Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/IeX22PY2GxgqLb5MZMXzqPt-wRg.roa
File: IeX22PY2GxgqLb5MZMXzqPt-wRg.roa (raw, json)
Hash identifier: jXTJd82Xtp5lquS3NtubJfGW008ynYi17VBv2ur1zn8=
Subject key identifier: 21:E5:F6:D8:F6:36:1B:18:2A:2D:BE:4C:64:C5:F3:A8:FB:7E:C1:18
Certificate issuer: /CN=4e8db964389446cabcaf7941cd198342c2336dd0
Certificate serial: 01898C0CA393516501941E70D4446198C02A
Authority key identifier: 4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/IeX22PY2GxgqLb5MZMXzqPt-wRg.roa
Signing time: Tue 25 Jul 2023 07:56:25 +0000
ROA not before: Tue 25 Jul 2023 07:56:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200565
IP address blocks: 185.11.64.0/22 maxlen: 22
185.99.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Jul 2023 08:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:0c:a3:93:51:65:01:94:1e:70:d4:44:61:98:c0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e8db964389446cabcaf7941cd198342c2336dd0
Validity
Not Before: Jul 25 07:56:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21e5f6d8f6361b182a2dbe4c64c5f3a8fb7ec118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:97:d0:8a:9e:71:59:1b:a9:ba:24:a7:7b:b9:
18:22:b2:4b:9e:43:42:f4:ea:a3:94:6e:e9:f7:de:
36:8d:f2:56:a0:a5:5d:3f:09:a0:f2:4e:b8:2d:c0:
19:e2:a0:5d:cc:0d:3d:73:3d:21:74:e6:50:5b:c3:
e2:60:86:bf:de:c7:90:3d:34:cc:42:6f:21:70:a5:
11:82:2c:7e:a0:ba:d2:19:df:92:3f:7a:87:97:a6:
d5:69:21:6f:4a:09:32:2e:64:c6:c3:c8:31:82:35:
0a:05:69:7c:9d:a8:0a:cf:a0:cd:ce:71:21:4d:1b:
c5:ac:05:eb:fb:d3:0b:27:90:53:e1:a2:43:08:4a:
d6:ec:d3:2e:af:42:ff:96:ed:fb:7e:b9:0b:d2:b9:
eb:d5:4e:43:81:ad:17:ce:b0:a8:52:aa:b6:12:22:
e4:14:f9:c4:64:99:b7:ab:d7:aa:1d:c1:60:38:52:
36:5e:5a:6e:78:89:90:f6:a4:a9:27:c2:0b:6d:fc:
82:65:2c:63:7b:b7:f2:b8:c5:a9:a1:98:40:80:6a:
a2:7d:20:5b:d1:a4:e1:40:e4:ef:91:68:e1:21:f3:
4d:c2:d2:70:af:59:98:a9:7a:27:20:d7:bc:c8:57:
32:ad:56:fd:a9:7e:a3:67:01:a6:84:e3:31:f9:d2:
f3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E5:F6:D8:F6:36:1B:18:2A:2D:BE:4C:64:C5:F3:A8:FB:7E:C1:18
X509v3 Authority Key Identifier:
keyid:4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/IeX22PY2GxgqLb5MZMXzqPt-wRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.64.0/22
185.99.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:cd:d3:96:4c:e1:81:3c:af:24:32:b5:c1:50:23:a1:25:70:
a0:a3:cb:62:06:14:5d:63:24:7f:0f:b6:fb:6c:4e:59:1e:35:
4f:31:32:4d:28:7e:84:d5:a9:4a:f8:0d:d0:6c:e1:f7:97:72:
0f:54:98:0e:ba:8d:b8:15:4a:d4:26:ec:c8:94:64:e1:48:ec:
64:4e:82:f0:49:6f:ad:5c:e9:c3:db:e9:bb:2c:9a:7f:de:23:
79:aa:2f:48:2e:97:3f:e1:a3:32:c6:43:1b:07:94:94:fa:6a:
6b:00:73:f6:8d:71:be:f0:37:53:68:12:88:b1:26:10:28:cd:
c0:fc:19:2e:6e:ee:43:82:29:46:66:1b:04:4a:ff:28:e6:31:
84:cf:ac:79:f6:27:ad:74:61:c1:fd:ec:58:25:cf:49:0a:69:
50:84:70:2e:83:23:46:24:87:6d:a7:48:3c:1d:1e:7e:e2:4a:
09:4a:fd:c1:c7:b0:db:fa:0d:a2:e3:e5:cb:2b:e7:06:78:b1:
24:fd:0b:ec:1b:2b:6f:cc:40:ec:78:e0:1c:62:20:1b:4b:11:
fe:45:f9:66:a1:38:df:7e:5b:aa:36:83:ca:58:f2:df:f2:5a:
8e:53:6a:af:52:81:a7:60:dd:69:e9:37:ae:40:70:a3:79:58:
fc:3c:e2:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmMDKOTUWUBlB5w1ERhmMAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOGRiOTY0Mzg5NDQ2Y2FiY2FmNzk0MWNkMTk4MzQyYzIz
MzZkZDAwHhcNMjMwNzI1MDc1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU1ZjZkOGY2MzYxYjE4MmEyZGJlNGM2NGM1ZjNhOGZiN2VjMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZfQip5xWRupuiSne7kYIrJLnkNC
9OqjlG7p9942jfJWoKVdPwmg8k64LcAZ4qBdzA09cz0hdOZQW8PiYIa/3seQPTTM
Qm8hcKURgix+oLrSGd+SP3qHl6bVaSFvSgkyLmTGw8gxgjUKBWl8nagKz6DNznEh
TRvFrAXr+9MLJ5BT4aJDCErW7NMur0L/lu37frkL0rnr1U5Dga0XzrCoUqq2EiLk
FPnEZJm3q9eqHcFgOFI2XlpueImQ9qSpJ8ILbfyCZSxje7fyuMWpoZhAgGqifSBb
0aThQOTvkWjhIfNNwtJwr1mYqXonINe8yFcyrVb9qX6jZwGmhOMx+dLziQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCHl9tj2NhsYKi2+TGTF86j7fsEYMB8GA1UdIwQY
MBaAFE6NuWQ4lEbKvK95Qc0Zg0LCM23QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUt
OTU0NjliZjA5MzQwLzEvSWVYMjJQWTJHeGdxTGI1TVpNWHpxUHQtd1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUtOTU0NjliZjA5MzQw
LzEvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQtAAwQC
uWOIMA0GCSqGSIb3DQEBCwUAA4IBAQB7zdOWTOGBPK8kMrXBUCOhJXCgo8tiBhRd
YyR/D7b7bE5ZHjVPMTJNKH6E1alK+A3QbOH3l3IPVJgOuo24FUrUJuzIlGThSOxk
ToLwSW+tXOnD2+m7LJp/3iN5qi9ILpc/4aMyxkMbB5SU+mprAHP2jXG+8DdTaBKI
sSYQKM3A/Bkubu5DgilGZhsESv8o5jGEz6x59ietdGHB/exYJc9JCmlQhHAugyNG
JIdtp0g8HR5+4koJSv3Bx7Db+g2i4+XLK+cGeLEk/QvsGytvzEDseOAcYiAbSxH+
RflmoTjffluqNoPKWPLf8lqOU2qvUoGnYN1p6TeuQHCjeVj8POIq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:57 2024 by rpki-client on console-fra.rpki-client.org