Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/1--4wgR5_MYJn7jcPJ06bgvNV2YE.roa
File: 1--4wgR5_MYJn7jcPJ06bgvNV2YE.roa (raw, json)
Hash identifier: GIKM01grvDFDTcDc8zogpY9pvihzRX2iZ1VVEe7W8iA=
Subject key identifier: FB:EE:30:81:1E:7F:31:82:67:EE:37:0F:27:4E:9B:82:F3:55:D9:81
Certificate issuer: /CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Certificate serial: 018BB828B50B5729FC12537EB59A5F555446
Authority key identifier: 1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/1--4wgR5_MYJn7jcPJ06bgvNV2YE.roa
Signing time: Fri 10 Nov 2023 07:35:57 +0000
ROA not before: Fri 10 Nov 2023 07:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202790
IP address blocks: 212.18.121.0/24 maxlen: 24
185.152.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:28:b5:0b:57:29:fc:12:53:7e:b5:9a:5f:55:54:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Validity
Not Before: Nov 10 07:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbee30811e7f318267ee370f274e9b82f355d981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e0:d4:7b:54:0f:7a:98:c9:5f:79:e8:f5:42:
d9:71:22:1d:73:5c:b5:ea:73:bb:14:7e:08:88:ae:
9b:7d:8b:52:16:fc:3c:a5:2b:80:6f:57:61:17:e8:
4c:88:0f:6a:aa:b9:8b:7c:3d:6b:9d:c7:9b:99:be:
79:c1:38:96:be:88:0f:ef:df:a9:f3:f4:8c:f2:24:
37:f8:85:65:cb:c1:fb:8b:6c:20:05:70:a5:87:b4:
80:85:6d:4a:52:3d:d6:93:90:c8:a4:7e:c3:11:0c:
1e:05:82:8f:b0:2b:d8:a3:96:7a:9b:6b:6f:14:7a:
a8:02:d6:ad:a1:37:c4:cf:ce:6a:1e:8d:3a:67:7f:
d2:92:f9:e2:65:02:c3:c8:60:aa:69:20:fb:95:47:
d9:c3:81:e2:d4:ba:11:1f:17:fc:e5:d8:28:05:a2:
34:62:0b:40:31:0f:13:19:d6:25:43:8d:d3:87:ed:
56:17:c1:12:62:22:d7:b5:e4:74:0d:22:f0:fc:9c:
ac:7e:c7:89:6a:61:b0:f8:e9:eb:a0:38:b4:98:71:
18:6b:43:06:92:5d:8c:f9:f7:0c:97:6a:e1:d6:46:
7d:bc:d6:12:13:f4:cf:92:6d:07:67:e7:88:ab:c4:
de:8d:64:31:60:8c:24:92:1b:e0:e6:7c:ac:52:51:
79:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EE:30:81:1E:7F:31:82:67:EE:37:0F:27:4E:9B:82:F3:55:D9:81
X509v3 Authority Key Identifier:
keyid:1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/1--4wgR5_MYJn7jcPJ06bgvNV2YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/Hg5NLb3phv3CW_O_dWN4UtqHq_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.124.0/22
212.18.121.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b1:f0:39:d9:a1:b4:c0:94:b7:9e:a4:cf:bc:b0:5d:7b:5b:
cb:55:f5:d1:87:d8:14:90:7a:5e:ac:63:f5:a3:ba:6f:a1:6f:
84:25:55:59:71:21:1d:79:77:df:02:e0:fc:4b:42:87:a7:e0:
a8:7c:12:e1:f5:db:b2:9a:c7:c0:d8:16:6b:c7:64:97:f7:de:
11:99:ab:ba:45:8b:ef:96:f3:0c:f0:b7:7f:66:ca:2b:00:57:
c2:bb:74:5e:5f:d5:5a:a1:f3:f1:2a:1f:a0:f6:87:a3:66:5f:
87:ef:41:8d:ea:b3:e5:62:6c:bf:85:f9:97:84:b1:22:86:5e:
02:3e:e1:15:88:8e:e3:37:f6:69:2c:36:6e:62:80:67:63:e5:
64:7c:d1:89:7d:70:11:b0:19:aa:53:ae:2f:47:86:a8:b3:87:
fb:e1:f6:63:36:40:79:81:6c:5a:f8:e8:72:c2:9b:5d:78:4d:
e9:b0:5d:5f:b9:d2:56:5c:92:4c:0f:ab:75:23:52:d3:45:8e:
dc:a2:28:4f:a3:35:86:37:a4:33:c6:f0:ad:e4:59:8a:15:c3:
47:20:c0:2d:c3:41:b4:19:24:35:6b:45:21:d6:db:bf:70:58:
e4:ef:a7:46:8c:3f:82:38:f2:e4:8f:7c:d1:3f:b3:d3:0c:dd:
97:b5:71:6f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYu4KLULVyn8ElN+tZpfVVRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMGU0ZDJkYmRlOTg2ZmRjMjViZjNiZjc1NjM3ODUyZGE4
N2FiZjEwHhcNMjMxMTEwMDczNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVlMzA4MTFlN2YzMTgyNjdlZTM3MGYyNzRlOWI4MmYzNTVkOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgODUe1QPepjJX3no9ULZcSIdc1y1
6nO7FH4IiK6bfYtSFvw8pSuAb1dhF+hMiA9qqrmLfD1rncebmb55wTiWvogP79+p
8/SM8iQ3+IVly8H7i2wgBXClh7SAhW1KUj3Wk5DIpH7DEQweBYKPsCvYo5Z6m2tv
FHqoAtatoTfEz85qHo06Z3/SkvniZQLDyGCqaSD7lUfZw4Hi1LoRHxf85dgoBaI0
YgtAMQ8TGdYlQ43Th+1WF8ESYiLXteR0DSLw/JysfseJamGw+OnroDi0mHEYa0MG
kl2M+fcMl2rh1kZ9vNYSE/TPkm0HZ+eIq8TejWQxYIwkkhvg5nysUlF58wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvuMIEefzGCZ+43DydOm4LzVdmBMB8GA1UdIwQY
MBaAFB4OTS296Yb9wlvzv3VjeFLah6vxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGc1TkxiM3BodjNDV19PX2RXTjRVdHFIcV9FLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jOWUxMTUtMTIzNi00ZmRhLWEwMzMt
OTllZWExZjBhMzU0LzEvMS0tNHdnUjVfTVlKbjdqY1BKMDZiZ3ZOVjJZRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvYzllMTE1LTEyMzYtNGZkYS1hMDMzLTk5ZWVhMWYwYTM1
NC8xL0hnNU5MYjNwaHYzQ1dfT19kV040VXRxSHFfRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmYfAME
ANQSeTANBgkqhkiG9w0BAQsFAAOCAQEAUbHwOdmhtMCUt56kz7ywXXtby1X10YfY
FJB6Xqxj9aO6b6FvhCVVWXEhHXl33wLg/EtCh6fgqHwS4fXbsprHwNgWa8dkl/fe
EZmrukWL75bzDPC3f2bKKwBXwrt0Xl/VWqHz8SofoPaHo2Zfh+9Bjeqz5WJsv4X5
l4SxIoZeAj7hFYiO4zf2aSw2bmKAZ2PlZHzRiX1wEbAZqlOuL0eGqLOH++H2YzZA
eYFsWvjocsKbXXhN6bBdX7nSVlySTA+rdSNS00WO3KIoT6M1hjekM8bwreRZihXD
RyDALcNBtBkkNWtFIdbbv3BY5O+nRow/gjjy5I980T+z0wzdl7Vxbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:35 2024 by rpki-client on console-fra.rpki-client.org