Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/_-PQ-rKIelmOvU3ZK3pbbhNIPCQ.roa
File: _-PQ-rKIelmOvU3ZK3pbbhNIPCQ.roa (raw, json)
Hash identifier: h1Q6Jir/kehUfFVAOXlT3E/9LHFtW1Lv7dD+FIjCk60=
Subject key identifier: FF:E3:D0:FA:B2:88:7A:59:8E:BD:4D:D9:2B:7A:5B:6E:13:48:3C:24
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 018571D7AEF356FC3D556E3F88EC3DE7E894
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/_-PQ-rKIelmOvU3ZK3pbbhNIPCQ.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.58.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.56.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Feb 2023 10:25:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ae:f3:56:fc:3d:55:6e:3f:88:ec:3d:e7:e8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffe3d0fab2887a598ebd4dd92b7a5b6e13483c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fe:30:9b:11:db:15:24:fb:53:55:94:c2:dd:
63:4d:ba:69:a8:d1:af:a4:3a:0f:a5:8c:51:42:3b:
fc:88:94:f2:22:e5:38:c7:3f:e1:48:f6:44:38:d7:
82:04:98:a5:80:43:1d:3c:f7:f6:f3:aa:6b:7f:ed:
59:37:b6:9a:cc:d2:e0:37:0b:d9:76:1f:69:00:3b:
b5:ea:a9:9b:10:60:89:22:43:9a:4f:1b:36:ad:ee:
46:6a:4b:3e:48:4e:21:3f:92:91:2b:5f:06:67:89:
9c:6b:20:86:07:7a:5e:b9:37:40:ff:74:df:50:f9:
99:40:3d:58:77:dd:40:e0:5f:fd:f1:25:b4:9a:8f:
4e:78:35:1e:4a:b7:ae:b5:41:11:ec:39:68:37:81:
a0:91:09:0d:ef:fc:a5:c0:6a:fd:29:22:a3:f5:02:
98:98:cc:ae:54:e8:e8:c0:c3:ae:35:f1:ad:48:a6:
89:1d:be:ed:05:6e:d4:5f:0a:4a:6a:0b:2d:b9:59:
92:ca:1d:7d:a6:58:73:96:73:a5:80:74:c6:d8:c4:
58:7f:75:bf:76:a5:cf:34:f7:41:11:9e:9a:02:00:
57:be:6c:df:1c:74:b6:23:42:1c:e5:57:fe:b0:5d:
22:06:a7:2d:01:0d:a1:82:13:07:72:a7:8d:d0:d7:
0e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E3:D0:FA:B2:88:7A:59:8E:BD:4D:D9:2B:7A:5B:6E:13:48:3C:24
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/_-PQ-rKIelmOvU3ZK3pbbhNIPCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
52:dd:23:73:2e:ab:05:73:c9:ed:ea:fc:ca:50:25:81:bc:7b:
5c:50:c8:fa:47:f5:29:0b:c3:5a:f4:f6:3c:7b:b0:90:90:05:
8f:08:24:0b:9a:6f:5e:26:ec:cb:7c:c4:b7:45:b0:5a:a9:6c:
b4:07:fa:72:ef:2b:e1:40:8f:ee:b7:c6:93:75:c8:e0:f1:49:
a5:63:58:0b:79:fb:10:be:e0:b4:c5:85:76:c6:f3:f2:75:4c:
37:f0:db:5c:40:39:88:19:42:81:2d:a5:75:35:81:c5:d2:9e:
1f:65:5d:ae:64:c9:af:7a:9e:41:2a:c6:de:35:c9:8c:c3:7c:
69:6b:e7:3c:fc:2f:cc:d0:1d:df:de:0d:de:5a:75:95:94:04:
c9:77:63:6a:45:95:e4:ae:da:ca:69:90:28:cb:b4:c2:ca:a7:
d4:6f:fd:23:3f:8e:fb:21:95:0e:8d:23:c7:f2:e3:aa:d8:a0:
f8:f0:1d:7c:6e:11:17:2f:9c:ad:88:58:f6:d2:d7:25:d3:6f:
bd:e4:18:e4:14:d4:a3:6a:7f:3a:04:5a:04:7d:1d:5e:9f:97:
5a:a7:a4:e6:09:a0:b2:b2:58:06:bb:39:be:9e:10:78:9f:93:
e0:6b:43:cc:55:ce:d4:01:10:3a:af:ca:24:71:7c:07:dd:0a:
02:f0:a3:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx167zVvw9VW4/iOw95+iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmUzZDBmYWIyODg3YTU5OGViZDRkZDkyYjdhNWI2ZTEzNDgzYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof4wmxHbFST7U1WUwt1jTbppqNGv
pDoPpYxRQjv8iJTyIuU4xz/hSPZEONeCBJilgEMdPPf286prf+1ZN7aazNLgNwvZ
dh9pADu16qmbEGCJIkOaTxs2re5Gaks+SE4hP5KRK18GZ4mcayCGB3peuTdA/3Tf
UPmZQD1Yd91A4F/98SW0mo9OeDUeSreutUER7DloN4GgkQkN7/ylwGr9KSKj9QKY
mMyuVOjowMOuNfGtSKaJHb7tBW7UXwpKagstuVmSyh19plhzlnOlgHTG2MRYf3W/
dqXPNPdBEZ6aAgBXvmzfHHS2I0Ic5Vf+sF0iBqctAQ2hghMHcqeN0NcOBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/j0PqyiHpZjr1N2St6W24TSDwkMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvXy1QUS1yS0llbG1PdlUzWkszcGJiaE5JUENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQBS3SNzLqsFc8nt6vzKUCWBvHtcUMj6R/UpC8Na9PY8
e7CQkAWPCCQLmm9eJuzLfMS3RbBaqWy0B/py7yvhQI/ut8aTdcjg8UmlY1gLefsQ
vuC0xYV2xvPydUw38NtcQDmIGUKBLaV1NYHF0p4fZV2uZMmvep5BKsbeNcmMw3xp
a+c8/C/M0B3f3g3eWnWVlATJd2NqRZXkrtrKaZAoy7TCyqfUb/0jP477IZUOjSPH
8uOq2KD48B18bhEXL5ytiFj20tcl02+95BjkFNSjan86BFoEfR1en5dap6TmCaCy
slgGuzm+nhB4n5Pga0PMVc7UARA6r8okcXwH3QoC8KNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org