Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/pEpBk3Rvy99GL7PWwNnYcwGTJkg.roa
File: pEpBk3Rvy99GL7PWwNnYcwGTJkg.roa (raw, json)
Hash identifier: Bn2CFhj3IGNScNsBYg/yKMXoBO/wlRLZrJBWLgLRy8I=
Subject key identifier: A4:4A:41:93:74:6F:CB:DF:46:2F:B3:D6:C0:D9:D8:73:01:93:26:48
Certificate issuer: /CN=21fc142f7d75a714b9acc653d0b5ced337ca4495
Certificate serial: 01856F0B6FF76A93F3B9C31A4BD367BCCC13
Authority key identifier: 21:FC:14:2F:7D:75:A7:14:B9:AC:C6:53:D0:B5:CE:D3:37:CA:44:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IfwUL311pxS5rMZT0LXO0zfKRJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/pEpBk3Rvy99GL7PWwNnYcwGTJkg.roa
Signing time: Sun 01 Jan 2023 20:34:58 +0000
ROA not before: Sun 01 Jan 2023 20:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199278
IP address blocks: 185.17.79.0/29 maxlen: 29
185.17.77.0/28 maxlen: 28
185.17.76.0/24 maxlen: 24
185.17.76.0/22 maxlen: 22
185.17.78.0/24 maxlen: 24
185.17.77.0/24 maxlen: 24
185.17.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:6f:f7:6a:93:f3:b9:c3:1a:4b:d3:67:bc:cc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21fc142f7d75a714b9acc653d0b5ced337ca4495
Validity
Not Before: Jan 1 20:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a44a4193746fcbdf462fb3d6c0d9d87301932648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:14:86:87:4b:db:85:ff:d1:f2:91:1d:1c:53:
37:06:c7:49:33:3b:22:7d:65:b5:a8:28:a4:ee:fa:
47:a3:13:ff:99:7c:56:aa:7e:a3:9d:80:73:5e:fd:
75:c7:5b:1a:bb:58:b6:43:e7:cb:a8:68:5a:da:6a:
08:b2:42:ac:26:45:60:e5:d7:85:36:17:41:c1:e1:
0b:a1:11:c9:40:0f:24:db:87:65:84:51:b9:89:48:
ce:74:49:12:3e:82:c2:c8:20:ed:e3:0d:67:6c:89:
c0:20:b0:39:46:a2:f8:ab:0d:dd:08:e1:f4:cb:2a:
64:71:00:e4:5f:77:95:65:0d:1f:ae:d6:81:ed:23:
04:38:6b:78:dc:99:d6:ad:5d:03:b5:d6:46:93:cd:
f4:c0:7b:03:33:fc:16:1d:35:a5:91:aa:61:75:2c:
b1:6a:d1:8b:1b:da:96:09:bf:0a:a7:47:9d:77:38:
42:fa:21:c8:e8:3d:1d:a4:88:c9:6f:3d:7d:6c:1f:
9f:34:6a:5f:45:c5:f6:4d:be:28:44:c6:ef:c9:90:
73:db:f9:70:98:71:f0:9c:7e:f3:2d:7a:4c:13:81:
bb:7c:3c:54:5d:03:f3:4e:14:7d:47:cc:c0:51:e4:
9f:23:5f:32:90:27:da:47:45:a9:65:d6:65:92:24:
cf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4A:41:93:74:6F:CB:DF:46:2F:B3:D6:C0:D9:D8:73:01:93:26:48
X509v3 Authority Key Identifier:
keyid:21:FC:14:2F:7D:75:A7:14:B9:AC:C6:53:D0:B5:CE:D3:37:CA:44:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfwUL311pxS5rMZT0LXO0zfKRJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/pEpBk3Rvy99GL7PWwNnYcwGTJkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/490c50-6c07-4646-9bd2-8cf115aa2cc3/1/IfwUL311pxS5rMZT0LXO0zfKRJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.76.0/22
Signature Algorithm: sha256WithRSAEncryption
40:76:f3:29:b0:b5:06:64:f9:8e:2a:6e:af:e0:04:a4:f3:7d:
7d:6c:83:4d:7b:8a:7f:7f:f1:b8:23:21:fa:aa:11:12:f2:ba:
0d:5e:7d:b4:a5:79:20:fd:10:aa:45:be:7d:cd:b4:fd:ee:4e:
1e:ca:9b:ec:08:9c:04:19:f2:54:9d:8e:f3:f0:a5:db:f8:29:
4b:54:cb:74:f4:33:89:63:25:c1:77:55:f1:b2:da:9c:a9:0c:
56:83:12:db:c5:37:a5:d3:96:0f:80:3c:fe:f6:5d:f5:a5:a0:
ab:89:c4:46:a1:3e:bc:c0:08:67:6d:2b:4b:46:fd:e9:3e:d9:
2e:87:a7:0a:78:fc:e5:be:3a:29:c4:65:7a:19:8c:90:21:de:
45:f7:26:9a:c0:a9:8d:65:0b:7f:9a:b1:64:b4:2d:21:1c:81:
77:d3:87:71:3a:d5:9a:db:50:3f:48:c7:2f:ae:b2:ff:06:5c:
e8:fb:6a:f3:a6:d3:56:d4:67:4e:04:c9:fd:80:1b:b5:ad:e6:
4f:bd:74:4b:53:c7:b3:02:6a:3b:91:9f:37:de:fa:3f:48:c3:
4e:39:8b:3d:5c:29:c5:d1:9f:7f:d7:57:dd:cc:41:02:af:ae:
c7:8b:f4:b3:09:b5:93:fe:a7:23:4a:90:5f:27:ad:b3:db:c9:
fb:d3:d7:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC2/3apPzucMaS9NnvMwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZmMxNDJmN2Q3NWE3MTRiOWFjYzY1M2QwYjVjZWQzMzdj
YTQ0OTUwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDRhNDE5Mzc0NmZjYmRmNDYyZmIzZDZjMGQ5ZDg3MzAxOTMyNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRSGh0vbhf/R8pEdHFM3BsdJMzsi
fWW1qCik7vpHoxP/mXxWqn6jnYBzXv11x1sau1i2Q+fLqGha2moIskKsJkVg5deF
NhdBweELoRHJQA8k24dlhFG5iUjOdEkSPoLCyCDt4w1nbInAILA5RqL4qw3dCOH0
yypkcQDkX3eVZQ0frtaB7SMEOGt43JnWrV0DtdZGk830wHsDM/wWHTWlkaphdSyx
atGLG9qWCb8Kp0eddzhC+iHI6D0dpIjJbz19bB+fNGpfRcX2Tb4oRMbvyZBz2/lw
mHHwnH7zLXpME4G7fDxUXQPzThR9R8zAUeSfI18ykCfaR0WpZdZlkiTP9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRKQZN0b8vfRi+z1sDZ2HMBkyZIMB8GA1UdIwQY
MBaAFCH8FC99dacUuazGU9C1ztM3ykSVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWZ3VUwzMTFweFM1ck1aVDBMWE8wemZLUkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80OTBjNTAtNmMwNy00NjQ2LTliZDIt
OGNmMTE1YWEyY2MzLzEvcEVwQmszUnZ5OTlHTDdQV3dOblljd0dUSmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80OTBjNTAtNmMwNy00NjQ2LTliZDItOGNmMTE1YWEyY2Mz
LzEvSWZ3VUwzMTFweFM1ck1aVDBMWE8wemZLUkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRFMMA0G
CSqGSIb3DQEBCwUAA4IBAQBAdvMpsLUGZPmOKm6v4ASk8319bINNe4p/f/G4IyH6
qhES8roNXn20pXkg/RCqRb59zbT97k4eypvsCJwEGfJUnY7z8KXb+ClLVMt09DOJ
YyXBd1XxstqcqQxWgxLbxTel05YPgDz+9l31paCricRGoT68wAhnbStLRv3pPtku
h6cKePzlvjopxGV6GYyQId5F9yaawKmNZQt/mrFktC0hHIF304dxOtWa21A/SMcv
rrL/Blzo+2rzptNW1GdOBMn9gBu1reZPvXRLU8ezAmo7kZ833vo/SMNOOYs9XCnF
0Z9/11fdzEECr67Hi/SzCbWT/qcjSpBfJ62z28n709ck
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:28 2024 by rpki-client on console-fra.rpki-client.org