Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/rCdxvKLwEbNoMejd1WKE2hyM804.roa
File: rCdxvKLwEbNoMejd1WKE2hyM804.roa (raw, json)
Hash identifier: NvJOP3bIM0sBlZZHKhzQ+2LQ8E5hI+3Ss6eQ6c7f/qM=
Subject key identifier: AC:27:71:BC:A2:F0:11:B3:68:31:E8:DD:D5:62:84:DA:1C:8C:F3:4E
Certificate issuer: /CN=759d27ce072ca336d3afaab8879f94ec63455669
Certificate serial: 018B4F2BDAC4EB2D9F00B6658A3AC09FE5B9
Authority key identifier: 75:9D:27:CE:07:2C:A3:36:D3:AF:AA:B8:87:9F:94:EC:63:45:56:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZ0nzgcsozbTr6q4h5-U7GNFVmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/rCdxvKLwEbNoMejd1WKE2hyM804.roa
Signing time: Fri 20 Oct 2023 22:19:15 +0000
ROA not before: Fri 20 Oct 2023 22:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199342
IP address blocks: 185.11.152.0/22 maxlen: 22
185.11.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:2b:da:c4:eb:2d:9f:00:b6:65:8a:3a:c0:9f:e5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759d27ce072ca336d3afaab8879f94ec63455669
Validity
Not Before: Oct 20 22:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac2771bca2f011b36831e8ddd56284da1c8cf34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:48:0b:cd:29:75:9c:6f:2f:28:5f:4c:dd:
55:7d:28:cb:a7:1f:a4:08:5d:7f:ad:21:ba:f5:de:
70:d9:62:38:af:d4:d7:54:36:2d:24:95:94:a3:fd:
f3:fd:00:4a:05:75:61:29:ee:bf:52:fe:89:f3:54:
91:1c:2f:ca:de:f8:8c:9c:b3:30:59:95:bd:97:30:
12:2e:86:4e:eb:15:a2:dd:86:77:bb:13:84:22:14:
8a:bf:52:12:1f:26:2f:4d:4f:d2:8e:af:02:09:6f:
1b:66:48:20:73:82:86:ca:38:fe:93:74:ac:e3:35:
9d:3c:f4:2f:4d:d2:b4:0e:54:01:98:f4:05:a9:3f:
d3:fb:4e:74:d5:b2:d0:8e:4f:3d:f2:69:c7:3b:bd:
e8:77:cc:35:a3:96:52:b2:c5:5a:1c:70:6e:98:a3:
2a:31:b5:b2:e3:b8:76:fb:47:ec:d9:f1:bf:a3:79:
06:17:11:03:df:e4:92:40:ea:29:b1:a4:31:f1:93:
65:60:5d:13:29:7a:85:81:17:61:2f:51:36:6f:56:
85:51:11:ed:8e:78:f1:1d:b9:af:f5:cc:1d:70:7e:
44:e1:31:af:17:7e:38:73:17:00:78:fc:ae:d1:00:
97:99:da:1e:ce:ae:44:ef:58:a3:ee:c3:84:33:bb:
e9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:27:71:BC:A2:F0:11:B3:68:31:E8:DD:D5:62:84:DA:1C:8C:F3:4E
X509v3 Authority Key Identifier:
keyid:75:9D:27:CE:07:2C:A3:36:D3:AF:AA:B8:87:9F:94:EC:63:45:56:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ0nzgcsozbTr6q4h5-U7GNFVmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/rCdxvKLwEbNoMejd1WKE2hyM804.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/dZ0nzgcsozbTr6q4h5-U7GNFVmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:0e:f6:4c:cb:93:1d:3a:ec:2c:61:dd:e1:9f:ef:fa:71:e1:
da:f2:cb:1d:92:ee:33:b8:29:1c:b6:f4:cc:32:bd:30:e8:5b:
3a:46:c4:32:a0:f7:d4:56:63:3f:23:2e:00:a7:98:23:5f:c9:
9c:05:ad:04:db:80:4f:d3:3a:fd:65:70:fd:6b:a2:b1:35:57:
67:ff:14:ac:8e:68:b6:50:54:6d:5a:43:36:b0:47:c8:b3:c5:
b6:99:e4:23:a6:7b:99:cb:5c:a0:3c:34:94:32:49:f8:c8:df:
c6:05:87:40:e2:5b:3c:6c:cd:01:87:b7:6f:a2:75:6b:7d:6b:
47:73:d6:e3:02:c6:d2:bd:2b:a7:25:11:bf:41:d4:59:58:2c:
c4:86:16:31:9d:05:9e:d5:8d:83:b5:46:9c:7e:cd:e4:d3:6b:
1c:d9:ac:1b:90:18:d6:a1:88:d7:1c:3e:60:45:cf:ca:a9:03:
c3:11:4b:76:89:5f:a4:c8:6d:7e:19:74:b4:1b:7a:38:fd:5e:
cd:46:db:8c:af:b7:bc:1e:d2:21:48:cb:a0:34:5c:ca:9c:25:
1a:3d:4e:2e:25:bc:d2:f8:d2:2e:4b:70:bf:46:59:7a:36:36:
e0:f2:cd:cb:59:e4:d4:19:c4:27:1d:21:1a:81:df:94:6d:4c:
92:ed:17:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtPK9rE6y2fALZlijrAn+W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWQyN2NlMDcyY2EzMzZkM2FmYWFiODg3OWY5NGVjNjM0
NTU2NjkwHhcNMjMxMDIwMjIxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI3NzFiY2EyZjAxMWIzNjgzMWU4ZGRkNTYyODRkYTFjOGNmMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7BIC80pdZxvLyhfTN1VfSjLpx+k
CF1/rSG69d5w2WI4r9TXVDYtJJWUo/3z/QBKBXVhKe6/Uv6J81SRHC/K3viMnLMw
WZW9lzASLoZO6xWi3YZ3uxOEIhSKv1ISHyYvTU/Sjq8CCW8bZkggc4KGyjj+k3Ss
4zWdPPQvTdK0DlQBmPQFqT/T+0501bLQjk898mnHO73od8w1o5ZSssVaHHBumKMq
MbWy47h2+0fs2fG/o3kGFxED3+SSQOopsaQx8ZNlYF0TKXqFgRdhL1E2b1aFURHt
jnjxHbmv9cwdcH5E4TGvF344cxcAePyu0QCXmdoezq5E71ij7sOEM7vpnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwncbyi8BGzaDHo3dVihNocjPNOMB8GA1UdIwQY
MBaAFHWdJ84HLKM206+quIeflOxjRVZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFowbnpnY3NvemJUcjZxNGg1LVU3R05GVm1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9mMTdhMjctNDU5OS00NWI1LWE2NmUt
NzAxMjNmNDk1MTEwLzEvckNkeHZLTHdFYk5vTWVqZDFXS0UyaHlNODA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9mMTdhMjctNDU5OS00NWI1LWE2NmUtNzAxMjNmNDk1MTEw
LzEvZFowbnpnY3NvemJUcjZxNGg1LVU3R05GVm1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQuYMA0G
CSqGSIb3DQEBCwUAA4IBAQA/DvZMy5MdOuwsYd3hn+/6ceHa8ssdku4zuCkctvTM
Mr0w6Fs6RsQyoPfUVmM/Iy4Ap5gjX8mcBa0E24BP0zr9ZXD9a6KxNVdn/xSsjmi2
UFRtWkM2sEfIs8W2meQjpnuZy1ygPDSUMkn4yN/GBYdA4ls8bM0Bh7dvonVrfWtH
c9bjAsbSvSunJRG/QdRZWCzEhhYxnQWe1Y2DtUacfs3k02sc2awbkBjWoYjXHD5g
Rc/KqQPDEUt2iV+kyG1+GXS0G3o4/V7NRtuMr7e8HtIhSMugNFzKnCUaPU4uJbzS
+NIuS3C/Rll6Njbg8s3LWeTUGcQnHSEagd+UbUyS7ReM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:22 2024 by rpki-client on console-fra.rpki-client.org