Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/59Z6NlaBR19LzO9hFoRPeqzc9dM.roa
File: 59Z6NlaBR19LzO9hFoRPeqzc9dM.roa (raw, json)
Hash identifier: piI5VVH0TrWVQ2ODGBDYgTd8ZiDeTypZ0AbAp3YgLe0=
Subject key identifier: E7:D6:7A:36:56:81:47:5F:4B:CC:EF:61:16:84:4F:7A:AC:DC:F5:D3
Certificate issuer: /CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Certificate serial: 018570B06ACB858D75C2FECEEB29B4F335DD
Authority key identifier: 85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/59Z6NlaBR19LzO9hFoRPeqzc9dM.roa
Signing time: Mon 02 Jan 2023 04:14:47 +0000
ROA not before: Mon 02 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208332
IP address blocks: 185.135.240.0/22 maxlen: 22
185.135.240.0/24 maxlen: 24
185.135.242.0/24 maxlen: 24
185.135.243.0/24 maxlen: 24
185.135.241.0/24 maxlen: 24
2a06:f700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:6a:cb:85:8d:75:c2:fe:ce:eb:29:b4:f3:35:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Validity
Not Before: Jan 2 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d67a365681475f4bccef6116844f7aacdcf5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ba:23:d0:21:19:8b:c3:71:98:3d:46:a9:c7:
36:e8:fb:e9:c1:7f:a5:40:c2:7c:92:e0:67:af:73:
59:6b:62:87:81:0d:77:ee:3b:e9:fe:54:b7:4e:c1:
84:8b:38:f7:46:2e:54:ae:e0:45:0d:c0:81:03:5a:
72:0c:9c:6b:1c:bb:d3:3a:c3:9c:ec:1b:62:09:de:
73:a3:2f:99:5c:e3:1f:7b:d8:d2:d1:48:fa:4e:8a:
5d:39:f4:b5:5d:64:90:14:c8:ab:e7:62:9e:78:50:
9b:ec:c8:f6:3d:42:e9:43:8a:2a:a2:62:3f:7f:fa:
2d:bd:7d:08:ca:26:30:74:21:12:dd:f8:ab:9f:f9:
ea:5e:6a:d2:76:3d:f4:ce:1a:6f:0f:d3:da:3e:67:
6f:46:59:66:40:b4:5c:24:27:4a:19:1b:86:7c:82:
d3:d8:00:b6:c7:df:57:d4:ab:13:f9:ae:5c:40:9e:
ec:d3:aa:16:e9:07:4f:ab:cd:f1:a4:15:41:0c:29:
88:6b:e0:04:01:26:f2:1e:01:6c:ba:36:9c:79:a3:
17:c4:50:60:74:76:6c:52:70:aa:1d:83:4f:6a:79:
59:3b:04:5f:59:ed:08:f8:6e:36:7b:a7:b6:18:13:
e8:dc:3d:c4:0b:1e:27:72:ed:c7:67:fe:c9:3b:38:
c8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D6:7A:36:56:81:47:5F:4B:CC:EF:61:16:84:4F:7A:AC:DC:F5:D3
X509v3 Authority Key Identifier:
keyid:85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/59Z6NlaBR19LzO9hFoRPeqzc9dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/hVxdD-JZNayRq1qtpkUmAOWNJaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.240.0/22
IPv6:
2a06:f700::/29
Signature Algorithm: sha256WithRSAEncryption
90:a2:10:e3:8b:3c:a0:09:13:b4:4c:40:57:7d:e4:b0:fe:6a:
9b:98:6a:da:8a:74:d8:55:5c:da:9b:28:af:1d:fb:f0:b6:10:
de:aa:04:dc:b0:76:9d:3e:48:d3:36:7a:36:45:4e:51:fd:31:
af:ac:e5:4f:4f:ed:4a:e9:1a:24:fd:cc:a8:c8:74:66:47:a0:
94:76:2a:81:ef:16:76:ff:37:87:fa:76:9c:7b:8b:90:2a:ef:
44:ff:bc:ef:cd:6e:15:fc:57:27:30:17:ef:28:b3:82:fb:c6:
ae:d9:c2:71:d8:ea:fa:a7:ab:2c:dd:f1:db:8e:2a:46:94:bb:
5b:7d:22:de:ba:5f:3c:69:c6:65:12:86:e4:f2:9a:1a:3e:e2:
7d:20:7e:66:19:f2:ac:29:78:b2:95:14:78:41:99:66:c9:84:
5b:f5:30:aa:4d:e5:c9:85:51:ac:b7:a7:16:2e:fc:12:6d:a7:
d2:b4:a4:9d:df:31:86:19:fa:24:77:9e:fd:f5:93:bf:94:42:
ab:ae:c8:84:8a:89:f0:a0:dc:b2:1d:6a:b8:3f:2e:70:c1:c3:
d7:37:3f:b2:17:5f:a0:d6:25:8f:1a:e6:99:be:63:e0:da:95:
a3:f8:2a:81:54:a9:3e:63:22:10:cd:47:2f:4f:c6:ae:6b:fd:
b2:dc:46:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsGrLhY11wv7O6ym08zXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NWM1ZDBmZTI1OTM1YWM5MWFiNWFhZGE2NDUyNjAwZTU4
ZDI1YTUwHhcNMjMwMTAyMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q2N2EzNjU2ODE0NzVmNGJjY2VmNjExNjg0NGY3YWFjZGNmNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2roj0CEZi8NxmD1Gqcc26PvpwX+l
QMJ8kuBnr3NZa2KHgQ137jvp/lS3TsGEizj3Ri5UruBFDcCBA1pyDJxrHLvTOsOc
7BtiCd5zoy+ZXOMfe9jS0Uj6TopdOfS1XWSQFMir52KeeFCb7Mj2PULpQ4oqomI/
f/otvX0IyiYwdCES3firn/nqXmrSdj30zhpvD9PaPmdvRllmQLRcJCdKGRuGfILT
2AC2x99X1KsT+a5cQJ7s06oW6QdPq83xpBVBDCmIa+AEASbyHgFsujaceaMXxFBg
dHZsUnCqHYNPanlZOwRfWe0I+G42e6e2GBPo3D3ECx4ncu3HZ/7JOzjInQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOfWejZWgUdfS8zvYRaET3qs3PXTMB8GA1UdIwQY
MBaAFIVcXQ/iWTWskataraZFJgDljSWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZ4ZEQtSlpOYXlScTFxdHBrVW1BT1dOSmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMmIwNTEtM2EyMy00ODM1LWIzMGQt
MmFmNDc5MWQ5NmViLzEvNTlaNk5sYUJSMTlMek85aEZvUlBlcXpjOWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMmIwNTEtM2EyMy00ODM1LWIzMGQtMmFmNDc5MWQ5NmVi
LzEvaFZ4ZEQtSlpOYXlScTFxdHBrVW1BT1dOSmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYfwMA0E
AgACMAcDBQMqBvcAMA0GCSqGSIb3DQEBCwUAA4IBAQCQohDjizygCRO0TEBXfeSw
/mqbmGrainTYVVzamyivHfvwthDeqgTcsHadPkjTNno2RU5R/TGvrOVPT+1K6Rok
/cyoyHRmR6CUdiqB7xZ2/zeH+nace4uQKu9E/7zvzW4V/FcnMBfvKLOC+8au2cJx
2Or6p6ss3fHbjipGlLtbfSLeul88acZlEobk8poaPuJ9IH5mGfKsKXiylRR4QZlm
yYRb9TCqTeXJhVGst6cWLvwSbafStKSd3zGGGfokd5799ZO/lEKrrsiEionwoNyy
HWq4Py5wwcPXNz+yF1+g1iWPGuaZvmPg2pWj+CqBVKk+YyIQzUcvT8aua/2y3EaI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:15 2024 by rpki-client on console-ams.rpki-client.org