Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/AOF3wvEKIZcKhBnYHXWB1P5s0Sg.roa
File: AOF3wvEKIZcKhBnYHXWB1P5s0Sg.roa (raw, json)
Hash identifier: QcwkzV2fFfT9cLd/y0PRxBY6Cq9aVguzACLmbEMSnVI=
Subject key identifier: 00:E1:77:C2:F1:0A:21:97:0A:84:19:D8:1D:75:81:D4:FE:6C:D1:28
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018CBAC7FF018C191E33FF0353C2A419FB99
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/AOF3wvEKIZcKhBnYHXWB1P5s0Sg.roa
Signing time: Sat 30 Dec 2023 12:51:58 +0000
ROA not before: Sat 30 Dec 2023 12:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197834
IP address blocks: 185.13.196.0/22 maxlen: 24
176.32.192.0/21 maxlen: 21
176.32.192.0/23 maxlen: 24
176.32.194.0/23 maxlen: 24
176.32.198.0/23 maxlen: 24
176.32.196.0/23 maxlen: 24
176.32.192.236/32 maxlen: 32
109.75.32.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:c7:ff:01:8c:19:1e:33:ff:03:53:c2:a4:19:fb:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Dec 30 12:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00e177c2f10a21970a8419d81d7581d4fe6cd128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bc:0a:ff:28:9e:07:9d:33:28:ad:05:39:89:
8f:78:2d:21:b8:d6:ae:44:4a:d1:ad:95:a1:0f:76:
d3:b7:f5:db:d6:4b:63:9d:46:26:e3:67:9e:4c:1f:
cc:d5:e2:7d:2e:60:87:59:cd:42:cf:9f:d1:9d:dd:
35:bb:cd:ee:18:e2:21:70:c0:80:44:ec:78:ea:cb:
00:59:88:34:3c:73:27:df:5f:e1:78:66:cb:bf:c4:
ae:e7:53:9e:08:0a:78:33:61:4e:15:22:6a:00:b4:
0e:4c:f9:a2:7e:3e:41:e0:35:ff:be:f9:34:d4:95:
54:78:1a:64:68:38:15:a5:ce:a8:48:58:17:7f:72:
e0:5e:c8:5d:22:6f:f4:b3:7f:a9:04:92:ed:5b:b6:
36:2f:b7:70:ff:f6:d2:6c:cd:db:d0:de:39:a7:d1:
24:9e:52:2c:94:04:4b:67:1e:ec:07:fe:5f:da:1b:
46:7f:b8:de:56:ad:87:62:31:b4:be:7c:85:b6:96:
0f:49:f4:bf:c4:c7:6f:09:89:00:18:fb:75:65:3b:
1e:46:d4:a6:c6:82:47:e0:cf:17:ed:28:dc:f2:86:
d8:22:5c:4c:34:b1:51:46:4e:c6:3f:44:b4:d7:d5:
cd:4b:64:64:b3:ce:03:99:6d:84:fc:40:64:63:32:
52:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E1:77:C2:F1:0A:21:97:0A:84:19:D8:1D:75:81:D4:FE:6C:D1:28
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/AOF3wvEKIZcKhBnYHXWB1P5s0Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.32.0/23
176.32.192.0/21
185.13.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:ce:2b:c2:40:38:11:4b:dd:5a:4d:11:1c:60:66:ae:7d:b9:
95:65:5f:b7:dd:45:43:92:11:ad:59:54:b4:fb:01:eb:fa:a4:
f8:65:df:cb:f8:92:6a:5b:ff:ac:94:3e:29:73:f5:00:d4:ab:
75:f9:fa:ab:fd:20:b3:a7:84:44:ce:f0:82:40:30:81:b3:21:
c4:c1:78:0f:e6:e5:1c:25:52:54:37:41:48:fd:68:a2:9d:b2:
82:91:d1:02:93:35:3a:ce:72:ea:f7:a9:05:f3:5e:02:70:ba:
4e:b1:a5:57:83:3c:d5:47:df:71:4f:87:16:a6:84:24:06:04:
c4:8a:a4:f4:1d:d8:a4:c4:29:dd:03:69:c2:75:23:e1:74:43:
b0:93:d5:32:ce:4b:cd:5e:bf:59:19:1c:be:e0:74:a7:79:87:
5f:cf:54:00:ef:b0:55:01:5d:28:39:d5:c4:b7:1a:79:2c:ae:
c3:69:09:93:a6:92:97:fb:ad:b3:d6:f6:2a:85:fa:72:0e:4d:
31:22:67:86:62:b3:32:c1:31:06:2a:92:cd:e6:7e:39:41:b7:
a9:8a:a5:c5:87:29:27:f9:62:ab:84:5d:32:77:b1:7f:fe:23:
1a:b6:34:9c:6d:19:08:5c:d5:fb:a1:51:9d:9f:f3:69:b3:c1:
c4:a6:a3:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYy6x/8BjBkeM/8DU8KkGfuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMxMjMwMTI1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGUxNzdjMmYxMGEyMTk3MGE4NDE5ZDgxZDc1ODFkNGZlNmNkMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLwK/yieB50zKK0FOYmPeC0huNau
RErRrZWhD3bTt/Xb1ktjnUYm42eeTB/M1eJ9LmCHWc1Cz5/Rnd01u83uGOIhcMCA
ROx46ssAWYg0PHMn31/heGbLv8Su51OeCAp4M2FOFSJqALQOTPmifj5B4DX/vvk0
1JVUeBpkaDgVpc6oSFgXf3LgXshdIm/0s3+pBJLtW7Y2L7dw//bSbM3b0N45p9Ek
nlIslARLZx7sB/5f2htGf7jeVq2HYjG0vnyFtpYPSfS/xMdvCYkAGPt1ZTseRtSm
xoJH4M8X7Sjc8obYIlxMNLFRRk7GP0S019XNS2Rks84DmW2E/EBkYzJSaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFADhd8LxCiGXCoQZ2B11gdT+bNEoMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvQU9GM3d2RUtJWmNLaEJuWUhYV0IxUDVzMFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbUsgAwQD
sCDAAwQCuQ3EMA0GCSqGSIb3DQEBCwUAA4IBAQCozivCQDgRS91aTREcYGaufbmV
ZV+33UVDkhGtWVS0+wHr+qT4Zd/L+JJqW/+slD4pc/UA1Kt1+fqr/SCzp4REzvCC
QDCBsyHEwXgP5uUcJVJUN0FI/WiinbKCkdECkzU6znLq96kF814CcLpOsaVXgzzV
R99xT4cWpoQkBgTEiqT0HdikxCndA2nCdSPhdEOwk9UyzkvNXr9ZGRy+4HSneYdf
z1QA77BVAV0oOdXEtxp5LK7DaQmTppKX+62z1vYqhfpyDk0xImeGYrMywTEGKpLN
5n45QbepiqXFhykn+WKrhF0yd7F//iMatjScbRkIXNX7oVGdn/Nps8HEpqNu
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:11 2024 by rpki-client on console-ams.rpki-client.org