Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/o3QfVFr1pt1HN0OBvTYgqGq1gD4.roa
File: o3QfVFr1pt1HN0OBvTYgqGq1gD4.roa (raw, json)
Hash identifier: dn+vymVA7CKVgFRwLGdhz7HkdHkN5rgWGmnqpB+IWpU=
Subject key identifier: A3:74:1F:54:5A:F5:A6:DD:47:37:43:81:BD:36:20:A8:6A:B5:80:3E
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFDAA9DDE7AF8F3F533FF6CD64AA0C
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/o3QfVFr1pt1HN0OBvTYgqGq1gD4.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12426
IP address blocks: 185.28.144.0/22 maxlen: 22
217.145.192.0/20 maxlen: 20
185.69.48.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:da:a9:dd:e7:af:8f:3f:53:3f:f6:cd:64:aa:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3741f545af5a6dd47374381bd3620a86ab5803e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:52:94:03:d2:54:08:59:ee:87:b6:19:fe:b1:
cf:e2:c9:f3:2b:4b:7c:36:cf:06:77:f2:f7:83:dd:
22:66:10:10:e3:35:88:88:84:a5:c3:a4:9d:63:bd:
2e:e3:dd:29:38:d6:e0:19:ef:6b:93:f5:a6:0e:0b:
0c:5a:3e:13:ce:99:43:02:5a:a8:08:4c:38:68:ea:
3a:18:9c:19:cb:45:65:7f:6b:d2:6b:87:e7:a3:ce:
d7:e6:a4:61:02:29:dd:71:f6:34:74:cf:8e:27:55:
73:c2:d2:76:54:18:b6:c3:35:3f:68:df:08:39:41:
98:6e:8c:15:94:4a:93:f1:3e:b5:88:6f:bb:80:53:
a9:0f:98:56:d5:1c:92:1a:41:37:eb:8c:0e:08:36:
6e:e2:8b:f8:9a:82:37:37:fd:22:b9:6b:8e:44:43:
74:27:22:05:8d:c3:ba:87:21:b7:f6:75:31:b9:b6:
ec:c9:31:28:74:68:9c:55:92:94:0f:b8:d0:91:c5:
90:e4:05:30:8b:9b:c7:6b:e2:d4:65:ff:47:a7:43:
92:0f:19:34:da:7e:4c:ea:15:73:38:2d:c9:da:a5:
e3:a6:6e:f7:6a:b8:a6:e7:cb:67:b6:8e:4f:67:89:
0e:86:86:4f:a1:f5:06:5a:1a:46:ff:8f:62:d3:e6:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:74:1F:54:5A:F5:A6:DD:47:37:43:81:BD:36:20:A8:6A:B5:80:3E
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/o3QfVFr1pt1HN0OBvTYgqGq1gD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.144.0/22
185.69.48.0/22
217.145.192.0/20
Signature Algorithm: sha256WithRSAEncryption
59:52:92:b3:52:6c:1a:7c:af:75:34:56:31:06:63:56:95:15:
c3:62:da:de:10:4b:72:64:1c:e7:de:ee:4e:69:42:7e:2e:df:
de:43:79:29:54:39:8e:14:37:22:3b:89:aa:3a:51:41:0b:ed:
48:d3:3a:4d:65:a0:70:0c:9c:e7:3b:32:b9:ba:e6:ff:79:ef:
ef:40:aa:74:20:52:35:58:a8:f2:03:75:8c:df:6b:15:bc:c3:
e8:7c:de:cd:33:7b:38:0a:63:22:11:ba:6b:01:1e:b4:e6:48:
dc:fb:77:03:30:3d:f2:91:47:ce:f2:40:13:15:46:55:64:07:
c8:91:2d:76:53:94:ed:22:3e:33:ed:a9:e3:d1:72:28:8a:92:
74:e9:6b:77:15:8a:45:91:ad:bf:73:2e:3e:6e:3a:34:a9:7e:
57:a7:2b:60:bb:4b:6c:54:9a:4a:49:e0:20:86:35:20:18:48:
59:4f:fe:fe:f2:20:10:e9:52:b1:79:24:bb:ce:13:82:72:39:
e9:43:cf:6f:da:e0:77:aa:ad:8c:49:7b:3b:1b:7c:32:d4:ec:
88:36:b7:5d:fd:79:bc:02:0b:8b:93:2e:8b:50:3c:fb:b6:a5:
48:d3:a2:ad:37:dd:df:ec:1a:c8:3d:21:57:88:7d:6d:6f:20:
3b:90:2a:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVur9qp3eevjz9TP/bNZKoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc0MWY1NDVhZjVhNmRkNDczNzQzODFiZDM2MjBhODZhYjU4MDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFKUA9JUCFnuh7YZ/rHP4snzK0t8
Ns8Gd/L3g90iZhAQ4zWIiISlw6SdY70u490pONbgGe9rk/WmDgsMWj4TzplDAlqo
CEw4aOo6GJwZy0Vlf2vSa4fno87X5qRhAindcfY0dM+OJ1VzwtJ2VBi2wzU/aN8I
OUGYbowVlEqT8T61iG+7gFOpD5hW1RySGkE364wOCDZu4ov4moI3N/0iuWuOREN0
JyIFjcO6hyG39nUxubbsyTEodGicVZKUD7jQkcWQ5AUwi5vHa+LUZf9Hp0OSDxk0
2n5M6hVzOC3J2qXjpm73arim58tnto5PZ4kOhoZPofUGWhpG/49i0+Y6/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKN0H1Ra9abdRzdDgb02IKhqtYA+MB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvbzNRZlZGcjFwdDFITjBPQnZUWWdxR3ExZ0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRyQAwQC
uUUwAwQE2ZHAMA0GCSqGSIb3DQEBCwUAA4IBAQBZUpKzUmwafK91NFYxBmNWlRXD
YtreEEtyZBzn3u5OaUJ+Lt/eQ3kpVDmOFDciO4mqOlFBC+1I0zpNZaBwDJznOzK5
uub/ee/vQKp0IFI1WKjyA3WM32sVvMPofN7NM3s4CmMiEbprAR605kjc+3cDMD3y
kUfO8kATFUZVZAfIkS12U5TtIj4z7anj0XIoipJ06Wt3FYpFka2/cy4+bjo0qX5X
pytgu0tsVJpKSeAghjUgGEhZT/7+8iAQ6VKxeSS7zhOCcjnpQ89v2uB3qq2MSXs7
G3wy1OyINrdd/Xm8AguLky6LUDz7tqVI06KtN93f7BrIPSFXiH1tbyA7kCpW
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:38 2024 by rpki-client on console-ams.rpki-client.org