Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5645cb-f0ba-44fc-ba93-7369f2ca5b3b/1/rFG0FU1f-uizIxlsnxCv_g47iNM.roa
File: rFG0FU1f-uizIxlsnxCv_g47iNM.roa (raw, json)
Hash identifier: tZCbRYYs9vhbZogYYSbs5m1Tf+eojr4J6vAPYu4uMNA=
Subject key identifier: AC:51:B4:15:4D:5F:FA:E8:B3:23:19:6C:9F:10:AF:FE:0E:3B:88:D3
Certificate issuer: /CN=3fdf08459119969d4b9c17f5a85e92732c5517d1
Certificate serial: 01856D5D2276BCB8ECC7EB27A33E05E352B3
Authority key identifier: 3F:DF:08:45:91:19:96:9D:4B:9C:17:F5:A8:5E:92:73:2C:55:17:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P98IRZEZlp1LnBf1qF6ScyxVF9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5645cb-f0ba-44fc-ba93-7369f2ca5b3b/1/rFG0FU1f-uizIxlsnxCv_g47iNM.roa
Signing time: Sun 01 Jan 2023 12:44:58 +0000
ROA not before: Sun 01 Jan 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207143
IP address blocks: 185.178.192.0/22 maxlen: 22
185.178.192.0/24 maxlen: 24
185.178.193.0/24 maxlen: 24
185.178.195.0/24 maxlen: 24
185.178.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:22:76:bc:b8:ec:c7:eb:27:a3:3e:05:e3:52:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fdf08459119969d4b9c17f5a85e92732c5517d1
Validity
Not Before: Jan 1 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac51b4154d5ffae8b323196c9f10affe0e3b88d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a8:e1:3a:fc:d3:15:66:a0:07:0e:54:a5:36:
2b:1f:9f:99:e1:fe:b0:e8:85:0d:03:d5:34:d2:b9:
e8:09:ee:a1:4f:c1:1a:66:1c:94:de:82:0b:d6:6d:
bc:bc:17:ac:4b:c9:89:23:c5:a7:22:a8:37:3a:88:
a5:9a:ab:24:a6:86:86:c3:43:ab:a8:79:4b:9d:2c:
42:60:08:65:7c:8d:1c:ca:e6:3c:d1:9d:aa:2c:de:
9f:30:19:cd:4d:8d:5b:c6:f0:29:46:c3:ba:31:63:
f7:73:c0:08:ae:7d:ec:29:20:93:0f:35:a2:cf:f1:
ea:94:be:46:d2:8f:cd:63:a7:14:ae:49:a2:14:b9:
5a:6f:23:1e:81:98:73:91:20:0b:b8:cc:ed:78:8a:
53:44:e7:d4:44:1f:9d:9f:bc:27:c9:ed:0e:b9:0c:
a9:56:0a:12:ea:f5:8a:2d:57:8f:da:f7:1c:98:2d:
85:9f:74:96:4b:18:60:75:69:00:2f:cf:57:d7:b8:
35:80:7a:0c:06:82:b9:3a:fc:17:bd:51:c0:20:8f:
79:3c:8b:7c:02:d7:59:2b:5f:23:d6:96:69:69:d9:
32:f2:96:e3:53:96:c8:59:34:80:86:b2:70:15:de:
b8:75:b2:50:42:06:80:08:61:17:87:75:1b:fc:b0:
5d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:51:B4:15:4D:5F:FA:E8:B3:23:19:6C:9F:10:AF:FE:0E:3B:88:D3
X509v3 Authority Key Identifier:
keyid:3F:DF:08:45:91:19:96:9D:4B:9C:17:F5:A8:5E:92:73:2C:55:17:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P98IRZEZlp1LnBf1qF6ScyxVF9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5645cb-f0ba-44fc-ba93-7369f2ca5b3b/1/rFG0FU1f-uizIxlsnxCv_g47iNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5645cb-f0ba-44fc-ba93-7369f2ca5b3b/1/P98IRZEZlp1LnBf1qF6ScyxVF9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.192.0/22
Signature Algorithm: sha256WithRSAEncryption
50:4f:f5:f8:2a:88:90:87:4b:24:12:9d:93:2e:e5:e7:d0:46:
71:54:78:be:98:a2:0c:ed:81:14:70:46:07:7b:b1:fc:0f:7f:
59:4a:eb:af:c9:66:2f:8d:42:9b:39:98:90:2b:cf:c0:5a:ce:
cc:12:c1:d3:b1:7f:1b:2c:c1:2d:15:4f:aa:7b:b3:04:9e:5c:
35:9c:6d:e2:5d:6c:40:b8:49:a0:dc:cc:88:14:ec:c4:5d:72:
43:f7:44:e4:d6:be:68:6e:32:ab:d9:ee:74:8a:88:9e:33:a0:
f4:c9:11:cd:5e:ff:32:ce:de:c1:7b:fe:2b:ec:ef:b5:2f:6a:
80:35:2d:27:46:d0:be:0f:f2:bd:3a:a1:6c:fd:3a:54:b6:03:
b7:5e:fd:8a:4a:f6:0c:66:61:71:96:f5:a3:a8:b6:ad:5e:3e:
7f:5d:66:3b:c0:e2:8e:38:39:4d:26:2d:74:13:6e:ef:f0:82:
ca:0a:10:14:1d:7f:89:a7:42:f3:d4:92:8e:8b:2b:07:e6:dc:
e7:8d:68:4b:7d:46:93:10:d6:be:45:13:0b:e7:1f:dc:0c:de:
a2:cd:f6:30:f0:6a:f2:9f:c0:f6:3c:41:80:9c:7c:b2:0d:92:
64:be:d7:78:69:df:5e:26:66:7f:8c:a2:bf:19:49:30:ec:f9:
ca:62:3b:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXSJ2vLjsx+snoz4F41KzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZGYwODQ1OTExOTk2OWQ0YjljMTdmNWE4NWU5MjczMmM1
NTE3ZDEwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUxYjQxNTRkNWZmYWU4YjMyMzE5NmM5ZjEwYWZmZTBlM2I4OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkajhOvzTFWagBw5UpTYrH5+Z4f6w
6IUNA9U00rnoCe6hT8EaZhyU3oIL1m28vBesS8mJI8WnIqg3OoilmqskpoaGw0Or
qHlLnSxCYAhlfI0cyuY80Z2qLN6fMBnNTY1bxvApRsO6MWP3c8AIrn3sKSCTDzWi
z/HqlL5G0o/NY6cUrkmiFLlabyMegZhzkSALuMzteIpTROfURB+dn7wnye0OuQyp
VgoS6vWKLVeP2vccmC2Fn3SWSxhgdWkAL89X17g1gHoMBoK5OvwXvVHAII95PIt8
AtdZK18j1pZpadky8pbjU5bIWTSAhrJwFd64dbJQQgaACGEXh3Ub/LBdfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxRtBVNX/rosyMZbJ8Qr/4OO4jTMB8GA1UdIwQY
MBaAFD/fCEWRGZadS5wX9aheknMsVRfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDk4SVJaRVpscDFMbkJmMXFGNlNjeXhWRjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81NjQ1Y2ItZjBiYS00NGZjLWJhOTMt
NzM2OWYyY2E1YjNiLzEvckZHMEZVMWYtdWl6SXhsc254Q3ZfZzQ3aU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81NjQ1Y2ItZjBiYS00NGZjLWJhOTMtNzM2OWYyY2E1YjNi
LzEvUDk4SVJaRVpscDFMbkJmMXFGNlNjeXhWRjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubLAMA0G
CSqGSIb3DQEBCwUAA4IBAQBQT/X4KoiQh0skEp2TLuXn0EZxVHi+mKIM7YEUcEYH
e7H8D39ZSuuvyWYvjUKbOZiQK8/AWs7MEsHTsX8bLMEtFU+qe7MEnlw1nG3iXWxA
uEmg3MyIFOzEXXJD90Tk1r5objKr2e50ioieM6D0yRHNXv8yzt7Be/4r7O+1L2qA
NS0nRtC+D/K9OqFs/TpUtgO3Xv2KSvYMZmFxlvWjqLatXj5/XWY7wOKOODlNJi10
E27v8ILKChAUHX+Jp0Lz1JKOiysH5tznjWhLfUaTENa+RRML5x/cDN6izfYw8Gry
n8D2PEGAnHyyDZJkvtd4ad9eJmZ/jKK/GUkw7PnKYjuR
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net