Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/w_CLE4RLmQ4-2SRCSTyWlV47FNI.roa
File: w_CLE4RLmQ4-2SRCSTyWlV47FNI.roa (raw, json)
Hash identifier: iilazLZDPwjlK/yYdA4v/Fz6/OOiRGkrqogz7Nk4k3o=
Subject key identifier: C3:F0:8B:13:84:4B:99:0E:3E:D9:24:42:49:3C:96:95:5E:3B:14:D2
Certificate issuer: /CN=01202596d5cece37dc34c861064578fc6daa5e86
Certificate serial: 018CC94D500FFBF1DF75EB4AE693055174AB
Authority key identifier: 01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/w_CLE4RLmQ4-2SRCSTyWlV47FNI.roa
Signing time: Tue 02 Jan 2024 08:32:16 +0000
ROA not before: Tue 02 Jan 2024 08:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61399
IP address blocks: 185.211.228.0/24 maxlen: 24
185.211.231.0/24 maxlen: 24
185.211.228.0/22 maxlen: 22
185.211.230.0/24 maxlen: 24
185.211.229.0/24 maxlen: 24
2a0b:6e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:50:0f:fb:f1:df:75:eb:4a:e6:93:05:51:74:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01202596d5cece37dc34c861064578fc6daa5e86
Validity
Not Before: Jan 2 08:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3f08b13844b990e3ed92442493c96955e3b14d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:53:36:23:ed:92:b8:cf:93:c8:1c:19:ac:f0:
a3:85:87:5b:4a:9b:da:13:54:2d:98:ce:10:51:49:
16:70:fd:45:15:01:ae:dd:f4:a9:87:dc:9f:fa:36:
b0:38:ed:46:27:0f:4f:4e:d1:45:a6:68:28:03:44:
e4:92:26:f8:1b:0b:65:c4:45:7a:9e:33:55:5c:8b:
5a:71:9e:17:4c:a8:8e:c6:30:46:60:a1:f2:5e:da:
c4:da:dc:c1:cc:97:06:69:ee:71:3d:46:09:c6:a5:
84:0c:f8:58:28:9d:d5:29:a2:10:3b:34:1d:17:ea:
54:68:32:3b:7a:5e:be:d8:f2:51:b8:8e:19:f9:54:
55:0e:f1:e3:1f:d1:87:85:3d:e5:c4:ba:75:9f:0e:
c4:27:75:e6:b9:b4:ee:a5:f1:3f:fa:4f:8b:eb:ea:
dc:bb:89:27:3b:89:c5:6a:89:e1:66:6f:24:5a:03:
3b:69:e1:74:91:d4:e8:c6:3f:86:b1:02:8a:9a:10:
3b:3a:13:a1:4d:e3:6e:91:e2:e1:7a:90:b5:67:a3:
87:2a:81:dc:f4:25:6e:bb:8e:d9:d4:ef:e6:f4:62:
2f:08:00:8c:98:1c:4e:d6:bb:b7:72:6a:6e:63:e0:
66:54:aa:33:93:3f:9d:de:dd:7c:25:85:4a:64:e1:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F0:8B:13:84:4B:99:0E:3E:D9:24:42:49:3C:96:95:5E:3B:14:D2
X509v3 Authority Key Identifier:
keyid:01:20:25:96:D5:CE:CE:37:DC:34:C8:61:06:45:78:FC:6D:AA:5E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASAlltXOzjfcNMhhBkV4_G2qXoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/w_CLE4RLmQ4-2SRCSTyWlV47FNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/986164-8030-4e47-98b5-481151acf329/1/ASAlltXOzjfcNMhhBkV4_G2qXoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.228.0/22
IPv6:
2a0b:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:7b:06:7b:e9:93:66:67:1f:dc:34:df:eb:93:f6:0f:40:5c:
80:0c:f2:e1:7b:d0:b5:28:4f:3c:6a:4f:e0:c6:19:24:90:d2:
42:a1:ad:9f:7e:89:98:06:57:12:99:e3:f4:c5:67:56:09:74:
e0:b0:3f:40:f4:e5:98:52:5d:ce:cc:47:d6:b6:da:02:f4:e2:
89:2c:b1:08:9c:49:35:f0:47:b8:b4:8d:4b:0c:f3:28:c0:56:
1d:78:d3:ae:a9:b7:d1:31:ed:cb:52:72:26:90:c8:5c:0a:d9:
44:fb:35:be:7f:cd:76:16:ec:60:96:2c:91:d5:83:0a:f5:aa:
d2:b2:aa:65:7d:52:78:b5:1f:62:20:57:dc:6e:25:fa:c5:5e:
06:01:09:70:99:70:64:31:be:10:ce:0c:e9:68:9d:92:f2:5d:
4b:16:c4:0e:2c:47:03:b5:59:1e:44:5c:5d:9c:8d:ea:08:d2:
4a:54:25:35:97:b2:97:d2:f8:dc:a8:8a:c7:ea:e6:68:69:96:
97:e7:b0:0f:4d:51:ec:73:4e:4d:5e:c5:ab:4a:b7:e9:6b:2e:
c9:e5:0b:44:90:55:ab:24:9b:71:76:9c:3c:f3:57:42:58:b5:
12:68:54:f0:8b:9b:36:b7:b6:97:66:32:5b:8d:3d:8c:9d:f0:
9e:c9:9a:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTVAP+/HfdetK5pMFUXSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjAyNTk2ZDVjZWNlMzdkYzM0Yzg2MTA2NDU3OGZjNmRh
YTVlODYwHhcNMjQwMTAyMDgzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2YwOGIxMzg0NGI5OTBlM2VkOTI0NDI0OTNjOTY5NTVlM2IxNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFM2I+2SuM+TyBwZrPCjhYdbSpva
E1QtmM4QUUkWcP1FFQGu3fSph9yf+jawOO1GJw9PTtFFpmgoA0Tkkib4GwtlxEV6
njNVXItacZ4XTKiOxjBGYKHyXtrE2tzBzJcGae5xPUYJxqWEDPhYKJ3VKaIQOzQd
F+pUaDI7el6+2PJRuI4Z+VRVDvHjH9GHhT3lxLp1nw7EJ3XmubTupfE/+k+L6+rc
u4knO4nFaonhZm8kWgM7aeF0kdToxj+GsQKKmhA7OhOhTeNukeLhepC1Z6OHKoHc
9CVuu47Z1O/m9GIvCACMmBxO1ru3cmpuY+BmVKozkz+d3t18JYVKZOGDKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMPwixOES5kOPtkkQkk8lpVeOxTSMB8GA1UdIwQY
MBaAFAEgJZbVzs433DTIYQZFePxtql6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUt
NDgxMTUxYWNmMzI5LzEvd19DTEU0UkxtUTQtMlNSQ1NUeVdsVjQ3Rk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODYxNjQtODAzMC00ZTQ3LTk4YjUtNDgxMTUxYWNmMzI5
LzEvQVNBbGx0WE96amZjTk1oaEJrVjRfRzJxWG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudPkMA0E
AgACMAcDBQMqC25AMA0GCSqGSIb3DQEBCwUAA4IBAQB/ewZ76ZNmZx/cNN/rk/YP
QFyADPLhe9C1KE88ak/gxhkkkNJCoa2ffomYBlcSmeP0xWdWCXTgsD9A9OWYUl3O
zEfWttoC9OKJLLEInEk18Ee4tI1LDPMowFYdeNOuqbfRMe3LUnImkMhcCtlE+zW+
f812FuxgliyR1YMK9arSsqplfVJ4tR9iIFfcbiX6xV4GAQlwmXBkMb4QzgzpaJ2S
8l1LFsQOLEcDtVkeRFxdnI3qCNJKVCU1l7KX0vjcqIrH6uZoaZaX57APTVHsc05N
XsWrSrfpay7J5QtEkFWrJJtxdpw881dCWLUSaFTwi5s2t7aXZjJbjT2MnfCeyZq+
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:44 2025 by rpki-client