Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/MPssRAgFlM0cVS4wojwwjKqfdwo.roa
File: MPssRAgFlM0cVS4wojwwjKqfdwo.roa (raw, json)
Hash identifier: o2ErUkgeKU8mDVI/ULfJN85FoDgzLKNbGUoXpCxdVqM=
Subject key identifier: 30:FB:2C:44:08:05:94:CD:1C:55:2E:30:A2:3C:30:8C:AA:9F:77:0A
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 01880C12F653AF430D12E54D00F1881D5ADA
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/MPssRAgFlM0cVS4wojwwjKqfdwo.roa
Signing time: Thu 11 May 2023 18:29:09 +0000
ROA not before: Thu 11 May 2023 18:29:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.123.254.0/24 maxlen: 24
185.123.255.0/24 maxlen: 24
185.128.135.0/24 maxlen: 24
185.123.253.0/24 maxlen: 24
185.123.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0c:12:f6:53:af:43:0d:12:e5:4d:00:f1:88:1d:5a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: May 11 18:29:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30fb2c44080594cd1c552e30a23c308caa9f770a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:cd:b7:7b:71:f7:d8:cc:b4:47:b8:f9:4b:
c6:1c:9b:e6:81:82:5c:b0:7a:da:38:23:43:78:a4:
58:c3:69:33:ca:e3:1b:6c:c5:b4:9d:43:66:70:51:
81:d1:77:48:9e:ca:ac:c0:46:be:b9:c5:46:54:cc:
dd:28:cb:2f:dc:bf:cd:f2:21:de:9b:28:0a:9f:05:
66:53:09:9c:34:ca:2e:d5:f7:81:b6:0b:80:4a:34:
55:a3:d5:e2:3b:6e:8a:2e:c9:fc:1e:a4:5d:7d:d8:
40:fc:b1:46:6f:ff:08:51:f4:ca:07:c6:da:6d:62:
26:34:35:1d:03:bc:46:08:44:1c:23:f7:ec:d2:c8:
84:72:45:8b:a7:ae:8c:5e:87:3b:12:89:ec:8e:cf:
22:78:12:9b:8a:44:9d:5e:02:65:77:65:29:29:81:
2d:84:c8:b9:53:1d:cd:1b:bc:94:a0:6c:b0:c6:b5:
4f:df:33:83:59:d3:74:40:5d:51:b7:2c:86:f7:6b:
13:c1:fa:ca:0b:4e:71:ef:82:93:6c:58:89:4a:05:
27:c0:e2:b2:2c:49:68:0c:9b:db:89:3f:ac:90:c9:
e6:bf:2f:25:b7:d2:5b:61:46:f0:80:23:b5:c7:ac:
61:7d:48:8c:9b:22:d9:52:11:df:64:ac:9e:f7:91:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FB:2C:44:08:05:94:CD:1C:55:2E:30:A2:3C:30:8C:AA:9F:77:0A
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/MPssRAgFlM0cVS4wojwwjKqfdwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.252.0/22
185.128.135.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e4:55:f9:6f:4d:e3:67:6c:b1:6a:ac:8d:f0:92:67:bb:db:
a4:47:49:1e:29:ac:4e:75:28:93:9e:da:88:84:e9:86:02:45:
84:ed:80:b5:ff:5d:8f:2d:01:bd:1d:32:85:ae:b8:4c:18:c6:
62:67:ff:2c:1c:75:91:49:4c:02:96:64:31:b4:14:23:ad:70:
87:44:47:25:34:ee:a4:e3:56:e7:97:74:b7:b0:37:68:67:11:
69:e6:0a:4c:2d:60:48:50:b6:9c:65:dc:5e:d3:77:3d:2b:54:
2d:ec:b8:44:84:95:02:0e:26:c8:d2:05:d4:50:92:11:ab:6a:
3c:5b:a0:6b:01:60:1b:c1:46:1f:2f:28:f9:67:3e:d8:ce:ff:
60:1e:d6:36:62:58:ba:07:5d:38:f9:9a:2b:a3:c7:f5:57:3a:
3d:cc:8d:43:96:35:7c:bf:68:83:10:ae:81:bf:ea:68:bd:ed:
ef:a6:db:d1:88:a0:f2:b2:26:7d:c7:e8:40:74:df:71:31:6c:
55:1e:83:cd:7d:f8:f5:be:76:71:7c:1f:2f:46:6e:6d:7a:60:
96:bc:03:79:99:86:d1:d6:ff:2f:e9:a6:a6:8f:c1:1f:11:7c:
06:10:0b:e3:60:58:95:e7:9c:ae:ba:82:32:b4:c7:ac:5e:ce:
e2:f1:46:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgMEvZTr0MNEuVNAPGIHVraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwNTExMTgyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZiMmM0NDA4MDU5NGNkMWM1NTJlMzBhMjNjMzA4Y2FhOWY3NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcXNt3tx99jMtEe4+UvGHJvmgYJc
sHraOCNDeKRYw2kzyuMbbMW0nUNmcFGB0XdInsqswEa+ucVGVMzdKMsv3L/N8iHe
mygKnwVmUwmcNMou1feBtguASjRVo9XiO26KLsn8HqRdfdhA/LFGb/8IUfTKB8ba
bWImNDUdA7xGCEQcI/fs0siEckWLp66MXoc7Eonsjs8ieBKbikSdXgJld2UpKYEt
hMi5Ux3NG7yUoGywxrVP3zODWdN0QF1RtyyG92sTwfrKC05x74KTbFiJSgUnwOKy
LEloDJvbiT+skMnmvy8lt9JbYUbwgCO1x6xhfUiMmyLZUhHfZKye95Ez4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDD7LEQIBZTNHFUuMKI8MIyqn3cKMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvTVBzc1JBZ0ZsTTBjVlM0d29qd3dqS3FmZHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXv8AwQA
uYCHMA0GCSqGSIb3DQEBCwUAA4IBAQA65FX5b03jZ2yxaqyN8JJnu9ukR0keKaxO
dSiTntqIhOmGAkWE7YC1/12PLQG9HTKFrrhMGMZiZ/8sHHWRSUwClmQxtBQjrXCH
REclNO6k41bnl3S3sDdoZxFp5gpMLWBIULacZdxe03c9K1Qt7LhEhJUCDibI0gXU
UJIRq2o8W6BrAWAbwUYfLyj5Zz7Yzv9gHtY2Yli6B104+Zoro8f1Vzo9zI1DljV8
v2iDEK6Bv+pove3vptvRiKDysiZ9x+hAdN9xMWxVHoPNffj1vnZxfB8vRm5temCW
vAN5mYbR1v8v6aamj8EfEXwGEAvjYFiV55yuuoIytMesXs7i8UaF
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:52 2024 by rpki-client on console.sobornost.net