Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/FDsI9zlqEgXD66FvZoKmsL_HMeY.roa
File: FDsI9zlqEgXD66FvZoKmsL_HMeY.roa (raw, json)
Hash identifier: qQqfUgAdFW8Qdsbgwaa4zyc96b76RKbaX8/9zbco5XQ=
Subject key identifier: 14:3B:08:F7:39:6A:12:05:C3:EB:A1:6F:66:82:A6:B0:BF:C7:31:E6
Certificate issuer: /CN=01202596d5cece37dc34c861064578fc6daa5e86
Certificate serial: 01856D0A892C437973E6DEA9EED067D6F2FB
Authority key identifier: 01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/FDsI9zlqEgXD66FvZoKmsL_HMeY.roa
Signing time: Sun 01 Jan 2023 11:14:44 +0000
ROA not before: Sun 01 Jan 2023 11:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61399
IP address blocks: 185.211.228.0/24 maxlen: 24
185.211.231.0/24 maxlen: 24
185.211.228.0/22 maxlen: 22
185.211.230.0/24 maxlen: 24
185.211.229.0/24 maxlen: 24
2a0b:6e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:89:2c:43:79:73:e6:de:a9:ee:d0:67:d6:f2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01202596d5cece37dc34c861064578fc6daa5e86
Validity
Not Before: Jan 1 11:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=143b08f7396a1205c3eba16f6682a6b0bfc731e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bf:1b:1c:72:43:b1:69:e8:c0:94:cf:ee:c3:
3e:47:34:75:e5:38:98:87:b7:3c:8a:ee:3b:75:7f:
36:f2:3b:08:f7:d2:80:37:28:e7:ef:66:63:38:8f:
03:c2:7c:75:ea:51:bd:82:65:12:08:f4:10:be:18:
b3:7e:9d:3d:07:10:e7:c9:1a:80:d1:ef:fb:24:f4:
26:7e:51:c5:d4:52:65:8e:c4:ff:2d:ad:1e:2a:ce:
6d:f4:56:80:fc:32:a0:42:b7:61:2a:8c:03:d0:2f:
6d:bd:00:b1:d5:53:9f:db:0b:99:34:46:a4:21:28:
01:90:d3:b7:ca:36:b5:e1:1d:3a:f7:09:38:e3:bb:
86:f6:be:24:a9:4c:93:b9:a4:af:61:94:ca:55:dc:
82:dc:b4:72:fe:0e:bb:3e:f7:76:d2:53:37:38:85:
9b:57:b2:d6:03:53:96:69:0a:5d:60:9d:7c:fb:63:
1b:56:aa:56:ed:d8:b8:96:fd:21:1b:51:49:56:52:
63:1f:3f:23:6b:7e:73:42:e7:50:81:5e:23:b8:38:
a2:66:09:65:80:83:57:2e:9f:c9:a3:66:2b:65:4c:
2d:30:2e:f7:03:c0:d3:d8:ea:55:bd:54:a7:d0:a9:
0a:7f:c0:5e:81:ce:eb:21:b4:2a:2f:33:4c:b2:b1:
b7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3B:08:F7:39:6A:12:05:C3:EB:A1:6F:66:82:A6:B0:BF:C7:31:E6
X509v3 Authority Key Identifier:
keyid:01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/FDsI9zlqEgXD66FvZoKmsL_HMeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.228.0/22
IPv6:
2a0b:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
b0:1e:72:3e:b8:68:2b:ec:a5:53:92:33:15:b0:c3:17:a1:f5:
7e:7d:ed:bf:43:cf:fe:81:0e:0d:83:bb:25:78:3a:05:33:3b:
62:33:15:94:a7:18:97:a0:01:4b:ab:e2:b3:81:97:ec:3c:80:
c4:b4:46:c8:34:46:23:e8:4e:8c:42:23:1c:5b:34:bd:bf:a2:
cb:7d:2d:c6:d5:4f:12:55:02:4d:9b:ff:c9:8b:b4:c0:8b:92:
7a:e2:06:e0:9e:92:b5:c8:21:87:2e:8d:7b:82:6e:66:cc:08:
ea:d9:f7:fe:fc:0e:5d:3c:08:27:79:10:2c:80:de:6e:61:64:
a6:34:66:54:3e:2b:d2:bb:2c:b4:41:6b:55:5b:cd:e6:d0:a5:
96:32:22:c9:68:1b:9a:74:50:87:ba:4f:8c:1a:14:38:0b:8d:
78:fd:89:26:3d:5f:28:48:d3:74:0d:a5:71:2b:5e:56:db:a3:
e5:8e:9e:5b:3b:7c:10:dd:27:0c:9d:fa:82:9e:2e:b1:5f:40:
7a:b3:8c:f0:bd:a1:85:da:1e:b7:f2:84:5d:8c:ac:12:00:1d:
b3:46:18:f4:09:75:b9:54:1d:03:22:06:4a:35:e2:5c:d2:de:
d3:db:9e:18:64:18:45:ed:27:ba:72:f8:70:26:61:cc:b9:b6:
9d:e7:79:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtCoksQ3lz5t6p7tBn1vL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjAyNTk2ZDVjZWNlMzdkYzM0Yzg2MTA2NDU3OGZjNmRh
YTVlODYwHhcNMjMwMTAxMTExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNiMDhmNzM5NmExMjA1YzNlYmExNmY2NjgyYTZiMGJmYzczMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb8bHHJDsWnowJTP7sM+RzR15TiY
h7c8iu47dX828jsI99KANyjn72ZjOI8Dwnx16lG9gmUSCPQQvhizfp09BxDnyRqA
0e/7JPQmflHF1FJljsT/La0eKs5t9FaA/DKgQrdhKowD0C9tvQCx1VOf2wuZNEak
ISgBkNO3yja14R069wk447uG9r4kqUyTuaSvYZTKVdyC3LRy/g67Pvd20lM3OIWb
V7LWA1OWaQpdYJ18+2MbVqpW7di4lv0hG1FJVlJjHz8ja35zQudQgV4juDiiZgll
gINXLp/Jo2YrZUwtMC73A8DT2OpVvVSn0KkKf8Begc7rIbQqLzNMsrG3uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBQ7CPc5ahIFw+uhb2aCprC/xzHmMB8GA1UdIwQY
MBaAFAEgJZbVzs433DTIYQZFePxtql6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUt
NDgxMTUxYWNmMzI5LzEvRkRzSTl6bHFFZ1hENjZGdlpvS21zTF9ITWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUtNDgxMTUxYWNmMzI5
LzEvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudPkMA0E
AgACMAcDBQMqC25AMA0GCSqGSIb3DQEBCwUAA4IBAQCwHnI+uGgr7KVTkjMVsMMX
ofV+fe2/Q8/+gQ4Ng7sleDoFMztiMxWUpxiXoAFLq+KzgZfsPIDEtEbINEYj6E6M
QiMcWzS9v6LLfS3G1U8SVQJNm//Ji7TAi5J64gbgnpK1yCGHLo17gm5mzAjq2ff+
/A5dPAgneRAsgN5uYWSmNGZUPivSuyy0QWtVW83m0KWWMiLJaBuadFCHuk+MGhQ4
C414/YkmPV8oSNN0DaVxK15W26Pljp5bO3wQ3ScMnfqCni6xX0B6s4zwvaGF2h63
8oRdjKwSAB2zRhj0CXW5VB0DIgZKNeJc0t7T254YZBhF7Se6cvhwJmHMubad53kB
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:45 2024 by rpki-client on console-fra.rpki-client.org