Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/ccvMAkNa3eB6U3GWn0TLHq5Ow80.roa
File: ccvMAkNa3eB6U3GWn0TLHq5Ow80.roa (raw, json)
Hash identifier: /MLXLG+0pRtg+v8JO+bvGwL4Ikuez/b29CuXs6h7Jl8=
Subject key identifier: 71:CB:CC:02:43:5A:DD:E0:7A:53:71:96:9F:44:CB:1E:AE:4E:C3:CD
Certificate issuer: /CN=9202036a43dad06b6c2cc64bde767870676f87b3
Certificate serial: 01856C81295525D3A4CA794017ABFD630692
Authority key identifier: 92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/ccvMAkNa3eB6U3GWn0TLHq5Ow80.roa
Signing time: Sun 01 Jan 2023 08:44:42 +0000
ROA not before: Sun 01 Jan 2023 08:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29027
IP address blocks: 185.103.88.0/24 maxlen: 24
185.103.89.0/24 maxlen: 24
185.103.90.0/24 maxlen: 24
185.103.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:29:55:25:d3:a4:ca:79:40:17:ab:fd:63:06:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9202036a43dad06b6c2cc64bde767870676f87b3
Validity
Not Before: Jan 1 08:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71cbcc02435adde07a5371969f44cb1eae4ec3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:23:ad:91:06:f1:24:34:06:35:32:dc:32:
81:8a:42:47:ce:28:5f:b6:0b:a2:2a:10:bc:05:ab:
e1:18:03:e7:c0:14:3d:6e:e1:60:d7:bb:8b:31:24:
29:97:ff:1b:fb:ad:6f:7d:8f:4f:8e:6d:ee:84:06:
fa:ea:e6:19:b3:cf:d6:6b:35:ad:d3:16:32:a7:6d:
40:cf:20:4f:cd:0b:b6:ca:64:90:a2:49:36:ff:b4:
49:7e:39:20:5f:a4:75:09:c6:fa:54:98:9c:90:f3:
20:30:33:7e:03:87:b4:e7:3c:15:66:99:a4:a6:d9:
bd:bf:d8:f4:01:55:58:25:e7:ec:94:34:77:40:1c:
a1:fe:ea:74:48:9c:44:89:c0:bf:59:0d:23:5e:57:
33:c8:dc:4d:44:40:25:21:e2:98:f4:a0:56:84:d9:
62:73:09:90:6b:60:a5:59:da:2c:78:72:6d:80:0c:
ff:40:da:b2:f1:f2:7e:9b:7f:d6:7d:37:72:ce:f3:
a5:76:69:1b:65:8b:92:4a:30:e0:ec:4f:a4:c8:fb:
06:4c:4f:f1:4c:24:01:13:a4:12:1c:69:c3:96:7a:
87:ba:db:83:b0:b4:9e:2c:e8:08:6d:25:85:c8:d7:
b7:be:54:ea:73:fb:a5:5b:20:9d:2d:fb:69:5b:40:
19:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CB:CC:02:43:5A:DD:E0:7A:53:71:96:9F:44:CB:1E:AE:4E:C3:CD
X509v3 Authority Key Identifier:
keyid:92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/ccvMAkNa3eB6U3GWn0TLHq5Ow80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.88.0/22
Signature Algorithm: sha256WithRSAEncryption
04:72:48:64:a4:80:bf:04:81:c4:08:1f:70:5b:1e:9d:8f:01:
c9:73:3b:26:7d:c3:90:24:3d:e8:b2:74:13:f5:af:ac:5c:f1:
31:2a:95:aa:ed:93:ba:85:bb:f9:a7:a3:d9:a5:e5:e2:65:9b:
69:01:a1:6e:31:01:42:62:9c:bb:58:ac:8f:89:b2:0c:3b:a5:
86:a0:c5:34:45:6f:f6:73:9c:a0:a6:50:5a:92:6e:7b:79:8f:
7d:ad:89:0c:4f:e7:aa:0c:fd:3a:3f:60:74:7d:d2:3e:7c:be:
83:6e:16:4e:99:7e:97:b7:b4:bb:a0:d5:d4:90:12:11:e9:6c:
34:a8:b0:38:99:8b:44:78:33:c0:1a:ea:1e:24:60:be:5a:ff:
05:15:77:7b:be:42:96:99:f5:ab:74:dc:bb:f3:82:ef:41:29:
43:fb:5c:fb:d3:63:0e:30:fa:68:37:45:0d:d6:30:16:fb:d3:
96:37:9c:ba:a7:41:9f:cf:8c:51:3b:0d:14:9d:5f:01:78:94:
33:d5:f3:2f:e3:62:0a:e2:e2:b9:ff:b5:85:63:ae:80:49:0c:
26:3d:65:f8:e1:fd:78:e3:af:ad:4e:fc:36:d8:c9:f6:85:e8:
84:09:fa:60:1d:cc:4b:3a:75:dc:25:c2:87:90:79:65:5a:f4:
aa:a5:fa:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsgSlVJdOkynlAF6v9YwaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMDIwMzZhNDNkYWQwNmI2YzJjYzY0YmRlNzY3ODcwNjc2
Zjg3YjMwHhcNMjMwMTAxMDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNiY2MwMjQzNWFkZGUwN2E1MzcxOTY5ZjQ0Y2IxZWFlNGVjM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXYjrZEG8SQ0BjUy3DKBikJHzihf
tguiKhC8BavhGAPnwBQ9buFg17uLMSQpl/8b+61vfY9Pjm3uhAb66uYZs8/WazWt
0xYyp21AzyBPzQu2ymSQokk2/7RJfjkgX6R1Ccb6VJickPMgMDN+A4e05zwVZpmk
ptm9v9j0AVVYJefslDR3QByh/up0SJxEicC/WQ0jXlczyNxNREAlIeKY9KBWhNli
cwmQa2ClWdoseHJtgAz/QNqy8fJ+m3/WfTdyzvOldmkbZYuSSjDg7E+kyPsGTE/x
TCQBE6QSHGnDlnqHutuDsLSeLOgIbSWFyNe3vlTqc/ulWyCdLftpW0AZxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHLzAJDWt3gelNxlp9Eyx6uTsPNMB8GA1UdIwQY
MBaAFJICA2pD2tBrbCzGS952eHBnb4ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAt
NzNkY2VkMzk3MDdmLzEvY2N2TUFrTmEzZUI2VTNHV24wVExIcTVPdzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAtNzNkY2VkMzk3MDdm
LzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWdYMA0G
CSqGSIb3DQEBCwUAA4IBAQAEckhkpIC/BIHECB9wWx6djwHJczsmfcOQJD3osnQT
9a+sXPExKpWq7ZO6hbv5p6PZpeXiZZtpAaFuMQFCYpy7WKyPibIMO6WGoMU0RW/2
c5ygplBakm57eY99rYkMT+eqDP06P2B0fdI+fL6DbhZOmX6Xt7S7oNXUkBIR6Ww0
qLA4mYtEeDPAGuoeJGC+Wv8FFXd7vkKWmfWrdNy784LvQSlD+1z702MOMPpoN0UN
1jAW+9OWN5y6p0Gfz4xROw0UnV8BeJQz1fMv42IK4uK5/7WFY66ASQwmPWX44f14
46+tTvw22Mn2heiECfpgHcxLOnXcJcKHkHllWvSqpfos
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:47 2024 by rpki-client on console-fra.rpki-client.org