Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IhDOMKZGlJl1G0sI9zthwte5Noc.roa
File: IhDOMKZGlJl1G0sI9zthwte5Noc.roa (raw, json)
Hash identifier: eikawAVUUoiAUvQugQ6nvfNHn+E8IG9O+Nlez4kQCMs=
Subject key identifier: 22:10:CE:30:A6:46:94:99:75:1B:4B:08:F7:3B:61:C2:D7:B9:36:87
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CAB690F3655148FCC6AA818D46B426B3C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IhDOMKZGlJl1G0sI9zthwte5Noc.roa
Signing time: Wed 27 Dec 2023 13:13:58 +0000
ROA not before: Wed 27 Dec 2023 13:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60808
IP address blocks: 188.253.96.0/19 maxlen: 24
5.34.216.0/21 maxlen: 21
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
146.19.135.0/24 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:69:0f:36:55:14:8f:cc:6a:a8:18:d4:6b:42:6b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 27 13:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2210ce30a6469499751b4b08f73b61c2d7b93687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:44:61:f2:c7:ac:76:75:bb:1c:0b:cb:29:cb:
20:36:61:9e:b8:01:b7:fb:d0:fe:72:46:b5:e4:77:
20:4d:ee:83:d4:66:a3:e1:0e:da:de:6a:e4:86:47:
db:2b:bf:b6:6d:a6:df:3a:60:4e:72:71:43:5b:57:
65:92:27:d6:e5:fd:11:6c:35:ab:84:41:eb:1d:3c:
6a:5e:a2:af:b4:85:ff:50:48:a4:5b:5d:94:ee:3c:
da:13:c6:75:09:b7:3b:91:bb:ac:64:9f:a0:a6:d3:
6e:af:fa:03:58:d9:92:78:2f:c3:bd:1f:46:a0:36:
62:ad:79:56:5b:29:9b:d8:68:dd:64:d2:fd:f8:ae:
2e:ab:c3:e2:9c:6a:63:0b:dd:fc:15:1f:e1:1b:17:
f6:af:0c:f1:67:95:1c:6e:9d:9f:6e:e4:50:a4:ae:
f4:5f:7e:5d:29:a3:c3:a5:09:01:09:e6:91:57:3e:
29:2d:65:e3:ab:1b:09:91:29:7b:f3:c5:c7:6c:d3:
82:98:14:64:0c:8c:fe:11:46:5f:4d:8f:a9:eb:87:
a0:63:c4:5b:48:66:81:33:25:ff:1a:b8:51:27:2a:
28:e9:d7:b3:55:26:94:f0:db:61:14:06:03:dc:6e:
27:25:da:71:cc:62:65:9f:a7:36:cf:75:0c:7a:27:
36:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:10:CE:30:A6:46:94:99:75:1B:4B:08:F7:3B:61:C2:D7:B9:36:87
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IhDOMKZGlJl1G0sI9zthwte5Noc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
146.19.135.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
86:77:73:91:ab:49:d9:a7:6d:e8:04:de:3c:df:60:9c:48:47:
71:aa:79:f5:0a:41:cf:54:04:4d:db:28:64:4e:92:5c:17:80:
b7:a2:e8:7d:b3:d5:79:9b:ca:6e:1c:b4:9a:16:25:2c:b9:04:
4a:c5:1f:73:ae:dd:11:3e:23:eb:49:33:5e:23:57:65:36:d8:
36:eb:4f:98:28:35:b9:5e:8a:c3:2d:fa:5c:70:62:99:69:3b:
2b:d1:94:de:e9:5d:9f:b5:8f:b7:75:e8:d4:9c:ad:1c:56:74:
6c:aa:64:92:c9:64:76:6a:3b:81:6d:e5:e3:b7:af:f5:22:e3:
2f:f6:a5:e9:c6:d9:61:41:9b:53:f4:43:f0:b8:4a:be:0c:7b:
17:69:1e:d6:7f:3b:9c:33:14:a9:33:17:98:d0:02:ee:ad:9b:
27:0f:a4:81:df:e0:11:de:18:75:14:52:2c:26:34:b3:03:76:
8a:e0:e7:b8:40:e1:24:1c:68:e2:41:57:b6:62:fc:61:e6:a8:
37:f8:a9:b5:b8:00:8e:46:f9:c6:ad:f2:8d:bb:81:4b:1e:ef:
44:f3:a8:d7:d1:dc:c8:e6:51:81:3a:c9:8d:b8:b2:d4:32:46:
76:37:1c:99:7d:4c:92:4d:89:5e:f8:b9:0b:8b:03:47:f7:9b:
76:a0:f5:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYyraQ82VRSPzGqoGNRrQms8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjI3MTMxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjEwY2UzMGE2NDY5NDk5NzUxYjRiMDhmNzNiNjFjMmQ3YjkzNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0Rh8sesdnW7HAvLKcsgNmGeuAG3
+9D+cka15HcgTe6D1Gaj4Q7a3mrkhkfbK7+2babfOmBOcnFDW1dlkifW5f0RbDWr
hEHrHTxqXqKvtIX/UEikW12U7jzaE8Z1Cbc7kbusZJ+gptNur/oDWNmSeC/DvR9G
oDZirXlWWymb2GjdZNL9+K4uq8PinGpjC938FR/hGxf2rwzxZ5Ucbp2fbuRQpK70
X35dKaPDpQkBCeaRVz4pLWXjqxsJkSl788XHbNOCmBRkDIz+EUZfTY+p64egY8Rb
SGaBMyX/GrhRJyoo6dezVSaU8NthFAYD3G4nJdpxzGJln6c2z3UMeic2QQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCIQzjCmRpSZdRtLCPc7YcLXuTaHMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSWhET01LWkdsSmwxRzBzSTl6dGh3dGU1Tm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSLYAwQA
khOHAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEB
CwUAA4IBAQCGd3ORq0nZp23oBN4832CcSEdxqnn1CkHPVARN2yhkTpJcF4C3ouh9
s9V5m8puHLSaFiUsuQRKxR9zrt0RPiPrSTNeI1dlNtg260+YKDW5XorDLfpccGKZ
aTsr0ZTe6V2ftY+3dejUnK0cVnRsqmSSyWR2ajuBbeXjt6/1IuMv9qXpxtlhQZtT
9EPwuEq+DHsXaR7WfzucMxSpMxeY0ALurZsnD6SB3+AR3hh1FFIsJjSzA3aK4Oe4
QOEkHGjiQVe2Yvxh5qg3+Km1uACORvnGrfKNu4FLHu9E86jX0dzI5lGBOsmNuLLU
MkZ2NxyZfUySTYle+LkLiwNH95t2oPVS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org