Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/gdBZwJOxqj8EjiesxuTzl9XA9u0.roa
File: gdBZwJOxqj8EjiesxuTzl9XA9u0.roa (raw, json)
Hash identifier: a7kdgePMyuWT45o+++L0jIdRsYJLa5n+H2UTD5Swej8=
Subject key identifier: 81:D0:59:C0:93:B1:AA:3F:04:8E:27:AC:C6:E4:F3:97:D5:C0:F6:ED
Certificate issuer: /CN=4e8db964389446cabcaf7941cd198342c2336dd0
Certificate serial: 018CC5002CACDE59752AFD9E11532C17D29C
Authority key identifier: 4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/gdBZwJOxqj8EjiesxuTzl9XA9u0.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200565
IP address blocks: 185.11.64.0/22 maxlen: 22
185.99.136.0/22 maxlen: 22
2a12:4540::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 18 Jul 2024 08:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2c:ac:de:59:75:2a:fd:9e:11:53:2c:17:d2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e8db964389446cabcaf7941cd198342c2336dd0
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81d059c093b1aa3f048e27acc6e4f397d5c0f6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b4:4f:5c:aa:a7:08:1b:73:dc:7c:d9:93:50:
c5:00:24:30:7c:22:e0:e1:ac:d9:97:53:3f:11:f2:
70:db:77:ab:62:2a:3c:c1:b3:02:03:28:bd:a1:a0:
85:0c:7e:2d:32:a0:ff:8b:9f:03:2f:d2:cb:f9:14:
0c:46:d7:46:01:74:74:26:b7:ec:78:85:fa:89:60:
8b:a2:e2:85:42:e1:3e:8f:18:ac:d4:c4:8c:53:4f:
f5:a8:ec:84:53:5b:65:8d:13:59:9e:02:b3:0e:74:
d7:2b:5a:5f:6b:23:6d:bf:51:1b:8a:fd:05:cb:61:
71:f8:2d:33:6a:8b:36:aa:c8:67:34:69:5e:88:8e:
3e:60:46:a3:4d:4a:11:6d:95:70:2d:39:f7:ba:21:
e4:49:94:76:38:11:9e:1c:ed:45:85:0c:2c:0f:ab:
e9:89:17:59:9b:97:d5:ae:03:ca:b3:7c:e3:00:52:
49:9c:2a:b5:f8:a5:39:2a:56:28:3f:27:c9:02:13:
c5:21:74:43:52:b9:df:5e:67:98:0a:0c:65:e0:1d:
1c:01:25:b0:62:ab:c5:13:a1:6b:f0:4f:03:58:4e:
3a:d3:7e:1c:df:9a:3d:25:e4:87:bf:09:e3:3c:8a:
21:93:78:db:8a:85:91:31:56:49:47:05:05:39:c8:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D0:59:C0:93:B1:AA:3F:04:8E:27:AC:C6:E4:F3:97:D5:C0:F6:ED
X509v3 Authority Key Identifier:
keyid:4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/gdBZwJOxqj8EjiesxuTzl9XA9u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.64.0/22
185.99.136.0/22
IPv6:
2a12:4540::/29
Signature Algorithm: sha256WithRSAEncryption
8d:42:81:55:d8:c6:ff:75:53:5c:f7:96:7b:fc:9a:ed:e0:b2:
1d:b2:44:c5:80:a1:db:a4:a3:9e:cd:bc:3c:93:94:4e:9d:0a:
64:c8:0c:d3:90:7c:a7:45:5d:eb:df:75:fa:08:01:d7:d9:e3:
ce:39:23:c7:02:ae:c4:60:c7:b1:15:f3:fe:b9:96:b7:0a:57:
12:08:11:ed:48:98:a1:3c:bd:c0:8a:9e:35:d5:0f:1c:3c:43:
82:f6:09:92:bd:9f:59:e9:fa:d2:4c:fe:43:66:c7:1d:3f:c7:
23:da:d8:94:67:b9:bb:69:70:0d:cf:36:f5:b8:2f:42:22:8f:
fd:04:8f:f4:c2:14:ea:05:9e:70:d8:df:4c:62:41:fb:70:f2:
f7:1e:62:6c:ef:c2:96:90:bd:36:77:ee:b4:bf:4b:e5:bf:9e:
ec:f8:a6:41:b9:32:51:68:ed:68:ac:31:ec:e5:7e:e7:d1:89:
fc:4e:6a:a1:e1:fd:02:69:9c:f1:be:91:41:6c:47:29:71:01:
ad:fb:92:27:da:76:75:00:55:45:5d:74:a7:99:9f:8d:bf:f6:
48:8b:96:b1:cf:b9:81:0b:49:07:66:c9:f1:96:b6:66:95:a6:
30:18:bc:ab:72:12:6b:83:a5:c9:84:32:a3:97:44:be:b6:64:
7f:d7:04:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFACys3ll1Kv2eEVMsF9KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOGRiOTY0Mzg5NDQ2Y2FiY2FmNzk0MWNkMTk4MzQyYzIz
MzZkZDAwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQwNTljMDkzYjFhYTNmMDQ4ZTI3YWNjNmU0ZjM5N2Q1YzBmNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbRPXKqnCBtz3HzZk1DFACQwfCLg
4azZl1M/EfJw23erYio8wbMCAyi9oaCFDH4tMqD/i58DL9LL+RQMRtdGAXR0Jrfs
eIX6iWCLouKFQuE+jxis1MSMU0/1qOyEU1tljRNZngKzDnTXK1pfayNtv1Ebiv0F
y2Fx+C0zaos2qshnNGleiI4+YEajTUoRbZVwLTn3uiHkSZR2OBGeHO1FhQwsD6vp
iRdZm5fVrgPKs3zjAFJJnCq1+KU5KlYoPyfJAhPFIXRDUrnfXmeYCgxl4B0cASWw
YqvFE6Fr8E8DWE46034c35o9JeSHvwnjPIohk3jbioWRMVZJRwUFOci6BQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIHQWcCTsao/BI4nrMbk85fVwPbtMB8GA1UdIwQY
MBaAFE6NuWQ4lEbKvK95Qc0Zg0LCM23QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUt
OTU0NjliZjA5MzQwLzEvZ2RCWndKT3hxajhFamllc3h1VHpsOVhBOXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUtOTU0NjliZjA5MzQw
LzEvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQtAAwQC
uWOIMA0EAgACMAcDBQMqEkVAMA0GCSqGSIb3DQEBCwUAA4IBAQCNQoFV2Mb/dVNc
95Z7/Jrt4LIdskTFgKHbpKOezbw8k5ROnQpkyAzTkHynRV3r33X6CAHX2ePOOSPH
Aq7EYMexFfP+uZa3ClcSCBHtSJihPL3Aip411Q8cPEOC9gmSvZ9Z6frSTP5DZscd
P8cj2tiUZ7m7aXANzzb1uC9CIo/9BI/0whTqBZ5w2N9MYkH7cPL3HmJs78KWkL02
d+60v0vlv57s+KZBuTJRaO1orDHs5X7n0Yn8Tmqh4f0CaZzxvpFBbEcpcQGt+5In
2nZ1AFVFXXSnmZ+Nv/ZIi5axz7mBC0kHZsnxlrZmlaYwGLyrchJrg6XJhDKjl0S+
tmR/1wQ2
-----END CERTIFICATE-----
Generated at Thu Jul 18 11:03:18 2024 by rpki-client on console-fra.rpki-client.org