Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/rhGd5V6MvsqAe4n9SXEeON3MYec.roa
File: rhGd5V6MvsqAe4n9SXEeON3MYec.roa (raw, json)
Hash identifier: xNm37kftrYUrjtmWc1AUvsoosblBaUSPV3zLB0q0YqQ=
Subject key identifier: AE:11:9D:E5:5E:8C:BE:CA:80:7B:89:FD:49:71:1E:38:DD:CC:61:E7
Certificate issuer: /CN=b4f115424c181c67966ccc2467ede69d060ccf53
Certificate serial: 01856EB9027D436EEE0725195179C9109E1A
Authority key identifier: B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/rhGd5V6MvsqAe4n9SXEeON3MYec.roa
Signing time: Sun 01 Jan 2023 19:04:56 +0000
ROA not before: Sun 01 Jan 2023 19:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212552
IP address blocks: 185.202.113.0/24 maxlen: 24
195.248.240.0/24 maxlen: 24
195.248.243.0/24 maxlen: 24
195.248.242.0/24 maxlen: 24
195.248.241.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:02:7d:43:6e:ee:07:25:19:51:79:c9:10:9e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f115424c181c67966ccc2467ede69d060ccf53
Validity
Not Before: Jan 1 19:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae119de55e8cbeca807b89fd49711e38ddcc61e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ec:d9:d1:a2:f9:7c:00:5c:ff:0a:c2:9d:c6:
34:1b:29:a6:fb:c0:1d:1b:fe:e4:46:f7:c0:0c:1b:
08:b5:db:0e:a5:01:0c:81:d2:13:a1:8b:21:f7:7a:
f2:e9:a7:ee:f3:93:1e:cc:3f:2c:02:0c:51:42:e5:
a5:68:5d:9f:17:c8:cf:bf:16:a5:8b:ec:b1:fe:89:
9b:f1:e5:b7:51:3d:b7:cd:b9:ee:36:5f:71:38:cb:
09:de:22:37:d4:d6:60:fa:f1:93:3f:28:46:7e:e2:
db:9f:e2:2a:e6:88:4c:68:00:7c:4b:2b:9f:5e:4f:
d9:81:60:1c:13:f0:53:77:87:05:27:ce:ef:7d:c5:
de:ab:57:2d:7a:c2:e0:7b:ea:62:90:58:6c:17:36:
1e:3b:ea:bc:84:b5:e1:a6:b3:84:3a:db:58:a8:c1:
b4:48:5e:3c:fa:93:00:1f:75:fd:69:cd:bb:66:02:
8b:5b:35:32:cf:8d:68:45:bb:85:3a:7c:44:bf:67:
f1:2c:3e:72:4f:87:a7:12:91:cb:08:3b:0c:bf:17:
48:17:c7:96:09:86:94:ea:39:0c:cd:6c:fc:23:88:
bb:d2:50:0f:95:66:9c:ee:6b:40:23:6c:ca:7b:00:
e3:90:c1:48:2b:fe:ee:fc:e6:4c:62:bc:2a:92:0b:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:11:9D:E5:5E:8C:BE:CA:80:7B:89:FD:49:71:1E:38:DD:CC:61:E7
X509v3 Authority Key Identifier:
keyid:B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/rhGd5V6MvsqAe4n9SXEeON3MYec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.113.0/24
195.248.240.0/22
Signature Algorithm: sha256WithRSAEncryption
97:fb:ad:b6:97:84:df:c5:c0:7d:c4:c9:11:5a:29:94:76:84:
aa:1e:c2:23:0b:23:c6:63:ac:df:08:91:82:67:0f:e9:10:34:
ac:f3:67:1e:e9:87:85:2e:2a:44:8c:5c:c2:a0:26:a1:32:6e:
31:cc:fb:d6:fa:a0:e4:6e:9a:3b:a2:60:00:7e:1f:31:7b:64:
1a:c3:5f:12:29:12:9a:18:0c:88:7b:fa:bb:8a:17:d3:bd:67:
9c:2c:8a:c6:00:cb:41:a3:b2:8f:44:97:b3:8e:2b:89:7f:0b:
91:e8:4f:b7:96:c1:48:55:92:9b:81:79:90:be:6a:5f:42:4c:
9c:d3:f2:49:c5:c6:2f:3d:81:59:d8:fb:66:75:19:35:95:89:
ed:dc:9d:54:08:25:2c:db:6e:a1:8c:14:27:46:cc:f5:6f:b2:
37:2e:23:d7:c7:a0:f9:8d:95:7c:a5:b9:d6:42:ee:03:6a:6e:
ed:5c:fc:50:24:c9:00:41:91:21:e2:1e:e8:86:d4:23:de:f9:
0f:6a:fe:90:d5:8b:d7:93:73:c0:fa:f5:66:e3:6f:dd:a4:45:
70:ab:42:fe:61:ed:d6:06:bc:08:64:45:2d:f4:f0:4c:c3:cf:
e1:b7:3a:77:a3:b8:95:77:a7:54:67:f6:2a:0b:7d:d0:7d:15:
3f:db:09:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuuQJ9Q27uByUZUXnJEJ4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjExNTQyNGMxODFjNjc5NjZjY2MyNDY3ZWRlNjlkMDYw
Y2NmNTMwHhcNMjMwMTAxMTkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTExOWRlNTVlOGNiZWNhODA3Yjg5ZmQ0OTcxMWUzOGRkY2M2MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uzZ0aL5fABc/wrCncY0Gymm+8Ad
G/7kRvfADBsItdsOpQEMgdIToYsh93ry6afu85MezD8sAgxRQuWlaF2fF8jPvxal
i+yx/omb8eW3UT23zbnuNl9xOMsJ3iI31NZg+vGTPyhGfuLbn+Iq5ohMaAB8Syuf
Xk/ZgWAcE/BTd4cFJ87vfcXeq1ctesLge+pikFhsFzYeO+q8hLXhprOEOttYqMG0
SF48+pMAH3X9ac27ZgKLWzUyz41oRbuFOnxEv2fxLD5yT4enEpHLCDsMvxdIF8eW
CYaU6jkMzWz8I4i70lAPlWac7mtAI2zKewDjkMFIK/7u/OZMYrwqkgv+QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4RneVejL7KgHuJ/UlxHjjdzGHnMB8GA1UdIwQY
MBaAFLTxFUJMGBxnlmzMJGft5p0GDM9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2Ut
MzJlOTMyZDZmZDBlLzEvcmhHZDVWNk12c3FBZTRuOVNYRWVPTjNNWWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2UtMzJlOTMyZDZmZDBl
LzEvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucpxAwQC
w/jwMA0GCSqGSIb3DQEBCwUAA4IBAQCX+622l4TfxcB9xMkRWimUdoSqHsIjCyPG
Y6zfCJGCZw/pEDSs82ce6YeFLipEjFzCoCahMm4xzPvW+qDkbpo7omAAfh8xe2Qa
w18SKRKaGAyIe/q7ihfTvWecLIrGAMtBo7KPRJezjiuJfwuR6E+3lsFIVZKbgXmQ
vmpfQkyc0/JJxcYvPYFZ2PtmdRk1lYnt3J1UCCUs226hjBQnRsz1b7I3LiPXx6D5
jZV8pbnWQu4Dam7tXPxQJMkAQZEh4h7ohtQj3vkPav6Q1YvXk3PA+vVm42/dpEVw
q0L+Ye3WBrwIZEUt9PBMw8/htzp3o7iVd6dUZ/YqC33QfRU/2wkT
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:33 2024 by rpki-client on console-fra.rpki-client.org