Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nEq8cCwibwqyL7e-TzC-yYJatMM.roa
File: nEq8cCwibwqyL7e-TzC-yYJatMM.roa (raw, json)
Hash identifier: zA5Byo4/U0egyG5w1J/N79XFTTNAqiztRgC6jSOPGew=
Subject key identifier: 9C:4A:BC:70:2C:22:6F:0A:B2:2F:B7:BE:4F:30:BE:C9:82:5A:B4:C3
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018A167ADC7EF22731E8E9AB567FB9099876
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nEq8cCwibwqyL7e-TzC-yYJatMM.roa
Signing time: Mon 21 Aug 2023 05:04:25 +0000
ROA not before: Mon 21 Aug 2023 05:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.216.0/21 maxlen: 21
188.253.96.0/19 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Dec 2023 13:13:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:16:7a:dc:7e:f2:27:31:e8:e9:ab:56:7f:b9:09:98:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 21 05:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4abc702c226f0ab22fb7be4f30bec9825ab4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a7:c1:07:16:35:2f:d3:64:7c:4d:37:0b:50:
73:7b:ec:c5:1f:bf:db:d2:d2:fc:00:15:62:1f:c8:
30:01:f8:60:75:98:5f:29:86:21:b7:3e:4a:0c:c8:
a2:17:64:0d:25:05:e8:5b:da:2f:2e:99:98:15:f7:
e1:65:b3:85:38:cc:33:1b:2c:92:fd:89:cb:f2:25:
db:eb:9b:8e:4a:59:5d:0f:72:80:ec:f4:3e:8f:26:
77:da:56:b2:6b:e2:93:ce:03:94:0a:b4:36:4b:a5:
94:60:e5:4c:83:7f:3c:3a:43:15:b4:78:72:6a:db:
21:dc:8a:fd:6d:44:17:df:9f:8e:24:fc:89:64:e4:
e9:4b:88:c7:75:67:ae:1f:7c:be:7a:b6:d9:ba:53:
3a:7a:59:bb:3a:ff:6f:54:bf:89:fb:1e:ff:42:d8:
88:9f:f5:a9:2c:96:30:af:e9:46:dd:4a:a2:f3:18:
47:38:2d:fd:8e:c4:4d:80:90:0e:be:d1:58:be:78:
7b:3f:32:a8:48:58:c5:5d:35:e3:5e:8d:8f:ff:9d:
0f:cd:a3:6c:93:61:d6:84:0c:31:6b:00:e1:b8:15:
b4:0e:a3:0c:56:26:a7:05:54:1c:4d:a9:bf:f8:ae:
d6:79:87:04:14:4a:ff:f1:71:c2:24:73:ac:20:63:
d3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4A:BC:70:2C:22:6F:0A:B2:2F:B7:BE:4F:30:BE:C9:82:5A:B4:C3
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nEq8cCwibwqyL7e-TzC-yYJatMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
6b:7a:69:8d:a6:10:b6:8c:ae:1d:8a:fd:02:12:7c:d8:08:01:
d9:f0:28:b8:86:5b:fa:96:58:aa:23:59:3e:5b:d2:c2:64:76:
7f:ab:fa:d7:99:f7:87:69:9f:a4:00:37:0a:37:2f:a4:35:4f:
a3:17:b8:05:80:6d:13:4a:99:39:5d:0a:56:0a:7c:69:d0:67:
c2:4f:20:ca:af:42:17:35:a5:60:7f:34:2d:e9:2b:00:72:5f:
98:91:43:e6:6c:f0:05:48:cd:21:3b:35:2f:d3:03:51:fe:24:
6a:4b:1b:13:bf:6d:0a:91:3a:f0:2c:58:44:8d:5c:95:31:a0:
22:5e:14:94:23:fd:2a:13:a1:2a:f3:f0:2e:62:d5:49:79:c5:
4b:2e:a5:2d:35:3b:3e:1a:01:be:e6:b3:38:11:a8:c9:a2:eb:
e3:73:31:c1:51:4a:d4:30:1f:b8:16:d2:3b:3f:9f:56:01:62:
0b:23:7e:f1:ef:e3:f5:00:ea:e5:b5:0c:45:b2:5c:ac:b1:ec:
0e:1d:b8:37:f9:9f:49:56:23:c5:2d:3b:aa:45:a1:69:70:d4:
c7:04:83:a2:67:37:f4:82:01:3f:82:07:32:a2:f2:a1:fb:d7:
f6:bc:59:aa:3f:50:d8:c8:b2:93:b5:39:60:5b:7e:6b:f1:93:
28:51:a0:8d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYoWetx+8icx6OmrVn+5CZh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODIxMDUwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRhYmM3MDJjMjI2ZjBhYjIyZmI3YmU0ZjMwYmVjOTgyNWFiNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKfBBxY1L9NkfE03C1Bze+zFH7/b
0tL8ABViH8gwAfhgdZhfKYYhtz5KDMiiF2QNJQXoW9ovLpmYFffhZbOFOMwzGyyS
/YnL8iXb65uOSlldD3KA7PQ+jyZ32laya+KTzgOUCrQ2S6WUYOVMg388OkMVtHhy
atsh3Ir9bUQX35+OJPyJZOTpS4jHdWeuH3y+erbZulM6elm7Ov9vVL+J+x7/QtiI
n/WpLJYwr+lG3Uqi8xhHOC39jsRNgJAOvtFYvnh7PzKoSFjFXTXjXo2P/50PzaNs
k2HWhAwxawDhuBW0DqMMVianBVQcTam/+K7WeYcEFEr/8XHCJHOsIGPTGQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJxKvHAsIm8Ksi+3vk8wvsmCWrTDMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbkVxOGNDd2lid3F5TDdlLVR6Qy15WUphdE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBSLYAwQA
udf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IB
AQBremmNphC2jK4div0CEnzYCAHZ8Ci4hlv6lliqI1k+W9LCZHZ/q/rXmfeHaZ+k
ADcKNy+kNU+jF7gFgG0TSpk5XQpWCnxp0GfCTyDKr0IXNaVgfzQt6SsAcl+YkUPm
bPAFSM0hOzUv0wNR/iRqSxsTv20KkTrwLFhEjVyVMaAiXhSUI/0qE6Eq8/AuYtVJ
ecVLLqUtNTs+GgG+5rM4EajJouvjczHBUUrUMB+4FtI7P59WAWILI37x7+P1AOrl
tQxFslyssewOHbg3+Z9JViPFLTuqRaFpcNTHBIOiZzf0ggE/ggcyovKh+9f2vFmq
P1DYyLKTtTlgW35r8ZMoUaCN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org