Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xPQVXY6zECc5MXZ-3nBeC4eTg7g.roa
File: xPQVXY6zECc5MXZ-3nBeC4eTg7g.roa (raw, json)
Hash identifier: KpOz9AupyJLIltvHWYVQ1qRsWTt0TzVJcJ1/4AInmnE=
Subject key identifier: C4:F4:15:5D:8E:B3:10:27:39:31:76:7E:DE:70:5E:0B:87:93:83:B8
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0186A18FEE4D3109614B88606E3867255269
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xPQVXY6zECc5MXZ-3nBeC4eTg7g.roa
Signing time: Thu 02 Mar 2023 09:03:29 +0000
ROA not before: Thu 02 Mar 2023 09:03:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211327
IP address blocks: 185.254.28.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:8f:ee:4d:31:09:61:4b:88:60:6e:38:67:25:52:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 2 09:03:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f4155d8eb310273931767ede705e0b879383b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:1d:d2:a5:35:d2:98:4e:73:f9:24:e3:59:
99:42:b4:a6:d5:36:29:4f:28:07:f1:60:70:7b:a5:
63:32:b3:0b:54:ff:a8:69:bb:c0:81:f7:a1:fe:d8:
12:d7:a6:89:76:72:c0:98:2d:82:8f:d0:6f:9f:f4:
47:d3:7a:95:69:7f:68:5b:e0:a7:b9:48:b5:64:ac:
d8:d7:5e:f1:ad:9d:eb:98:67:a1:97:ba:36:91:3c:
bb:6e:e6:c8:60:40:19:d3:1b:60:19:94:fb:5f:aa:
0b:26:02:a5:ad:a6:c5:e1:00:67:a8:b2:77:b1:40:
d2:20:75:14:cc:72:ee:f3:d7:a4:fd:2e:06:9a:ef:
a8:bb:c8:de:18:79:38:f1:c9:29:b8:84:68:f8:63:
d2:92:e1:2c:bb:2e:9b:9e:31:8f:31:6b:61:dc:52:
0d:d1:67:03:4b:51:cc:6b:46:b8:f8:d0:fc:5b:fb:
4f:95:b5:08:d2:50:8b:a4:4f:60:34:28:ac:53:c6:
77:55:04:43:78:b9:89:0c:fc:dc:c0:da:1d:c0:3d:
21:57:44:99:92:e3:ec:23:20:32:c2:6b:31:28:cc:
96:de:ed:f7:9a:9c:66:ac:8d:69:dd:c4:fd:a5:31:
46:f8:31:31:59:45:00:72:3e:e7:21:66:e7:40:11:
96:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F4:15:5D:8E:B3:10:27:39:31:76:7E:DE:70:5E:0B:87:93:83:B8
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xPQVXY6zECc5MXZ-3nBeC4eTg7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.202.0/24
185.254.28.0/24
Signature Algorithm: sha256WithRSAEncryption
51:3e:ab:63:e8:ad:4d:ff:f6:b3:50:84:4b:b8:7c:73:89:90:
fa:f1:7c:d3:6c:8a:4b:f9:46:a3:54:39:41:7e:75:79:7f:28:
0d:22:36:75:7c:1a:6b:6c:d4:75:6a:3b:63:41:d1:e1:83:bf:
ec:c6:3d:ae:8b:5a:f5:c2:17:3c:9a:75:15:c3:93:b0:92:08:
94:9f:86:7a:b9:c9:7f:84:e7:3b:a4:a7:7e:21:cf:f0:0d:fc:
ac:e5:ae:6f:06:d1:28:90:a3:d0:79:75:f5:f5:77:8b:64:6a:
23:b7:ba:59:a9:09:49:99:9c:9b:4e:0c:95:8c:cc:a4:63:77:
fd:38:e4:b2:70:54:fb:1a:31:e4:d3:a0:5b:f0:c6:d9:79:53:
46:18:c7:5f:b8:76:8b:44:2b:4c:30:b8:68:17:5d:c9:ae:ac:
34:bb:b4:96:0f:6f:28:33:b0:01:2d:22:69:7c:5f:f1:a5:14:
5c:d5:1d:36:05:47:2a:a6:ab:0a:3b:c9:0d:5e:31:53:45:b1:
2b:8b:cc:8e:5e:6c:43:fb:75:63:90:fe:20:04:7e:3c:b8:8c:
85:9e:2e:ba:05:28:72:91:15:58:b3:1b:8b:71:27:fa:5a:78:
73:50:70:81:8d:fa:ac:06:74:4c:af:9c:a0:ae:2e:11:6a:ba:
2e:c5:01:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYahj+5NMQlhS4hgbjhnJVJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzAyMDkwMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY0MTU1ZDhlYjMxMDI3MzkzMTc2N2VkZTcwNWUwYjg3OTM4M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiId0qU10phOc/kk41mZQrSm1TYp
TygH8WBwe6VjMrMLVP+oabvAgfeh/tgS16aJdnLAmC2Cj9Bvn/RH03qVaX9oW+Cn
uUi1ZKzY117xrZ3rmGehl7o2kTy7bubIYEAZ0xtgGZT7X6oLJgKlrabF4QBnqLJ3
sUDSIHUUzHLu89ek/S4Gmu+ou8jeGHk48ckpuIRo+GPSkuEsuy6bnjGPMWth3FIN
0WcDS1HMa0a4+ND8W/tPlbUI0lCLpE9gNCisU8Z3VQRDeLmJDPzcwNodwD0hV0SZ
kuPsIyAywmsxKMyW3u33mpxmrI1p3cT9pTFG+DExWUUAcj7nIWbnQBGW5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMT0FV2OsxAnOTF2ft5wXguHk4O4MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEveFBRVlhZNnpFQ2M1TVhaLTNuQmVDNGVUZzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufnKAwQA
uf4cMA0GCSqGSIb3DQEBCwUAA4IBAQBRPqtj6K1N//azUIRLuHxziZD68XzTbIpL
+UajVDlBfnV5fygNIjZ1fBprbNR1ajtjQdHhg7/sxj2ui1r1whc8mnUVw5OwkgiU
n4Z6ucl/hOc7pKd+Ic/wDfys5a5vBtEokKPQeXX19XeLZGojt7pZqQlJmZybTgyV
jMykY3f9OOSycFT7GjHk06Bb8MbZeVNGGMdfuHaLRCtMMLhoF13Jrqw0u7SWD28o
M7ABLSJpfF/xpRRc1R02BUcqpqsKO8kNXjFTRbEri8yOXmxD+3VjkP4gBH48uIyF
ni66BShykRVYsxuLcSf6WnhzUHCBjfqsBnRMr5ygri4RarouxQFc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org