Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/M7QRyuzKULhHVInxv4MIVUtVVBk.roa
File: M7QRyuzKULhHVInxv4MIVUtVVBk.roa (raw, json)
Hash identifier: jgIrAfDFXmkU6x6QbbcTaakmHtw90J9jbDj9L/FOlqU=
Subject key identifier: 33:B4:11:CA:EC:CA:50:B8:47:54:89:F1:BF:83:08:55:4B:55:54:19
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018D42AD536B5540BD2A682532398940CA6E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/M7QRyuzKULhHVInxv4MIVUtVVBk.roa
Signing time: Thu 25 Jan 2024 22:11:11 +0000
ROA not before: Thu 25 Jan 2024 22:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.216.0/21 maxlen: 21
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Feb 2024 12:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:42:ad:53:6b:55:40:bd:2a:68:25:32:39:89:40:ca:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 25 22:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33b411caecca50b8475489f1bf8308554b555419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fe:96:7b:74:3c:98:32:b7:09:ff:d9:b9:0a:
4f:7b:e9:93:94:ae:fc:4d:c9:8a:47:3b:e9:f4:68:
d4:63:b5:74:93:4f:e6:47:cc:4e:da:25:01:0d:c8:
67:05:54:12:93:d5:db:ed:47:74:61:eb:e9:c5:af:
b8:89:5a:f0:b6:16:66:77:a6:8b:ed:49:6c:5b:87:
f8:96:21:e2:cd:a9:cd:f1:ff:60:65:fc:44:f1:95:
17:9e:30:73:66:7f:1f:10:c4:1e:b1:64:9b:d1:af:
76:4f:0e:6a:6c:55:03:7e:0b:01:39:90:a4:2f:98:
5b:1e:07:75:9e:2c:11:e3:69:e3:4a:20:82:13:71:
7e:1f:60:f4:b4:7e:cc:cd:9f:50:cc:31:ad:13:78:
be:5a:e7:58:37:43:8e:e1:91:a9:65:9d:25:3c:b8:
bc:2b:05:27:2d:6d:21:d2:35:6c:d1:03:f1:90:2f:
c5:0b:a0:6c:32:f8:ff:79:fb:0c:73:a2:e3:15:1a:
93:09:de:a9:77:30:98:0a:9f:94:d2:97:49:66:36:
ea:21:6a:f9:30:62:b7:97:bc:d8:4e:ac:c7:b2:7b:
8d:7c:de:8a:c8:cb:cf:3e:de:bd:9a:d2:90:d0:ef:
a6:75:e2:b2:78:95:fb:e0:d9:60:26:13:9d:72:e4:
a8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B4:11:CA:EC:CA:50:B8:47:54:89:F1:BF:83:08:55:4B:55:54:19
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/M7QRyuzKULhHVInxv4MIVUtVVBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:32:7e:8d:fc:6b:5b:39:49:a7:14:01:3c:4f:aa:93:6e:88:
1f:d3:c1:04:14:9b:68:3c:e7:f8:d8:99:a4:14:ef:98:ce:51:
e8:a5:74:ca:23:d8:2f:2a:9c:97:91:0a:61:d3:5e:6a:e0:db:
f8:be:5e:d9:6b:25:f1:d2:9e:ce:0e:41:41:8c:ae:e9:46:69:
b9:e1:f7:8a:b1:60:78:8c:1a:e3:f1:62:37:4f:df:ce:95:d7:
fd:c8:34:47:f1:0a:54:5c:fe:b2:31:15:84:7f:f8:cd:f5:36:
ed:fe:82:fb:5a:ce:be:3b:5c:16:5a:e8:09:01:72:c9:a9:c0:
d3:69:72:a7:03:07:45:8b:14:ba:6f:e7:ce:53:e5:3e:e9:11:
7b:0c:12:2c:24:d3:35:82:06:8d:df:a2:35:78:27:68:52:0b:
40:7c:bc:77:33:b0:e0:80:fb:31:60:29:f6:1f:60:db:9b:d3:
14:0e:17:40:65:9e:3b:7f:f8:f3:4c:e8:63:c8:05:1a:b9:3e:
4d:c1:a8:2e:f0:01:2c:f3:3e:c5:d3:97:4e:87:14:06:9e:91:
91:c0:ac:56:fe:4f:5b:0c:f4:99:c6:e7:b7:6b:be:d7:25:0c:
01:3f:03:d8:10:c8:c8:b2:dd:83:0c:1a:e9:f1:c5:aa:40:42:
9e:06:a1:e1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY1CrVNrVUC9KmglMjmJQMpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTI1MjIxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2I0MTFjYWVjY2E1MGI4NDc1NDg5ZjFiZjgzMDg1NTRiNTU1NDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv6We3Q8mDK3Cf/ZuQpPe+mTlK78
TcmKRzvp9GjUY7V0k0/mR8xO2iUBDchnBVQSk9Xb7Ud0Yevpxa+4iVrwthZmd6aL
7UlsW4f4liHizanN8f9gZfxE8ZUXnjBzZn8fEMQesWSb0a92Tw5qbFUDfgsBOZCk
L5hbHgd1niwR42njSiCCE3F+H2D0tH7MzZ9QzDGtE3i+WudYN0OO4ZGpZZ0lPLi8
KwUnLW0h0jVs0QPxkC/FC6BsMvj/efsMc6LjFRqTCd6pdzCYCp+U0pdJZjbqIWr5
MGK3l7zYTqzHsnuNfN6KyMvPPt69mtKQ0O+mdeKyeJX74NlgJhOdcuSonwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDO0EcrsylC4R1SJ8b+DCFVLVVQZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTTdRUnl1ektVTGhIVklueHY0TUlWVXRWVkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBSLYAwQA
udf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IB
AQCMMn6N/GtbOUmnFAE8T6qTbogf08EEFJtoPOf42JmkFO+YzlHopXTKI9gvKpyX
kQph015q4Nv4vl7ZayXx0p7ODkFBjK7pRmm54feKsWB4jBrj8WI3T9/Oldf9yDRH
8QpUXP6yMRWEf/jN9Tbt/oL7Ws6+O1wWWugJAXLJqcDTaXKnAwdFixS6b+fOU+U+
6RF7DBIsJNM1ggaN36I1eCdoUgtAfLx3M7DggPsxYCn2H2Dbm9MUDhdAZZ47f/jz
TOhjyAUauT5Nwagu8AEs8z7F05dOhxQGnpGRwKxW/k9bDPSZxue3a77XJQwBPwPY
EMjIst2DDBrp8cWqQEKeBqHh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org