Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/_oqELpoA5-Xxl34fqxmniB5JH5k.roa
File: _oqELpoA5-Xxl34fqxmniB5JH5k.roa (raw, json)
Hash identifier: CVnRnMusQHlncGYvYahMVlResEp8A5GgzhAo0oSUu2g=
Subject key identifier: FE:8A:84:2E:9A:00:E7:E5:F1:97:7E:1F:AB:19:A7:88:1E:49:1F:99
Certificate issuer: /CN=15b595260f72c222547ac3e367f2c887ae38a3fc
Certificate serial: 0188C364D22524A433B16786DCD6605BD0DC
Authority key identifier: 15:B5:95:26:0F:72:C2:22:54:7A:C3:E3:67:F2:C8:87:AE:38:A3:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FbWVJg9ywiJUesPjZ_LIh644o_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/_oqELpoA5-Xxl34fqxmniB5JH5k.roa
Signing time: Fri 16 Jun 2023 08:49:04 +0000
ROA not before: Fri 16 Jun 2023 08:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205665
IP address blocks: 185.209.232.0/22 maxlen: 22
185.209.232.0/24 maxlen: 24
185.209.233.0/24 maxlen: 24
185.209.234.0/24 maxlen: 24
185.209.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:64:d2:25:24:a4:33:b1:67:86:dc:d6:60:5b:d0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15b595260f72c222547ac3e367f2c887ae38a3fc
Validity
Not Before: Jun 16 08:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe8a842e9a00e7e5f1977e1fab19a7881e491f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c6:2b:92:e6:1f:16:47:0f:0b:4b:ce:07:75:
45:c0:b3:84:a9:9c:68:83:eb:f4:18:dd:87:d1:38:
3a:50:dc:4f:28:8b:0d:0e:53:4b:9a:1d:af:11:10:
97:10:8e:1b:e1:d7:f1:e2:55:bb:aa:ae:95:cd:bf:
7f:49:c3:74:fd:ff:80:ac:3a:b8:9c:dc:b4:13:f9:
59:25:e3:56:84:c5:83:35:c1:ef:63:af:25:97:3b:
70:1b:f4:75:5c:90:4a:05:b1:44:d7:2b:21:6e:40:
17:93:73:71:f0:b9:0d:e9:1d:39:09:2e:25:1f:03:
cf:68:0a:16:81:76:21:fa:06:22:71:1c:46:27:2b:
08:51:ca:b9:6e:af:d0:48:cc:90:8f:3e:8e:45:b3:
30:09:01:e8:55:ff:ea:3b:ec:2d:f3:19:02:4d:6b:
7b:e0:17:0d:36:19:db:c6:82:47:0f:32:3a:70:87:
ea:5b:b5:00:4c:53:72:74:02:3b:fa:7d:71:6c:75:
b9:33:d0:ff:4d:16:ee:de:1c:c3:e4:92:d9:e1:2d:
ce:9e:6d:e6:e6:07:26:58:99:34:de:4e:e7:53:0d:
95:70:a4:aa:78:8c:0e:4a:fc:48:eb:20:7b:d5:01:
7b:0b:02:c2:8b:70:7b:9a:db:ab:7a:68:f9:96:97:
60:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:8A:84:2E:9A:00:E7:E5:F1:97:7E:1F:AB:19:A7:88:1E:49:1F:99
X509v3 Authority Key Identifier:
keyid:15:B5:95:26:0F:72:C2:22:54:7A:C3:E3:67:F2:C8:87:AE:38:A3:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FbWVJg9ywiJUesPjZ_LIh644o_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/_oqELpoA5-Xxl34fqxmniB5JH5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/FbWVJg9ywiJUesPjZ_LIh644o_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:46:de:d8:6c:92:0a:eb:65:aa:b6:1b:d5:45:1c:85:64:32:
e4:ee:2d:3f:49:c8:43:b7:72:a3:0b:cf:97:9f:14:6e:37:f0:
af:7f:3f:7c:cd:22:8c:5a:aa:cc:79:73:17:88:c0:59:7a:b9:
79:23:47:2e:94:bf:0a:db:dc:9f:4c:01:b0:0b:bb:0a:e7:1d:
91:e2:21:f9:bb:3b:5b:65:d7:1f:cf:81:3e:8a:93:3f:43:3b:
6b:bc:fb:44:d8:22:a9:c0:21:1b:1e:66:3d:18:8c:20:f1:39:
75:c7:b3:dd:7d:0b:ad:da:27:94:4e:cc:76:8e:b0:28:b3:ac:
02:c1:ba:99:2c:8e:54:75:a8:b0:29:88:53:bf:73:d1:81:9e:
be:69:a6:c3:b4:68:74:db:66:9d:ae:82:4b:e3:c1:0b:67:0d:
e3:ba:47:b4:32:c8:f5:bc:94:34:6b:d2:0a:17:20:11:85:ee:
97:12:a4:b1:cb:8b:ac:d1:35:74:c3:7b:a1:bd:6f:f3:46:89:
7f:52:0b:83:4b:f5:dd:58:59:d2:c6:46:9d:86:b2:0e:65:67:
5e:b4:fc:e3:77:63:17:dc:1f:33:77:6e:68:b4:07:b5:78:73:
68:fd:d7:ce:21:03:4d:69:35:2a:a6:33:8d:b7:a8:b5:33:f3:
c3:54:27:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjDZNIlJKQzsWeG3NZgW9DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YjU5NTI2MGY3MmMyMjI1NDdhYzNlMzY3ZjJjODg3YWUz
OGEzZmMwHhcNMjMwNjE2MDg0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZThhODQyZTlhMDBlN2U1ZjE5NzdlMWZhYjE5YTc4ODFlNDkxZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMYrkuYfFkcPC0vOB3VFwLOEqZxo
g+v0GN2H0Tg6UNxPKIsNDlNLmh2vERCXEI4b4dfx4lW7qq6Vzb9/ScN0/f+ArDq4
nNy0E/lZJeNWhMWDNcHvY68llztwG/R1XJBKBbFE1yshbkAXk3Nx8LkN6R05CS4l
HwPPaAoWgXYh+gYicRxGJysIUcq5bq/QSMyQjz6ORbMwCQHoVf/qO+wt8xkCTWt7
4BcNNhnbxoJHDzI6cIfqW7UATFNydAI7+n1xbHW5M9D/TRbu3hzD5JLZ4S3Onm3m
5gcmWJk03k7nUw2VcKSqeIwOSvxI6yB71QF7CwLCi3B7mturemj5lpdg2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6KhC6aAOfl8Zd+H6sZp4geSR+ZMB8GA1UdIwQY
MBaAFBW1lSYPcsIiVHrD42fyyIeuOKP8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmJXVkpnOXl3aUpVZXNQalpfTEloNjQ0b193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82MTRkNjQtMzdkMy00YmJjLThmM2Qt
YjQzY2Q0ZDk3YzhlLzEvX29xRUxwb0E1LVh4bDM0ZnF4bW5pQjVKSDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82MTRkNjQtMzdkMy00YmJjLThmM2QtYjQzY2Q0ZDk3Yzhl
LzEvRmJXVkpnOXl3aUpVZXNQalpfTEloNjQ0b193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudHoMA0G
CSqGSIb3DQEBCwUAA4IBAQAORt7YbJIK62WqthvVRRyFZDLk7i0/SchDt3KjC8+X
nxRuN/Cvfz98zSKMWqrMeXMXiMBZerl5I0culL8K29yfTAGwC7sK5x2R4iH5uztb
Zdcfz4E+ipM/QztrvPtE2CKpwCEbHmY9GIwg8Tl1x7PdfQut2ieUTsx2jrAos6wC
wbqZLI5UdaiwKYhTv3PRgZ6+aabDtGh022adroJL48ELZw3juke0Msj1vJQ0a9IK
FyARhe6XEqSxy4us0TV0w3uhvW/zRol/UguDS/XdWFnSxkadhrIOZWdetPzjd2MX
3B8zd25otAe1eHNo/dfOIQNNaTUqpjONt6i1M/PDVCc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:44 2024 by rpki-client on console-fra.rpki-client.org