Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa
File: 0DSfFKSI_OpS9vgKfd0COj6xk1w.roa (raw, json)
Hash identifier: 90vNnhs+zzTPFcTqFlglvcOyHYwRgCMxuqbTfvGK5+c=
Subject key identifier: D0:34:9F:14:A4:88:FC:EA:52:F6:F8:0A:7D:DD:02:3A:3E:B1:93:5C
Certificate issuer: /CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Certificate serial: 0186BC618E4CA31A27EA0E543D43A7B38301
Authority key identifier: D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa
Signing time: Tue 07 Mar 2023 14:02:35 +0000
ROA not before: Tue 07 Mar 2023 14:02:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39544
IP address blocks: 185.137.236.0/22 maxlen: 22
178.211.224.0/19 maxlen: 19
185.20.200.0/22 maxlen: 22
109.203.32.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:61:8e:4c:a3:1a:27:ea:0e:54:3d:43:a7:b3:83:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Validity
Not Before: Mar 7 14:02:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0349f14a488fcea52f6f80a7ddd023a3eb1935c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:66:5b:fc:0d:33:3e:16:f6:db:06:af:a0:
15:06:db:d9:71:e3:2a:ab:80:fd:6e:1d:bd:00:6d:
f6:f5:55:a5:18:e6:ee:17:f4:f2:32:91:cb:9f:95:
ec:47:13:d9:d9:12:32:e6:23:d6:07:05:3b:65:77:
bb:46:03:4e:7a:97:cb:77:7e:e4:0d:03:34:f4:63:
a8:73:88:1b:68:b5:d8:33:48:ee:c3:c6:d2:63:a8:
35:d9:7b:e5:5a:76:6f:3a:5c:ae:00:e1:20:80:b0:
7c:1b:f9:14:a7:c1:48:31:78:bc:66:a6:c8:51:42:
b2:94:96:5d:5a:95:82:7c:65:55:5f:2b:e6:fa:df:
8b:f6:f7:41:d6:0e:d8:08:60:1c:b5:64:49:75:90:
f1:e4:84:fc:ec:a3:37:26:11:44:1d:3a:16:98:90:
9e:ac:a1:aa:56:d8:e9:6f:32:94:22:2e:13:15:c9:
9f:11:5f:3e:0e:d8:56:4a:c6:b4:15:6c:3e:49:cc:
84:2f:02:69:7a:33:d5:61:d7:2d:53:5f:74:45:9e:
89:54:66:b6:7e:d9:5b:9b:b0:ba:db:72:49:61:4b:
55:b8:7a:9a:2d:e4:ef:05:4c:0b:95:4f:80:6b:7a:
b1:ff:8d:2a:eb:af:59:45:c9:9d:85:19:ef:62:d3:
0e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:34:9F:14:A4:88:FC:EA:52:F6:F8:0A:7D:DD:02:3A:3E:B1:93:5C
X509v3 Authority Key Identifier:
keyid:D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.32.0/19
178.211.224.0/19
185.20.200.0/22
185.137.236.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:c8:79:ae:ac:80:a1:1d:6d:1d:16:0c:85:42:20:d5:34:99:
be:01:4f:df:44:89:d1:5d:9c:c1:cf:cd:c5:55:8c:59:69:c2:
09:95:67:28:89:bc:b4:2e:40:0f:bc:92:71:72:f3:f6:7f:63:
67:61:1c:ae:68:3d:25:92:48:61:4e:91:d9:02:07:ce:55:86:
1b:95:18:d1:9c:48:aa:35:3b:0d:d1:73:e5:b6:1b:15:0e:89:
01:72:3a:64:1e:69:1e:c7:02:55:69:8f:67:ad:16:40:1e:4e:
cb:e0:47:81:b9:a3:32:4c:77:dc:5c:fb:bf:12:50:54:e4:09:
6d:98:90:d9:04:cb:09:c8:88:e4:c9:af:12:12:e2:87:3c:23:
32:53:b6:6e:50:78:38:d7:0f:1b:ab:95:73:3a:04:bc:09:41:
06:77:7d:19:14:4f:33:00:0d:aa:d0:7d:6c:14:4b:94:4d:70:
a2:8c:78:a1:18:c6:fd:5d:e4:dd:23:ca:eb:3e:aa:d4:c6:07:
f3:2d:e3:7a:9f:25:ff:9c:c4:55:80:ad:7f:7a:4e:02:f3:fe:
30:9b:a5:d6:32:fe:e1:89:30:5c:4f:cc:59:bd:0b:a3:bd:aa:
26:34:25:1a:67:9e:39:0b:44:5b:e0:0b:fb:fb:bb:4b:7d:3b:
65:95:fb:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa8YY5Moxon6g5UPUOns4MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDJmYTRmYjI4ZmFmMjhhMThlOGFkZDRjMTBjOTYzMzdj
M2M0YzUwHhcNMjMwMzA3MTQwMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDM0OWYxNGE0ODhmY2VhNTJmNmY4MGE3ZGRkMDIzYTNlYjE5MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/1mW/wNMz4W9tsGr6AVBtvZceMq
q4D9bh29AG329VWlGObuF/TyMpHLn5XsRxPZ2RIy5iPWBwU7ZXe7RgNOepfLd37k
DQM09GOoc4gbaLXYM0juw8bSY6g12XvlWnZvOlyuAOEggLB8G/kUp8FIMXi8ZqbI
UUKylJZdWpWCfGVVXyvm+t+L9vdB1g7YCGActWRJdZDx5IT87KM3JhFEHToWmJCe
rKGqVtjpbzKUIi4TFcmfEV8+DthWSsa0FWw+ScyELwJpejPVYdctU190RZ6JVGa2
ftlbm7C623JJYUtVuHqaLeTvBUwLlU+Aa3qx/40q669ZRcmdhRnvYtMOuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNA0nxSkiPzqUvb4Cn3dAjo+sZNcMB8GA1UdIwQY
MBaAFNdC+k+yj68ooY6K3UwQyWM3w8TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTct
N2E1ZjYwMTg5YzUxLzEvMERTZkZLU0lfT3BTOXZnS2ZkMENPajZ4azF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTctN2E1ZjYwMTg5YzUx
LzEvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFbcsgAwQF
stPgAwQCuRTIAwQCuYnsMA0GCSqGSIb3DQEBCwUAA4IBAQCtyHmurIChHW0dFgyF
QiDVNJm+AU/fRInRXZzBz83FVYxZacIJlWcoiby0LkAPvJJxcvP2f2NnYRyuaD0l
kkhhTpHZAgfOVYYblRjRnEiqNTsN0XPlthsVDokBcjpkHmkexwJVaY9nrRZAHk7L
4EeBuaMyTHfcXPu/ElBU5AltmJDZBMsJyIjkya8SEuKHPCMyU7ZuUHg41w8bq5Vz
OgS8CUEGd30ZFE8zAA2q0H1sFEuUTXCijHihGMb9XeTdI8rrPqrUxgfzLeN6nyX/
nMRVgK1/ek4C8/4wm6XWMv7hiTBcT8xZvQujvaomNCUaZ545C0Rb4Av7+7tLfTtl
lfv1
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:38:01 2024 by rpki-client on console-fra.rpki-client.org