Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/bEp4S0MOrv0qrcsAz7cRs4sJiSI.roa
File: bEp4S0MOrv0qrcsAz7cRs4sJiSI.roa (raw, json)
Hash identifier: 71zU/9O2fGgXBrFPWJiym5Lk6wQxRWQY58xVr5EE620=
Subject key identifier: 6C:4A:78:4B:43:0E:AE:FD:2A:AD:CB:00:CF:B7:11:B3:8B:09:89:22
Certificate issuer: /CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Certificate serial: 018570B091275C73DE45A9AB407EF2859D17
Authority key identifier: FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/bEp4S0MOrv0qrcsAz7cRs4sJiSI.roa
Signing time: Mon 02 Jan 2023 04:14:57 +0000
ROA not before: Mon 02 Jan 2023 04:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51321
IP address blocks: 185.132.123.0/24 maxlen: 24
185.132.120.0/24 maxlen: 24
185.132.120.0/22 maxlen: 24
185.132.121.0/24 maxlen: 24
185.132.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:91:27:5c:73:de:45:a9:ab:40:7e:f2:85:9d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbd25da64b463af38b444ff37311b1566df5fcb2
Validity
Not Before: Jan 2 04:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c4a784b430eaefd2aadcb00cfb711b38b098922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:da:0b:e6:d9:d2:33:fb:18:1f:1f:6f:63:0c:
8d:94:24:65:f8:1d:d8:8b:c5:2f:a7:cf:22:64:c5:
31:9f:f8:9f:7f:1d:13:61:59:23:25:77:53:70:53:
44:13:50:05:de:d4:48:d5:8a:2e:fa:35:e2:e6:94:
a9:b7:4b:7f:c4:06:e8:3b:2a:6f:38:0b:c9:00:61:
39:3a:01:b2:d5:b0:32:f2:77:44:55:45:05:82:bc:
eb:95:73:30:e9:ae:e4:85:63:7f:a6:84:e2:36:63:
12:43:d8:ea:41:e2:f0:38:7f:85:4c:f8:d5:b2:bb:
e4:21:bd:c3:85:dc:60:f3:ef:65:55:16:c3:3d:f0:
dd:27:46:41:86:5d:1d:c2:aa:66:17:71:ef:5c:9b:
08:fe:9b:8a:88:fd:12:00:31:e2:c7:cd:79:30:b9:
5c:ad:10:54:44:7d:c8:ed:af:2c:cb:d4:cc:6c:17:
41:07:43:cc:85:d9:cb:ab:dc:d7:6a:16:bf:cc:b4:
cc:ac:ad:94:51:2f:22:ea:06:cb:78:b8:39:44:a9:
d5:ca:29:c4:d5:7b:a7:52:5d:cc:15:9e:62:da:a0:
87:18:5d:72:47:e8:c4:f5:86:e3:10:82:53:68:ec:
ea:7a:ca:77:24:35:f6:a8:bd:0a:59:26:97:dd:e2:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4A:78:4B:43:0E:AE:FD:2A:AD:CB:00:CF:B7:11:B3:8B:09:89:22
X509v3 Authority Key Identifier:
keyid:FB:D2:5D:A6:4B:46:3A:F3:8B:44:4F:F3:73:11:B1:56:6D:F5:FC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9JdpktGOvOLRE_zcxGxVm31_LI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/bEp4S0MOrv0qrcsAz7cRs4sJiSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fa65e8-e597-4738-8396-825ec1075de6/1/1-9JdpktGOvOLRE_zcxGxVm31_LI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.120.0/22
Signature Algorithm: sha256WithRSAEncryption
69:9a:21:59:68:06:5c:ee:cd:29:81:af:6e:7d:3a:54:7e:15:
e7:be:5b:13:3e:2c:12:9d:2a:e2:0a:68:be:86:cd:3f:3c:b5:
b5:23:cd:ca:5d:d1:96:cf:01:eb:74:6b:ba:79:76:d2:48:a6:
fb:63:20:0d:66:f7:b7:81:a1:21:c4:ed:e6:36:10:81:da:d3:
db:88:f5:0c:da:4f:74:8c:2f:97:62:f2:c9:8e:dd:cc:fc:32:
a4:5b:d1:0f:23:d6:96:26:99:c7:1d:5e:21:f7:f5:49:d2:c3:
fa:b0:a8:45:33:eb:15:b3:ab:29:13:41:bd:62:2a:68:80:28:
30:21:fd:2d:7e:12:12:99:f7:8a:16:7a:1a:6a:ac:9e:48:10:
89:17:f6:33:39:34:92:cd:b8:80:77:f2:1a:ef:37:fb:44:7c:
17:e9:74:a2:27:85:6f:a5:d6:26:47:53:b7:94:b2:1e:7c:de:
38:ca:ed:a1:a8:3a:fc:68:be:f8:30:5f:0a:1f:15:4f:d6:44:
ba:c9:0a:dd:9f:1e:fa:da:6c:60:cd:47:91:2b:8d:2d:f7:ca:
5b:17:67:af:9f:b1:35:79:4d:62:30:ea:7e:41:1e:49:68:73:
90:a1:c2:b1:1b:53:3d:dd:fc:a1:50:b1:ec:5a:a3:18:82:17:
f2:bb:b6:0b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwsJEnXHPeRamrQH7yhZ0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZDI1ZGE2NGI0NjNhZjM4YjQ0NGZmMzczMTFiMTU2NmRm
NWZjYjIwHhcNMjMwMTAyMDQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRhNzg0YjQzMGVhZWZkMmFhZGNiMDBjZmI3MTFiMzhiMDk4OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptoL5tnSM/sYHx9vYwyNlCRl+B3Y
i8Uvp88iZMUxn/iffx0TYVkjJXdTcFNEE1AF3tRI1You+jXi5pSpt0t/xAboOypv
OAvJAGE5OgGy1bAy8ndEVUUFgrzrlXMw6a7khWN/poTiNmMSQ9jqQeLwOH+FTPjV
srvkIb3Dhdxg8+9lVRbDPfDdJ0ZBhl0dwqpmF3HvXJsI/puKiP0SADHix815MLlc
rRBURH3I7a8sy9TMbBdBB0PMhdnLq9zXaha/zLTMrK2UUS8i6gbLeLg5RKnVyinE
1XunUl3MFZ5i2qCHGF1yR+jE9YbjEIJTaOzqesp3JDX2qL0KWSaX3eIQhQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGxKeEtDDq79Kq3LAM+3EbOLCYkiMB8GA1UdIwQY
MBaAFPvSXaZLRjrzi0RP83MRsVZt9fyyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS05SmRwa3RHT3ZPTFJFX3pjeEd4Vm0zMV9MSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvZmE2NWU4LWU1OTctNDczOC04Mzk2
LTgyNWVjMTA3NWRlNi8xL2JFcDRTME1PcnYwcXJjc0F6N2NSczRzSmlTSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDEvZmE2NWU4LWU1OTctNDczOC04Mzk2LTgyNWVjMTA3NWRl
Ni8xLzEtOUpkcGt0R092T0xSRV96Y3hHeFZtMzFfTEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5hHgw
DQYJKoZIhvcNAQELBQADggEBAGmaIVloBlzuzSmBr259OlR+Fee+WxM+LBKdKuIK
aL6GzT88tbUjzcpd0ZbPAet0a7p5dtJIpvtjIA1m97eBoSHE7eY2EIHa09uI9Qza
T3SML5di8smO3cz8MqRb0Q8j1pYmmccdXiH39UnSw/qwqEUz6xWzqykTQb1iKmiA
KDAh/S1+EhKZ94oWehpqrJ5IEIkX9jM5NJLNuIB38hrvN/tEfBfpdKInhW+l1iZH
U7eUsh583jjK7aGoOvxovvgwXwofFU/WRLrJCt2fHvrabGDNR5ErjS33ylsXZ6+f
sTV5TWIw6n5BHkloc5ChwrEbUz3d/KFQsexaoxiCF/K7tgs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:29 2024 by rpki-client on console.sobornost.net