Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa
File: Xc-3veMNJRpsN-l0XVldYiKyoyA.roa (raw, json)
Hash identifier: 5/71uomwofELpoC8ogAKtSatGgZ1ceZAbWdw8RloeKM=
Subject key identifier: 5D:CF:B7:BD:E3:0D:25:1A:6C:37:E9:74:5D:59:5D:62:22:B2:A3:20
Certificate issuer: /CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
Certificate serial: 0185C972D3BB5E82F45219B78E0B77079B0E
Authority key identifier: 46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa
Signing time: Thu 19 Jan 2023 09:53:43 +0000
ROA not before: Thu 19 Jan 2023 09:53:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202743
IP address blocks: 185.155.20.0/22 maxlen: 22
188.211.28.0/23 maxlen: 23
2a0a:b080::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:72:d3:bb:5e:82:f4:52:19:b7:8e:0b:77:07:9b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
Validity
Not Before: Jan 19 09:53:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dcfb7bde30d251a6c37e9745d595d6222b2a320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:d5:a8:96:d7:a0:c7:6b:66:ad:5c:e1:9e:
4d:40:19:ab:ee:57:f0:6d:81:e2:aa:31:0a:88:d9:
be:95:22:39:5f:af:2d:34:db:78:65:2b:55:04:0a:
fb:b9:60:37:35:53:c1:4c:d6:d1:f6:bb:4e:52:10:
f0:a2:c4:a5:40:86:2c:d8:27:be:e6:13:53:dc:05:
8b:34:82:88:41:8e:6a:86:bc:6b:09:df:74:3f:4c:
29:60:54:4d:cb:42:c1:f2:6a:5b:0a:45:f8:b7:f8:
58:a7:93:f9:0b:ca:41:7d:16:bd:ca:23:fa:b5:4f:
44:3b:1c:5e:f4:27:d6:ce:5c:02:5c:37:2b:56:77:
3a:35:66:cb:4b:49:f0:0b:e0:bc:cd:8b:3c:39:88:
e6:74:77:7b:bd:39:5a:77:7d:e6:4b:ad:fb:19:8f:
51:f9:fa:e6:6e:d0:bd:4e:fb:b6:98:94:de:55:dd:
11:7e:09:d1:ac:e8:3d:53:5a:e5:5f:a1:4e:e1:aa:
e5:28:de:56:97:92:ec:ee:4e:04:02:a0:e6:74:d4:
83:24:69:9f:37:e6:c1:53:e7:15:97:62:92:41:33:
8c:ed:4a:13:2c:0f:15:70:11:a6:3f:73:06:da:a9:
96:5e:0e:71:73:f8:76:a2:50:a0:26:1d:78:a3:26:
68:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CF:B7:BD:E3:0D:25:1A:6C:37:E9:74:5D:59:5D:62:22:B2:A3:20
X509v3 Authority Key Identifier:
keyid:46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/RlDGwCqb3k4XGH8FsOypUEg7-S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.20.0/22
188.211.28.0/23
IPv6:
2a0a:b080::/29
Signature Algorithm: sha256WithRSAEncryption
05:d2:31:29:b1:1c:0c:dd:2c:68:8d:f8:ac:b2:e6:46:2e:56:
4d:de:c7:9a:8a:fa:05:ab:ee:07:e1:3b:ff:42:4b:09:4b:d4:
ac:35:f5:2f:d9:bc:85:dc:56:48:df:64:b9:eb:fb:47:9e:3a:
cb:7e:ab:83:6a:91:96:a3:b1:a9:94:0d:8a:9c:58:d3:fe:bb:
20:65:e0:a2:3e:03:d8:5c:80:42:30:3b:f7:15:66:1a:fb:1c:
69:eb:3e:ca:70:4b:be:6e:67:57:28:8d:bf:17:8f:cd:76:72:
dd:0a:64:54:a3:e8:f2:fa:04:cf:2b:02:58:31:3f:28:20:8b:
66:48:af:78:ba:8f:c2:54:9c:e1:15:0b:0e:c5:15:b9:c2:fd:
f3:7a:d2:21:26:e3:53:66:72:fd:84:95:52:e4:8a:a1:77:fa:
b7:43:a5:e8:3a:f1:b3:e7:9a:64:41:f5:3b:be:47:52:cb:d4:
57:46:fa:a7:50:9d:36:f0:06:52:7a:f2:65:15:cb:03:6a:52:
88:2f:a6:cc:a4:44:73:4e:2b:d7:7e:07:6e:fd:15:5c:11:00:
a0:84:0b:52:e0:33:65:32:b2:0b:39:51:2f:c9:70:f0:67:b3:
e8:37:ed:3f:e0:00:ae:4e:4e:15:53:ed:9f:e1:67:aa:a0:8e:
2e:7e:ce:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXJctO7XoL0Uhm3jgt3B5sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTBjNmMwMmE5YmRlNGUxNzE4N2YwNWIwZWNhOTUwNDgz
YmY5MmQwHhcNMjMwMTE5MDk1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNmYjdiZGUzMGQyNTFhNmMzN2U5NzQ1ZDU5NWQ2MjIyYjJhMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq43VqJbXoMdrZq1c4Z5NQBmr7lfw
bYHiqjEKiNm+lSI5X68tNNt4ZStVBAr7uWA3NVPBTNbR9rtOUhDwosSlQIYs2Ce+
5hNT3AWLNIKIQY5qhrxrCd90P0wpYFRNy0LB8mpbCkX4t/hYp5P5C8pBfRa9yiP6
tU9EOxxe9CfWzlwCXDcrVnc6NWbLS0nwC+C8zYs8OYjmdHd7vTlad33mS637GY9R
+frmbtC9Tvu2mJTeVd0RfgnRrOg9U1rlX6FO4arlKN5Wl5Ls7k4EAqDmdNSDJGmf
N+bBU+cVl2KSQTOM7UoTLA8VcBGmP3MG2qmWXg5xc/h2olCgJh14oyZoOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF3Pt73jDSUabDfpdF1ZXWIisqMgMB8GA1UdIwQY
MBaAFEZQxsAqm95OFxh/BbDsqVBIO/ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUt
NDljMjQyOTJlOWJkLzEvWGMtM3ZlTU5KUnBzTi1sMFhWbGRZaUt5b3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUtNDljMjQyOTJlOWJk
LzEvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZsUAwQB
vNMcMA0EAgACMAcDBQMqCrCAMA0GCSqGSIb3DQEBCwUAA4IBAQAF0jEpsRwM3Sxo
jfissuZGLlZN3seaivoFq+4H4Tv/QksJS9SsNfUv2byF3FZI32S56/tHnjrLfquD
apGWo7GplA2KnFjT/rsgZeCiPgPYXIBCMDv3FWYa+xxp6z7KcEu+bmdXKI2/F4/N
dnLdCmRUo+jy+gTPKwJYMT8oIItmSK94uo/CVJzhFQsOxRW5wv3zetIhJuNTZnL9
hJVS5Iqhd/q3Q6XoOvGz55pkQfU7vkdSy9RXRvqnUJ028AZSevJlFcsDalKIL6bM
pERzTivXfgdu/RVcEQCghAtS4DNlMrILOVEvyXDwZ7PoN+0/4ACuTk4VU+2f4Weq
oI4ufs6O
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:27 2024 by rpki-client on console-ams.rpki-client.org