Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/_wftQm2b9PvJ5eASbQY-Vhm-WXs.roa
File: _wftQm2b9PvJ5eASbQY-Vhm-WXs.roa (raw, json)
Hash identifier: ghbHFOtWAk+Txia2ZsyX9OYoeSzpnS06PW7n0cmvev0=
Subject key identifier: FF:07:ED:42:6D:9B:F4:FB:C9:E5:E0:12:6D:06:3E:56:19:BE:59:7B
Certificate issuer: /CN=12c603666719e979bef0921451a2ec264ed01209
Certificate serial: 01856EAFD61639C6458A1D04851D1C52353F
Authority key identifier: 12:C6:03:66:67:19:E9:79:BE:F0:92:14:51:A2:EC:26:4E:D0:12:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/_wftQm2b9PvJ5eASbQY-Vhm-WXs.roa
Signing time: Sun 01 Jan 2023 18:54:55 +0000
ROA not before: Sun 01 Jan 2023 18:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35398
IP address blocks: 185.211.29.0/24 maxlen: 24
185.211.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d6:16:39:c6:45:8a:1d:04:85:1d:1c:52:35:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c603666719e979bef0921451a2ec264ed01209
Validity
Not Before: Jan 1 18:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff07ed426d9bf4fbc9e5e0126d063e5619be597b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bb:9c:b3:cc:7d:43:dc:27:14:c0:2f:a1:87:
d2:c4:20:71:b9:0d:c3:c4:32:4b:7c:42:80:05:93:
39:d3:b8:bd:d7:ad:60:af:55:c5:fb:69:2e:c1:25:
b7:ca:dc:ee:4c:bf:44:8f:a6:d2:cf:de:a8:3c:10:
4f:91:41:73:1b:b0:b4:c8:37:78:60:7e:db:7e:92:
d7:82:67:ae:5e:61:34:f5:95:47:e6:08:05:ef:28:
48:f4:8e:20:85:36:b3:9f:c3:9f:5c:df:11:e9:0f:
3c:42:3b:c8:d7:58:5b:10:27:a1:98:c1:cf:1c:09:
bc:f1:fe:51:b9:60:bf:44:14:4c:71:80:7a:f8:ce:
67:74:25:4e:f6:c4:7a:84:fd:78:0c:70:f9:c0:d9:
8c:0d:3d:da:ec:79:fd:71:bf:ac:bb:c2:8e:e1:30:
40:f7:6d:a1:46:8a:be:d8:45:7f:f2:7a:a1:f6:19:
f3:6e:3a:04:4f:d4:7f:41:44:d3:f1:36:b6:48:d7:
61:70:77:13:10:40:62:16:6a:69:e4:4a:4c:9d:b9:
df:1c:33:34:fd:ee:e0:c5:85:ae:28:09:8f:5a:3c:
e1:77:5b:a8:fe:03:4c:34:15:a7:18:d5:1f:c9:79:
97:98:4a:9e:45:c5:43:e7:26:fd:e5:d5:aa:41:d8:
35:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:07:ED:42:6D:9B:F4:FB:C9:E5:E0:12:6D:06:3E:56:19:BE:59:7B
X509v3 Authority Key Identifier:
keyid:12:C6:03:66:67:19:E9:79:BE:F0:92:14:51:A2:EC:26:4E:D0:12:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/_wftQm2b9PvJ5eASbQY-Vhm-WXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.28.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:6a:1b:be:c1:d0:cc:e0:b3:67:66:93:ac:af:e4:cb:eb:a3:
cd:48:03:26:4a:c2:a6:2b:8a:1b:90:89:f0:e7:54:b3:cf:df:
22:55:b9:8f:d4:49:73:29:e9:86:7a:f1:c2:a1:b5:2d:f1:e4:
3d:59:13:3a:cb:45:dd:c5:5d:d1:eb:7d:c0:b9:52:3c:a8:a3:
aa:6e:f2:cd:f7:d9:0f:34:09:b0:35:c9:cd:02:a0:78:b5:57:
92:1c:3b:06:5a:15:18:44:51:a2:4e:6c:f8:ad:56:4d:33:55:
85:e3:04:06:db:d8:58:88:8b:95:8e:68:f9:4e:ee:b1:db:f0:
63:ed:31:e3:78:06:3f:6d:8e:fb:4c:2f:ff:d1:d9:f7:2b:8b:
5e:f8:dd:52:99:28:99:d9:fa:cd:f4:38:08:e7:33:dd:20:c8:
90:12:2e:9f:e0:88:ca:8c:97:a3:75:3f:6c:23:dc:a8:dd:41:
a5:8e:25:19:fb:e3:a8:51:de:ad:ee:ce:95:87:1e:fc:36:ed:
0b:f9:1e:38:85:fa:ab:5e:3a:3e:93:f8:4b:31:c6:c8:5c:bc:
6d:ca:bd:5e:1c:ec:14:c8:ea:3e:83:33:59:5a:0a:ef:8c:e1:
97:bb:1c:04:dd:9a:a9:a3:92:cb:c2:31:5f:d1:0f:80:8c:fe:
3a:da:aa:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9YWOcZFih0EhR0cUjU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzYwMzY2NjcxOWU5NzliZWYwOTIxNDUxYTJlYzI2NGVk
MDEyMDkwHhcNMjMwMTAxMTg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA3ZWQ0MjZkOWJmNGZiYzllNWUwMTI2ZDA2M2U1NjE5YmU1OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7ucs8x9Q9wnFMAvoYfSxCBxuQ3D
xDJLfEKABZM507i9161gr1XF+2kuwSW3ytzuTL9Ej6bSz96oPBBPkUFzG7C0yDd4
YH7bfpLXgmeuXmE09ZVH5ggF7yhI9I4ghTazn8OfXN8R6Q88QjvI11hbECehmMHP
HAm88f5RuWC/RBRMcYB6+M5ndCVO9sR6hP14DHD5wNmMDT3a7Hn9cb+su8KO4TBA
922hRoq+2EV/8nqh9hnzbjoET9R/QUTT8Ta2SNdhcHcTEEBiFmpp5EpMnbnfHDM0
/e7gxYWuKAmPWjzhd1uo/gNMNBWnGNUfyXmXmEqeRcVD5yb95dWqQdg1tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8H7UJtm/T7yeXgEm0GPlYZvll7MB8GA1UdIwQY
MBaAFBLGA2ZnGel5vvCSFFGi7CZO0BIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNZRFptY1o2WG0tOEpJVVVhTHNKazdRRWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jMmQzOTktNGFlOS00NDMxLTkxNjEt
NThlZmEwYmVlMDg0LzEvX3dmdFFtMmI5UHZKNWVBU2JRWS1WaG0tV1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jMmQzOTktNGFlOS00NDMxLTkxNjEtNThlZmEwYmVlMDg0
LzEvRXNZRFptY1o2WG0tOEpJVVVhTHNKazdRRWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudMcMA0G
CSqGSIb3DQEBCwUAA4IBAQBcahu+wdDM4LNnZpOsr+TL66PNSAMmSsKmK4obkInw
51Szz98iVbmP1ElzKemGevHCobUt8eQ9WRM6y0XdxV3R633AuVI8qKOqbvLN99kP
NAmwNcnNAqB4tVeSHDsGWhUYRFGiTmz4rVZNM1WF4wQG29hYiIuVjmj5Tu6x2/Bj
7THjeAY/bY77TC//0dn3K4te+N1SmSiZ2frN9DgI5zPdIMiQEi6f4IjKjJejdT9s
I9yo3UGljiUZ++OoUd6t7s6Vhx78Nu0L+R44hfqrXjo+k/hLMcbIXLxtyr1eHOwU
yOo+gzNZWgrvjOGXuxwE3Zqpo5LLwjFf0Q+AjP462qoY
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:25 2024 by rpki-client on console-fra.rpki-client.org