Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/e05gr0DVlYSJ3Ww-mXHErNHWTxQ.roa
File: e05gr0DVlYSJ3Ww-mXHErNHWTxQ.roa (raw, json)
Hash identifier: T8MNbFaHqe1p0UJob73QvGJzFCMVydFSpmwUCKj7kX8=
Subject key identifier: 7B:4E:60:AF:40:D5:95:84:89:DD:6C:3E:99:71:C4:AC:D1:D6:4F:14
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 0186FEADBE61ACC7FBE72C2F1649AF5882CE
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/e05gr0DVlYSJ3Ww-mXHErNHWTxQ.roa
Signing time: Mon 20 Mar 2023 11:00:44 +0000
ROA not before: Mon 20 Mar 2023 11:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209564
IP address blocks: 185.240.182.0/24 maxlen: 24
185.240.183.0/24 maxlen: 24
82.146.23.0/24 maxlen: 24
84.238.223.0/24 maxlen: 24
185.32.151.0/24 maxlen: 24
185.32.149.0/24 maxlen: 24
185.32.150.0/24 maxlen: 24
185.32.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:ad:be:61:ac:c7:fb:e7:2c:2f:16:49:af:58:82:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Mar 20 11:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b4e60af40d5958489dd6c3e9971c4acd1d64f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:4c:fd:10:ba:64:06:17:33:ea:1a:78:7c:
b2:ab:b2:98:5d:01:ee:1d:20:13:b0:37:47:e1:4d:
7f:2e:7f:e8:0d:cc:c3:7f:d6:22:2a:d1:7e:49:ea:
06:72:50:22:b5:f2:83:19:97:db:8f:03:5a:72:e3:
0f:85:8d:6a:d9:50:2a:ea:1b:6b:54:68:25:23:87:
b6:7b:f1:50:fa:a2:ef:3a:59:ba:d8:42:64:0c:52:
4d:ad:82:54:56:f3:0a:49:2d:17:83:c9:08:c0:49:
40:d4:6f:97:c9:86:14:7f:52:ea:49:a2:bd:37:14:
68:b1:29:1e:dd:c6:bb:d4:f0:a0:13:eb:a2:1d:3f:
14:14:40:e7:18:c7:3a:af:ca:ef:c0:bd:48:fb:1b:
3f:32:ea:8c:8d:e4:f9:f0:d4:37:66:6f:11:1c:db:
f3:d5:f7:2c:ab:0a:85:c8:7d:51:41:24:69:c0:28:
55:64:5d:dd:f5:4b:82:e5:70:ca:fd:69:38:05:db:
24:5b:c2:b9:f3:5d:40:4f:08:63:45:cf:92:36:d8:
39:3d:91:8e:2c:d5:b0:40:4a:b0:29:70:7a:7d:c6:
ec:68:d1:11:c4:c6:9c:46:d6:35:de:ab:a0:d9:b9:
15:21:82:a1:b5:0f:7c:ce:7f:18:da:26:0c:d5:94:
7b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4E:60:AF:40:D5:95:84:89:DD:6C:3E:99:71:C4:AC:D1:D6:4F:14
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/e05gr0DVlYSJ3Ww-mXHErNHWTxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.23.0/24
84.238.223.0/24
185.32.148.0/22
185.240.182.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:cc:37:0e:48:60:bc:71:3c:99:58:8e:7a:9b:a4:ff:03:48:
24:83:c5:05:36:48:67:fb:2c:f8:1b:9b:f3:98:38:67:4e:f0:
04:78:50:00:bb:8b:73:39:66:40:54:b3:f7:3e:a1:a8:9f:4d:
d8:8b:dd:8b:72:2b:85:71:1c:2e:aa:73:e2:21:d0:a4:3d:7c:
7c:b7:bd:1f:9d:bc:e4:ea:03:1c:60:56:53:c3:84:54:fb:91:
67:8b:b4:9b:df:32:4e:4d:9c:14:1b:c7:74:40:23:c0:08:3a:
9f:b9:2b:58:e2:c2:6f:c3:f0:ed:39:f7:6c:c3:fb:33:b9:02:
00:ed:29:db:cf:60:55:2e:17:3f:31:7c:40:61:b9:9d:f3:73:
40:c5:4b:41:45:c1:5d:83:54:7e:fe:39:87:02:ca:11:00:09:
bb:d0:60:87:cf:5f:b6:a5:73:20:ec:ff:57:21:1f:3b:a3:79:
22:a1:33:ee:cd:7e:ae:da:90:a6:32:af:b7:a4:39:85:e2:9f:
f2:4c:f4:51:9b:81:43:0b:33:99:cf:84:76:d3:eb:41:35:ba:
62:1d:f1:80:c5:dc:62:20:7c:6c:6f:6c:e5:f8:1f:04:5a:bb:
4a:74:78:72:83:e6:d0:0f:02:2c:bc:3d:b0:ca:ec:94:4e:94:
83:23:bc:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYb+rb5hrMf75ywvFkmvWILOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGMzY2IxZTA3ZDcxNGI3MjVmNTFhNjZkMWRjZmQ4N2Fl
MWM1MWEwHhcNMjMwMzIwMTEwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjRlNjBhZjQwZDU5NTg0ODlkZDZjM2U5OTcxYzRhY2QxZDY0ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgtM/RC6ZAYXM+oaeHyyq7KYXQHu
HSATsDdH4U1/Ln/oDczDf9YiKtF+SeoGclAitfKDGZfbjwNacuMPhY1q2VAq6htr
VGglI4e2e/FQ+qLvOlm62EJkDFJNrYJUVvMKSS0Xg8kIwElA1G+XyYYUf1LqSaK9
NxRosSke3ca71PCgE+uiHT8UFEDnGMc6r8rvwL1I+xs/MuqMjeT58NQ3Zm8RHNvz
1fcsqwqFyH1RQSRpwChVZF3d9UuC5XDK/Wk4BdskW8K5811ATwhjRc+SNtg5PZGO
LNWwQEqwKXB6fcbsaNERxMacRtY13qug2bkVIYKhtQ98zn8Y2iYM1ZR7fwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHtOYK9A1ZWEid1sPplxxKzR1k8UMB8GA1UdIwQY
MBaAFBXcPLHgfXFLcl9Rpm0dz9h64cUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQt
ZmUyY2I0MzFjZjJmLzEvZTA1Z3IwRFZsWVNKM1d3LW1YSEVyTkhXVHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQtZmUyY2I0MzFjZjJm
LzEvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpIXAwQA
VO7fAwQCuSCUAwQBufC2MA0GCSqGSIb3DQEBCwUAA4IBAQDSzDcOSGC8cTyZWI56
m6T/A0gkg8UFNkhn+yz4G5vzmDhnTvAEeFAAu4tzOWZAVLP3PqGon03Yi92LciuF
cRwuqnPiIdCkPXx8t70fnbzk6gMcYFZTw4RU+5Fni7Sb3zJOTZwUG8d0QCPACDqf
uStY4sJvw/DtOfdsw/szuQIA7Snbz2BVLhc/MXxAYbmd83NAxUtBRcFdg1R+/jmH
AsoRAAm70GCHz1+2pXMg7P9XIR87o3kioTPuzX6u2pCmMq+3pDmF4p/yTPRRm4FD
CzOZz4R20+tBNbpiHfGAxdxiIHxsb2zl+B8EWrtKdHhyg+bQDwIsvD2wyuyUTpSD
I7x8
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:54 2024 by rpki-client on console-fra.rpki-client.org