Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/52bcda-f97e-4765-aa95-cd2f5771da98/1/RqgwqyLwqKVr5pdv9Gr3HCfP2m8.roa
File: RqgwqyLwqKVr5pdv9Gr3HCfP2m8.roa (raw, json)
Hash identifier: 2zvkIOAZ1Mk+EAk4MxpUI/WCWNcDNraQmwDmkkNBoa8=
Subject key identifier: 46:A8:30:AB:22:F0:A8:A5:6B:E6:97:6F:F4:6A:F7:1C:27:CF:DA:6F
Certificate issuer: /CN=5a155e32c4a9cda1a81bd9c7370dc34ab00653a0
Certificate serial: 01856ECB5BD5C72E72514A29E19E68451857
Authority key identifier: 5A:15:5E:32:C4:A9:CD:A1:A8:1B:D9:C7:37:0D:C3:4A:B0:06:53:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhVeMsSpzaGoG9nHNw3DSrAGU6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/52bcda-f97e-4765-aa95-cd2f5771da98/1/RqgwqyLwqKVr5pdv9Gr3HCfP2m8.roa
Signing time: Sun 01 Jan 2023 19:24:59 +0000
ROA not before: Sun 01 Jan 2023 19:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205521
IP address blocks: 185.215.124.0/24 maxlen: 24
185.215.125.0/24 maxlen: 24
185.215.124.0/22 maxlen: 22
185.215.126.0/24 maxlen: 24
185.215.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5b:d5:c7:2e:72:51:4a:29:e1:9e:68:45:18:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a155e32c4a9cda1a81bd9c7370dc34ab00653a0
Validity
Not Before: Jan 1 19:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46a830ab22f0a8a56be6976ff46af71c27cfda6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:4c:12:9f:2d:f2:d4:80:66:21:d7:83:67:
ac:03:67:86:54:3c:2b:c3:42:5f:15:7f:99:18:e4:
b0:68:f5:90:52:a3:38:87:6e:42:3b:e6:d4:7a:75:
31:3e:df:86:25:60:6c:88:71:5e:a9:ad:bc:61:02:
bc:25:c3:bf:3f:fb:e0:93:d9:c0:77:41:9f:6e:e9:
67:c9:e0:b6:60:ec:77:6c:59:fe:37:50:88:7b:32:
12:56:fa:38:10:9e:44:d1:3e:e2:e5:a4:8f:35:d3:
07:30:00:39:80:c8:99:d0:f5:33:8d:b7:71:4b:0b:
4d:41:b2:3b:32:b4:58:75:cb:3f:92:33:b1:b5:9c:
5c:1b:8a:07:de:10:9c:26:c5:eb:b8:89:2f:69:67:
27:c6:19:4f:ce:ef:fb:b4:4d:af:b8:44:cc:c6:c7:
c4:62:ad:ea:97:5f:eb:3a:5b:0a:be:a9:50:55:4d:
e6:cc:4d:28:b7:7d:d6:0c:af:11:bf:52:7e:e9:f6:
de:d4:a7:2a:14:47:98:36:b1:88:1d:d7:e4:87:24:
09:cf:b9:b6:b2:e4:24:80:63:3a:27:d7:22:8b:97:
b0:62:fb:7a:8f:8e:7e:a3:b3:23:3d:53:1f:24:25:
4a:0a:03:5c:75:6f:8a:43:8c:c8:63:cd:8e:f6:29:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A8:30:AB:22:F0:A8:A5:6B:E6:97:6F:F4:6A:F7:1C:27:CF:DA:6F
X509v3 Authority Key Identifier:
keyid:5A:15:5E:32:C4:A9:CD:A1:A8:1B:D9:C7:37:0D:C3:4A:B0:06:53:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhVeMsSpzaGoG9nHNw3DSrAGU6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/52bcda-f97e-4765-aa95-cd2f5771da98/1/RqgwqyLwqKVr5pdv9Gr3HCfP2m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/52bcda-f97e-4765-aa95-cd2f5771da98/1/WhVeMsSpzaGoG9nHNw3DSrAGU6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:85:81:14:0b:d6:cf:b4:fd:ff:fe:b1:a4:47:69:31:5a:2e:
62:95:73:83:cb:6c:11:f8:fe:fd:0f:ca:b6:49:dc:ee:74:87:
05:09:37:d5:58:94:46:bb:5d:a4:19:b5:bf:d6:40:53:f1:37:
83:d8:2c:d7:2c:e5:8e:db:25:e6:9e:aa:fd:64:da:53:ac:08:
39:46:fb:e6:8b:3a:44:0a:7b:fb:2a:2b:3f:45:84:de:57:c7:
5e:0f:99:44:b5:ce:8d:b2:98:cb:f4:6c:f4:f6:f9:58:97:1d:
ae:9c:de:1d:eb:37:6f:53:eb:f6:78:33:06:29:ce:1a:37:09:
90:5a:b0:8c:7e:b6:49:fc:49:82:6a:c6:da:53:5e:3c:a6:36:
5c:57:bd:df:f3:53:70:a0:08:8e:e4:f7:7d:19:56:42:f4:2d:
4f:b7:6f:cd:29:f9:af:ed:74:d7:4d:d7:be:55:db:38:4c:70:
6b:72:df:5e:6a:21:63:63:56:de:6d:fa:9d:34:1c:34:ba:46:
b1:ac:96:bd:2f:59:26:14:4a:6a:2b:fc:34:6f:2e:ae:3e:7b:
03:e9:ab:9f:8e:5c:97:16:9d:6c:e0:49:6c:58:64:bd:33:67:
d7:47:80:29:39:08:24:c3:ac:0d:2e:73:0b:85:a9:e5:61:28:
00:60:8d:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy1vVxy5yUUop4Z5oRRhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTU1ZTMyYzRhOWNkYTFhODFiZDljNzM3MGRjMzRhYjAw
NjUzYTAwHhcNMjMwMTAxMTkyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmE4MzBhYjIyZjBhOGE1NmJlNjk3NmZmNDZhZjcxYzI3Y2ZkYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfFMEp8t8tSAZiHXg2esA2eGVDwr
w0JfFX+ZGOSwaPWQUqM4h25CO+bUenUxPt+GJWBsiHFeqa28YQK8JcO/P/vgk9nA
d0GfbulnyeC2YOx3bFn+N1CIezISVvo4EJ5E0T7i5aSPNdMHMAA5gMiZ0PUzjbdx
SwtNQbI7MrRYdcs/kjOxtZxcG4oH3hCcJsXruIkvaWcnxhlPzu/7tE2vuETMxsfE
Yq3ql1/rOlsKvqlQVU3mzE0ot33WDK8Rv1J+6fbe1KcqFEeYNrGIHdfkhyQJz7m2
suQkgGM6J9cii5ewYvt6j45+o7MjPVMfJCVKCgNcdW+KQ4zIY82O9imiwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEaoMKsi8Kila+aXb/Rq9xwnz9pvMB8GA1UdIwQY
MBaAFFoVXjLEqc2hqBvZxzcNw0qwBlOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hWZU1zU3B6YUdvRzluSE53M0RTckFHVTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81MmJjZGEtZjk3ZS00NzY1LWFhOTUt
Y2QyZjU3NzFkYTk4LzEvUnFnd3F5THdxS1ZyNXBkdjlHcjNIQ2ZQMm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81MmJjZGEtZjk3ZS00NzY1LWFhOTUtY2QyZjU3NzFkYTk4
LzEvV2hWZU1zU3B6YUdvRzluSE53M0RTckFHVTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudd8MA0G
CSqGSIb3DQEBCwUAA4IBAQBvhYEUC9bPtP3//rGkR2kxWi5ilXODy2wR+P79D8q2
SdzudIcFCTfVWJRGu12kGbW/1kBT8TeD2CzXLOWO2yXmnqr9ZNpTrAg5RvvmizpE
Cnv7Kis/RYTeV8deD5lEtc6NspjL9Gz09vlYlx2unN4d6zdvU+v2eDMGKc4aNwmQ
WrCMfrZJ/EmCasbaU148pjZcV73f81NwoAiO5Pd9GVZC9C1Pt2/NKfmv7XTXTde+
Vds4THBrct9eaiFjY1bebfqdNBw0ukaxrJa9L1kmFEpqK/w0by6uPnsD6aufjlyX
Fp1s4ElsWGS9M2fXR4ApOQgkw6wNLnMLhanlYSgAYI3v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:16 2024 by rpki-client on console-fra.rpki-client.org