Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/7287cb-9051-451a-b34a-264cc427254e/1/dDCjrUM6aV80QM8mJ89YsmwZ6bQ.roa
File: dDCjrUM6aV80QM8mJ89YsmwZ6bQ.roa (raw, json)
Hash identifier: MYXe4hZ7xWbWN+u6Wjzlr7UQuB5w2UtoL3sLkYqB6gE=
Subject key identifier: 74:30:A3:AD:43:3A:69:5F:34:40:CF:26:27:CF:58:B2:6C:19:E9:B4
Certificate issuer: /CN=0c4f995f419220f5874267d68cc14372f0cdf293
Certificate serial: 01856F1D9A285D45C07C21B730CA998B757A
Authority key identifier: 0C:4F:99:5F:41:92:20:F5:87:42:67:D6:8C:C1:43:72:F0:CD:F2:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DE-ZX0GSIPWHQmfWjMFDcvDN8pM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/7287cb-9051-451a-b34a-264cc427254e/1/dDCjrUM6aV80QM8mJ89YsmwZ6bQ.roa
Signing time: Sun 01 Jan 2023 20:54:48 +0000
ROA not before: Sun 01 Jan 2023 20:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209905
IP address blocks: 185.191.72.0/24 maxlen: 24
185.191.73.0/24 maxlen: 24
185.191.74.0/24 maxlen: 24
185.191.75.0/24 maxlen: 24
185.191.74.0/23 maxlen: 23
185.191.72.0/23 maxlen: 23
185.191.72.0/22 maxlen: 22
45.65.74.0/24 maxlen: 24
45.65.75.0/24 maxlen: 24
45.65.72.0/23 maxlen: 23
45.65.72.0/22 maxlen: 22
45.65.72.0/24 maxlen: 24
45.65.73.0/24 maxlen: 24
45.65.74.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9a:28:5d:45:c0:7c:21:b7:30:ca:99:8b:75:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4f995f419220f5874267d68cc14372f0cdf293
Validity
Not Before: Jan 1 20:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7430a3ad433a695f3440cf2627cf58b26c19e9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a2:99:23:03:cb:f1:73:10:18:bb:76:72:4a:
52:06:a0:79:c3:7c:6f:69:ac:d0:a9:60:3c:4e:8f:
05:9b:c9:eb:b6:4f:5f:01:7d:37:c5:45:4a:b7:6b:
d3:5c:51:66:26:27:a9:fd:a2:de:b0:cd:a6:ae:09:
9e:7e:93:fb:71:90:dc:8a:48:74:97:a1:71:4a:de:
6f:e5:d5:ef:78:a8:6b:a9:11:76:52:b7:9b:51:87:
e4:99:3c:f2:f5:2f:33:d5:2c:b6:95:b1:ad:7b:c5:
04:2d:f5:06:ab:78:fb:95:cb:b3:aa:28:23:c1:f6:
30:ef:af:d6:ff:31:b9:94:c2:10:6a:56:26:a1:37:
28:1f:44:4e:e3:7d:6c:64:66:be:8c:78:7e:77:15:
89:ef:77:e5:27:d2:0e:96:58:eb:0a:70:bb:ff:9b:
95:24:e1:43:5a:4e:7b:4b:b0:f3:73:4e:1c:d0:18:
8d:d2:1f:19:e2:ec:a0:e6:50:95:bc:7d:d0:c2:15:
a7:4e:39:c8:e0:58:47:72:be:e6:b9:b4:65:66:9c:
95:fa:9c:b4:b4:c7:ab:e0:c7:e5:f1:1d:a0:64:c2:
6f:c9:71:6a:ce:11:13:0d:d3:22:78:3c:92:31:f7:
f8:78:a7:5c:77:57:db:43:ca:9e:d2:dc:93:26:a2:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:30:A3:AD:43:3A:69:5F:34:40:CF:26:27:CF:58:B2:6C:19:E9:B4
X509v3 Authority Key Identifier:
keyid:0C:4F:99:5F:41:92:20:F5:87:42:67:D6:8C:C1:43:72:F0:CD:F2:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE-ZX0GSIPWHQmfWjMFDcvDN8pM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/7287cb-9051-451a-b34a-264cc427254e/1/dDCjrUM6aV80QM8mJ89YsmwZ6bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/7287cb-9051-451a-b34a-264cc427254e/1/DE-ZX0GSIPWHQmfWjMFDcvDN8pM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.72.0/22
185.191.72.0/22
Signature Algorithm: sha256WithRSAEncryption
75:77:1f:ff:af:f2:86:26:09:8f:a5:ee:2d:71:e1:61:fb:e1:
5b:e1:37:83:94:68:c4:10:02:36:7c:47:3d:8d:40:12:cb:4b:
81:17:c6:21:2c:05:b9:09:e2:80:60:83:d7:54:ee:a0:19:b3:
80:af:70:11:3b:37:db:7f:37:1d:89:9a:a9:a3:8f:4b:74:91:
ac:d2:b3:f1:30:93:e7:87:5d:5f:d3:9d:55:df:05:dd:cb:cf:
a0:a2:70:19:a1:8f:bc:0c:57:8f:f2:2c:fc:e9:66:b7:a4:46:
fc:7b:fe:50:74:e5:9a:ca:9c:f8:ce:ab:ce:84:0b:bc:51:9e:
61:4b:af:84:42:4b:97:f2:3c:bc:ee:44:b0:0b:3a:a7:79:cd:
c8:22:e2:c6:49:82:95:1a:93:e1:f1:c0:7e:44:d1:24:69:e4:
26:31:d0:df:1c:3e:ac:67:e6:6f:12:cf:5a:63:16:3a:85:79:
17:92:f2:db:fe:4d:58:dc:6b:e6:d0:71:8f:4d:3f:f9:bc:d5:
02:9d:f3:23:35:0f:db:9e:14:76:2e:7f:1f:15:0d:33:eb:88:
7b:41:91:51:15:01:72:11:9b:31:e0:55:df:fe:80:28:7d:e5:
ae:63:b5:0d:4f:fb:92:17:9c:3a:e1:f6:1a:c5:90:66:0f:0b:
5c:bf:2f:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHZooXUXAfCG3MMqZi3V6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNGY5OTVmNDE5MjIwZjU4NzQyNjdkNjhjYzE0MzcyZjBj
ZGYyOTMwHhcNMjMwMTAxMjA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMwYTNhZDQzM2E2OTVmMzQ0MGNmMjYyN2NmNThiMjZjMTllOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKKZIwPL8XMQGLt2ckpSBqB5w3xv
aazQqWA8To8Fm8nrtk9fAX03xUVKt2vTXFFmJiep/aLesM2mrgmefpP7cZDcikh0
l6FxSt5v5dXveKhrqRF2UrebUYfkmTzy9S8z1Sy2lbGte8UELfUGq3j7lcuzqigj
wfYw76/W/zG5lMIQalYmoTcoH0RO431sZGa+jHh+dxWJ73flJ9IOlljrCnC7/5uV
JOFDWk57S7Dzc04c0BiN0h8Z4uyg5lCVvH3QwhWnTjnI4FhHcr7mubRlZpyV+py0
tMer4Mfl8R2gZMJvyXFqzhETDdMieDySMff4eKdcd1fbQ8qe0tyTJqLRGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQwo61DOmlfNEDPJifPWLJsGem0MB8GA1UdIwQY
MBaAFAxPmV9BkiD1h0Jn1ozBQ3LwzfKTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREUtWlgwR1NJUFdIUW1mV2pNRkRjdkROOHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83Mjg3Y2ItOTA1MS00NTFhLWIzNGEt
MjY0Y2M0MjcyNTRlLzEvZERDanJVTTZhVjgwUU04bUo4OVlzbXdaNmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83Mjg3Y2ItOTA1MS00NTFhLWIzNGEtMjY0Y2M0MjcyNTRl
LzEvREUtWlgwR1NJUFdIUW1mV2pNRkRjdkROOHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUFIAwQC
ub9IMA0GCSqGSIb3DQEBCwUAA4IBAQB1dx//r/KGJgmPpe4tceFh++Fb4TeDlGjE
EAI2fEc9jUASy0uBF8YhLAW5CeKAYIPXVO6gGbOAr3AROzfbfzcdiZqpo49LdJGs
0rPxMJPnh11f051V3wXdy8+gonAZoY+8DFeP8iz86Wa3pEb8e/5QdOWaypz4zqvO
hAu8UZ5hS6+EQkuX8jy87kSwCzqnec3IIuLGSYKVGpPh8cB+RNEkaeQmMdDfHD6s
Z+ZvEs9aYxY6hXkXkvLb/k1Y3Gvm0HGPTT/5vNUCnfMjNQ/bnhR2Ln8fFQ0z64h7
QZFRFQFyEZsx4FXf/oAofeWuY7UNT/uSF5w64fYaxZBmDwtcvy8l
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:25 2024 by rpki-client on console.sobornost.net