Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/9D2esbbcKaox1fRFjIqnAh9ldxo.roa
File: 9D2esbbcKaox1fRFjIqnAh9ldxo.roa (raw, json)
Hash identifier: IxrKw5x9BY4QDLRALnFDsqYWW6OxJ47lKy7zA5ihK+0=
Subject key identifier: F4:3D:9E:B1:B6:DC:29:AA:31:D5:F4:45:8C:8A:A7:02:1F:65:77:1A
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 0185715567783FB852B03884B0641A16F136
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/9D2esbbcKaox1fRFjIqnAh9ldxo.roa
Signing time: Mon 02 Jan 2023 07:15:00 +0000
ROA not before: Mon 02 Jan 2023 07:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28727
IP address blocks: 185.59.240.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:67:78:3f:b8:52:b0:38:84:b0:64:1a:16:f1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Jan 2 07:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f43d9eb1b6dc29aa31d5f4458c8aa7021f65771a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d5:e1:b8:d6:44:06:ac:f3:0c:9a:82:5f:2e:
4a:0e:25:ea:58:22:1e:fa:f8:ea:75:93:d9:18:07:
1a:b1:07:8a:88:26:6f:b3:70:58:7e:7c:da:ee:c2:
a5:b1:d7:25:07:02:46:5e:73:8d:46:16:64:14:82:
6b:f6:07:2d:05:63:cf:94:19:67:37:62:11:24:6b:
5b:3a:20:01:e7:f8:1c:ce:ab:4c:f2:1b:43:6a:c2:
27:57:aa:16:b9:83:ed:58:38:69:36:2d:0a:72:50:
ed:cf:4d:21:c6:4a:48:f1:41:52:40:1c:90:95:07:
83:fa:ea:35:12:fc:25:70:95:2c:c7:a5:a1:33:7a:
b1:49:84:9f:15:d4:13:19:05:5e:54:8a:28:10:e4:
2a:33:2e:ab:4d:8c:79:dd:df:b8:99:11:c6:98:33:
5a:f3:f9:94:0a:cc:5c:de:82:1d:44:e2:8d:21:fe:
9a:7d:57:26:36:e0:02:06:3d:b0:40:21:d6:c6:e6:
60:ff:c7:b3:62:41:ad:e7:86:76:1e:f7:d5:82:87:
6f:0b:cc:0e:cb:b6:b8:2e:cf:31:73:11:92:32:1c:
47:3a:d2:82:30:05:b2:79:0f:c5:28:01:4f:48:62:
d3:af:fd:aa:3b:21:9d:af:81:dd:c7:89:da:a4:35:
88:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3D:9E:B1:B6:DC:29:AA:31:D5:F4:45:8C:8A:A7:02:1F:65:77:1A
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/9D2esbbcKaox1fRFjIqnAh9ldxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.240.0/24
Signature Algorithm: sha256WithRSAEncryption
03:be:b6:08:5e:5e:72:03:9f:ac:2b:0e:bd:99:12:50:72:dd:
5c:53:ba:73:78:7a:97:61:7c:3d:ad:24:90:e5:28:28:26:05:
9e:ed:ba:2a:21:82:85:d7:6b:54:e7:9d:89:66:c4:ee:8f:ed:
9c:49:f8:cd:70:4d:26:87:65:e1:ef:37:c7:3a:d7:42:8e:53:
a2:86:90:e8:a4:6e:8b:8e:e7:99:77:94:19:1a:81:17:bf:6c:
48:5f:6b:e3:08:22:7d:27:48:97:37:f3:82:bf:65:f6:cb:fe:
ed:b6:53:a7:da:44:35:f8:2e:ba:6a:36:70:1b:33:9c:66:6e:
6e:c1:be:32:20:33:80:1b:6f:d1:32:fb:0a:87:61:ee:7c:c8:
be:f6:fb:f2:38:fb:17:16:5e:86:22:6d:2e:65:b6:d9:75:c6:
a6:d8:2f:75:52:49:5b:4e:39:89:02:2b:61:5e:98:cc:28:cb:
74:0e:68:3a:62:b0:75:b9:4c:d9:d4:df:34:2a:fc:92:6c:31:
60:a4:54:b8:97:e9:1c:c0:a1:dd:42:bb:bc:fa:e8:b2:e0:b1:
6b:3c:c1:23:e3:22:4d:10:55:43:9b:98:e2:3a:32:45:5b:a7:
37:bd:57:3a:65:84:50:97:6b:e5:df:90:bd:2d:1e:78:e9:00:
a1:ee:ac:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVWd4P7hSsDiEsGQaFvE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjMwMTAyMDcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNkOWViMWI2ZGMyOWFhMzFkNWY0NDU4YzhhYTcwMjFmNjU3NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtXhuNZEBqzzDJqCXy5KDiXqWCIe
+vjqdZPZGAcasQeKiCZvs3BYfnza7sKlsdclBwJGXnONRhZkFIJr9gctBWPPlBln
N2IRJGtbOiAB5/gczqtM8htDasInV6oWuYPtWDhpNi0KclDtz00hxkpI8UFSQByQ
lQeD+uo1EvwlcJUsx6WhM3qxSYSfFdQTGQVeVIooEOQqMy6rTYx53d+4mRHGmDNa
8/mUCsxc3oIdROKNIf6afVcmNuACBj2wQCHWxuZg/8ezYkGt54Z2HvfVgodvC8wO
y7a4Ls8xcxGSMhxHOtKCMAWyeQ/FKAFPSGLTr/2qOyGdr4Hdx4napDWIVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQ9nrG23CmqMdX0RYyKpwIfZXcaMB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvOUQyZXNiYmNLYW94MWZSRmpJcW5BaDlsZHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTvwMA0G
CSqGSIb3DQEBCwUAA4IBAQADvrYIXl5yA5+sKw69mRJQct1cU7pzeHqXYXw9rSSQ
5SgoJgWe7boqIYKF12tU552JZsTuj+2cSfjNcE0mh2Xh7zfHOtdCjlOihpDopG6L
jueZd5QZGoEXv2xIX2vjCCJ9J0iXN/OCv2X2y/7ttlOn2kQ1+C66ajZwGzOcZm5u
wb4yIDOAG2/RMvsKh2HufMi+9vvyOPsXFl6GIm0uZbbZdcam2C91UklbTjmJAith
XpjMKMt0Dmg6YrB1uUzZ1N80KvySbDFgpFS4l+kcwKHdQru8+uiy4LFrPMEj4yJN
EFVDm5jiOjJFW6c3vVc6ZYRQl2vl35C9LR546QCh7qxH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:19 2024 by rpki-client on console-fra.rpki-client.org