Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/km6cdoF-cO20r7kdTm6C3e75eJ4.roa
File: km6cdoF-cO20r7kdTm6C3e75eJ4.roa (raw, json)
Hash identifier: 3f5aI2O12hzpJMggVpIQYZ+JJjbwzCNGxrloTbGKyWY=
Subject key identifier: 92:6E:9C:76:81:7E:70:ED:B4:AF:B9:1D:4E:6E:82:DD:EE:F9:78:9E
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018A56822614F0A1CCAD723E9B964980010E
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/km6cdoF-cO20r7kdTm6C3e75eJ4.roa
Signing time: Sat 02 Sep 2023 15:28:04 +0000
ROA not before: Sat 02 Sep 2023 15:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 185.253.123.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
147.78.204.0/24 maxlen: 24
185.208.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:82:26:14:f0:a1:cc:ad:72:3e:9b:96:49:80:01:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 2 15:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=926e9c76817e70edb4afb91d4e6e82ddeef9789e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:e9:b2:08:36:bb:77:10:13:db:a2:50:5c:
e0:0d:37:ab:06:d3:30:a8:71:02:5b:a9:63:ef:78:
94:6e:26:b3:84:94:07:94:76:65:d3:6a:6f:dd:09:
48:d1:bd:9a:cd:97:82:48:1f:d1:e4:f4:a8:6e:08:
1d:7c:80:1b:a7:f9:15:ad:dc:dd:77:ba:ab:a1:36:
67:b4:77:5d:94:85:9d:14:39:ed:bc:e1:54:cb:a4:
ce:0b:bc:f6:62:40:21:57:81:a9:1b:c1:80:34:cc:
01:b8:ea:d4:4a:b9:8e:72:25:42:f7:3c:d0:00:c3:
38:45:4e:82:73:9b:b0:3f:fb:84:36:ff:ce:f2:21:
9e:d9:9f:24:2f:61:8c:6a:d0:5e:df:2c:7c:58:e7:
8e:53:e1:35:3b:43:d7:7f:75:41:01:54:1e:86:03:
cd:67:67:fd:f3:c8:1b:ab:bb:cf:2f:b5:60:36:02:
4d:8c:71:43:7c:11:17:d8:f2:b0:15:cb:f8:80:d8:
8a:a6:23:10:c6:3f:11:8d:0d:43:04:7d:a1:74:3b:
1c:71:11:85:e1:db:b9:70:77:2a:36:8f:44:22:22:
bc:72:cd:30:d2:32:b3:e5:74:98:8f:17:8b:95:1c:
bb:fc:d3:94:ad:10:c8:bc:2c:cd:9f:f4:7f:95:00:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6E:9C:76:81:7E:70:ED:B4:AF:B9:1D:4E:6E:82:DD:EE:F9:78:9E
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/km6cdoF-cO20r7kdTm6C3e75eJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.204.0/24
185.161.191.0/24
185.208.155.0/24
185.253.123.0/24
Signature Algorithm: sha256WithRSAEncryption
80:3e:f7:a5:b1:5c:98:a3:a9:a0:ff:02:bf:34:07:0c:47:6b:
82:b3:82:cd:23:b8:ac:e1:07:a7:ff:a7:27:e9:8f:de:01:3c:
db:89:0e:8f:b3:f0:7a:6d:df:7c:e4:26:f3:8d:91:27:1f:5b:
75:e2:9e:a7:02:cf:72:78:fb:1a:8f:2f:8b:7b:ed:d3:a5:50:
66:0d:9d:2a:46:55:a8:a5:68:c0:c2:3d:ca:da:1a:d3:a7:0d:
b3:7c:6f:db:ec:0f:c8:a3:0f:00:d3:92:6c:a7:72:0a:57:61:
51:92:40:a6:43:b3:0b:4a:ba:2f:e3:49:a3:59:85:9b:e1:16:
15:79:f0:87:c3:5a:32:5b:f5:f1:c2:e2:9c:d2:f7:ca:5f:7b:
9c:0e:16:b3:81:e2:88:50:44:4f:d1:6f:88:6d:92:bb:37:79:
28:6b:c8:44:b6:0a:da:19:e1:74:38:94:57:35:7d:4f:ed:83:
b6:e6:26:13:06:b9:b0:3a:ce:08:29:aa:bc:83:2c:b2:38:9a:
1a:e4:67:d3:af:0d:cb:00:ef:2d:4a:e1:2b:56:61:c4:55:d4:
ae:5f:a1:fb:5c:00:3f:52:8e:09:d3:84:89:28:b8:c1:c3:76:
83:e4:02:06:2a:3b:83:78:c3:42:75:e4:73:b3:ab:76:de:cd:
0a:de:80:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpWgiYU8KHMrXI+m5ZJgAEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwOTAyMTUyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZlOWM3NjgxN2U3MGVkYjRhZmI5MWQ0ZTZlODJkZGVlZjk3ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfbpsgg2u3cQE9uiUFzgDTerBtMw
qHECW6lj73iUbiazhJQHlHZl02pv3QlI0b2azZeCSB/R5PSobggdfIAbp/kVrdzd
d7qroTZntHddlIWdFDntvOFUy6TOC7z2YkAhV4GpG8GANMwBuOrUSrmOciVC9zzQ
AMM4RU6Cc5uwP/uENv/O8iGe2Z8kL2GMatBe3yx8WOeOU+E1O0PXf3VBAVQehgPN
Z2f988gbq7vPL7VgNgJNjHFDfBEX2PKwFcv4gNiKpiMQxj8RjQ1DBH2hdDsccRGF
4du5cHcqNo9EIiK8cs0w0jKz5XSYjxeLlRy7/NOUrRDIvCzNn/R/lQAu+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJJunHaBfnDttK+5HU5ugt3u+XieMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEva202Y2RvRi1jTzIwcjdrZFRtNkMzZTc1ZUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAk07MAwQA
uaG/AwQAudCbAwQAuf17MA0GCSqGSIb3DQEBCwUAA4IBAQCAPvelsVyYo6mg/wK/
NAcMR2uCs4LNI7is4Qen/6cn6Y/eATzbiQ6Ps/B6bd985CbzjZEnH1t14p6nAs9y
ePsajy+Le+3TpVBmDZ0qRlWopWjAwj3K2hrTpw2zfG/b7A/Iow8A05Jsp3IKV2FR
kkCmQ7MLSrov40mjWYWb4RYVefCHw1oyW/XxwuKc0vfKX3ucDhazgeKIUERP0W+I
bZK7N3koa8hEtgraGeF0OJRXNX1P7YO25iYTBrmwOs4IKaq8gyyyOJoa5GfTrw3L
AO8tSuErVmHEVdSuX6H7XAA/Uo4J04SJKLjBw3aD5AIGKjuDeMNCdeRzs6t23s0K
3oBe
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org