZqUFmoZ6eeEfnhiBjhAv5yOZggdqy7rE
1F44nMualsC+1VMf4eyp6ZuBQQoYKf4YDgau8K+etl5UJRFXFdMDvi6wm7ZKWm6h
ymrm2k6y/g8I7CcsIXvNMtSy2rm/UhxHlb8HLmaLGvroWOSSlHnp
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:03 2024 by rpki-client on console-ams.rpki-client.org