Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IDWazOisJyYkOdtiRcpSqL5zvkM.roa
File: IDWazOisJyYkOdtiRcpSqL5zvkM.roa (raw, json)
Hash identifier: kj1Tnmcomdy+x5AHsc9OBz4FEdgVWPCo9Rp2vhAW6Is=
Subject key identifier: 20:35:9A:CC:E8:AC:27:26:24:39:DB:62:45:CA:52:A8:BE:73:BE:43
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFD959DEFFA0055210176355980809
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IDWazOisJyYkOdtiRcpSqL5zvkM.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8257
IP address blocks: 188.112.64.0/19 maxlen: 19
188.112.64.0/18 maxlen: 18
176.61.192.0/20 maxlen: 20
176.61.192.0/18 maxlen: 18
176.61.208.0/20 maxlen: 20
188.112.96.0/19 maxlen: 19
176.61.224.0/21 maxlen: 21
178.253.128.0/18 maxlen: 18
178.253.128.0/19 maxlen: 19
185.37.240.0/22 maxlen: 22
178.253.160.0/19 maxlen: 19
85.135.128.0/17 maxlen: 20
176.61.232.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d9:59:de:ff:a0:05:52:10:17:63:55:98:08:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20359acce8ac27262439db6245ca52a8be73be43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:16:fd:6f:a0:08:97:7f:9f:e3:0d:29:c9:cf:
5c:ef:ef:75:39:d2:c3:35:c7:c4:0d:7d:26:fc:ed:
c5:bd:63:36:73:fd:73:7b:c6:a3:b9:62:c2:4b:ff:
36:1c:fe:d0:44:9b:22:32:d5:df:f1:dd:b1:f1:63:
de:84:c7:aa:f8:3e:b0:a2:b7:a0:1a:48:57:fe:b8:
a0:88:ce:1d:d5:21:35:97:0e:6a:2b:f6:d6:c4:f1:
e4:e3:5e:79:10:d2:bd:a9:1d:2d:94:70:08:90:20:
e6:b2:fc:61:7b:5a:5f:f3:c9:5d:2d:b1:65:b8:55:
b2:6f:f2:2c:b5:78:fc:bd:d8:e9:64:69:4b:04:62:
c4:95:b1:40:43:fb:5b:f0:42:17:e6:b4:a6:4d:a2:
f7:a8:45:0b:2e:ab:88:07:bb:5f:8d:0a:69:86:e1:
96:b3:49:d6:72:8a:0d:23:e7:2b:5f:4a:d3:01:62:
50:24:f9:16:9f:cc:99:81:1e:86:14:87:71:68:34:
21:31:91:5c:94:fd:d9:5d:cc:41:32:1c:93:f9:39:
ed:9a:72:11:cc:62:4b:d7:86:d0:b7:c0:3f:4d:46:
20:29:9d:da:ac:0e:c6:81:cc:1a:25:30:e2:24:da:
5f:2b:ac:13:93:5d:1f:26:24:87:60:30:42:f1:43:
03:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:35:9A:CC:E8:AC:27:26:24:39:DB:62:45:CA:52:A8:BE:73:BE:43
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/IDWazOisJyYkOdtiRcpSqL5zvkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.135.128.0/17
176.61.192.0/18
178.253.128.0/18
185.37.240.0/22
188.112.64.0/18
Signature Algorithm: sha256WithRSAEncryption
28:af:9b:d9:75:ca:17:63:3a:5e:4c:24:09:83:a3:1d:08:28:
36:a2:d0:2b:b0:f8:95:92:0c:3b:b3:17:a7:3d:03:bb:d5:d8:
d7:63:40:9c:54:8b:c4:9c:30:76:4a:68:aa:c5:b6:c6:4c:29:
3d:df:59:e9:b1:60:2d:a2:38:d5:22:ed:3b:aa:40:77:33:68:
ba:9c:91:a0:22:cf:fb:65:d7:0d:66:40:2b:3e:73:5d:d8:60:
16:98:21:5d:6b:6a:93:3d:54:55:60:29:ab:92:49:7b:2b:a4:
2d:91:d7:53:67:e9:ef:13:b8:32:0d:c1:8a:64:02:6d:f9:01:
42:0c:7b:a7:c0:a8:80:a4:4c:c5:6e:0e:93:fd:33:93:54:c9:
97:3f:de:93:36:ca:3c:50:95:dd:ff:74:ff:cc:18:7e:4b:9d:
78:b4:1c:4c:ed:54:cc:9c:ce:e5:23:15:60:09:2c:ea:6c:44:
5a:ce:65:cf:c8:c9:43:1b:9f:bb:b4:78:27:30:4a:03:22:bb:
72:c1:ce:b6:5a:66:3a:3f:8f:9f:00:11:15:1f:34:8a:d9:73:
bf:a3:56:da:4c:55:c4:9a:10:6e:e5:43:35:43:80:7d:aa:c1:
d6:0f:62:c3:38:b3:7c:e1:a5:30:ad:54:5a:64:bb:eb:89:cc:
b0:9b:d5:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVur9lZ3v+gBVIQF2NVmAgJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM1OWFjY2U4YWMyNzI2MjQzOWRiNjI0NWNhNTJhOGJlNzNiZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBb9b6AIl3+f4w0pyc9c7+91OdLD
NcfEDX0m/O3FvWM2c/1ze8ajuWLCS/82HP7QRJsiMtXf8d2x8WPehMeq+D6woreg
GkhX/rigiM4d1SE1lw5qK/bWxPHk4155ENK9qR0tlHAIkCDmsvxhe1pf88ldLbFl
uFWyb/IstXj8vdjpZGlLBGLElbFAQ/tb8EIX5rSmTaL3qEULLquIB7tfjQpphuGW
s0nWcooNI+crX0rTAWJQJPkWn8yZgR6GFIdxaDQhMZFclP3ZXcxBMhyT+TntmnIR
zGJL14bQt8A/TUYgKZ3arA7GgcwaJTDiJNpfK6wTk10fJiSHYDBC8UMDTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCA1mszorCcmJDnbYkXKUqi+c75DMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvSURXYXpPaXNKeVlrT2R0aVJjcFNxTDV6dmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHVYeAAwQG
sD3AAwQGsv2AAwQCuSXwAwQGvHBAMA0GCSqGSIb3DQEBCwUAA4IBAQAor5vZdcoX
YzpeTCQJg6MdCCg2otArsPiVkgw7sxenPQO71djXY0CcVIvEnDB2SmiqxbbGTCk9
31npsWAtojjVIu07qkB3M2i6nJGgIs/7ZdcNZkArPnNd2GAWmCFda2qTPVRVYCmr
kkl7K6QtkddTZ+nvE7gyDcGKZAJt+QFCDHunwKiApEzFbg6T/TOTVMmXP96TNso8
UJXd/3T/zBh+S514tBxM7VTMnM7lIxVgCSzqbERazmXPyMlDG5+7tHgnMEoDIrty
wc62WmY6P4+fABEVHzSK2XO/o1baTFXEmhBu5UM1Q4B9qsHWD2LDOLN84aUwrVRa
ZLvricywm9Wy
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:38 2024 by rpki-client on console-fra.rpki-client.org