Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/M8LeGhySxlkVrEisopfoRiKlNv4.roa
File: M8LeGhySxlkVrEisopfoRiKlNv4.roa (raw, json)
Hash identifier: 4Zvj5NZ/7VsLbMF+Zvij+bzG/50LCHLVoe9Q3iYzhX4=
Subject key identifier: 33:C2:DE:1A:1C:92:C6:59:15:AC:48:AC:A2:97:E8:46:22:A5:36:FE
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01856EA6A647F1351DDD153B96A57BB5AF72
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/M8LeGhySxlkVrEisopfoRiKlNv4.roa
Signing time: Sun 01 Jan 2023 18:44:53 +0000
ROA not before: Sun 01 Jan 2023 18:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10557
IP address blocks: 185.131.54.0/24 maxlen: 24
185.131.53.0/24 maxlen: 24
185.131.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a6:47:f1:35:1d:dd:15:3b:96:a5:7b:b5:af:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 1 18:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33c2de1a1c92c65915ac48aca297e84622a536fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8d:3c:eb:c2:9e:6c:d0:f0:68:6f:d6:be:cd:
3b:53:0f:2b:ae:09:4a:de:78:c4:d9:3d:df:67:15:
63:24:e9:fd:26:6b:6b:33:59:15:d9:41:78:85:d4:
7a:3e:33:d1:92:c0:dd:3f:90:3c:12:94:b0:60:1f:
07:60:88:79:06:8c:3e:b1:42:3d:92:3c:a0:55:36:
5e:20:f0:81:7a:b0:96:25:b7:83:15:2d:7c:47:2f:
ef:e3:53:0c:89:1a:41:6d:d6:48:36:0e:f8:76:d0:
19:91:bc:bb:a6:97:62:c1:d8:1d:13:cf:1c:a4:5b:
6f:4b:8b:7d:cb:77:e6:4c:81:ce:68:29:4f:ae:10:
b8:88:ee:73:76:e9:84:4a:75:0a:98:f3:39:97:bc:
4e:d5:d5:49:ac:15:fb:35:d3:65:45:ba:47:0c:52:
bb:88:c9:3d:24:75:2c:b8:f0:ef:7e:5f:da:0a:e5:
d5:0c:83:ed:97:eb:c9:02:01:cd:2f:8a:e5:20:24:
c2:08:1a:03:86:ca:b3:76:05:5a:8d:90:44:b6:b5:
3f:fc:a7:09:d0:85:68:6b:9f:73:1d:3d:bf:11:d9:
15:79:c8:22:20:ac:e9:3c:ac:2a:02:c4:e4:21:f9:
f6:8a:0b:ee:61:fa:57:8e:d0:43:09:65:d5:6e:54:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C2:DE:1A:1C:92:C6:59:15:AC:48:AC:A2:97:E8:46:22:A5:36:FE
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/M8LeGhySxlkVrEisopfoRiKlNv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.53.0-185.131.55.255
Signature Algorithm: sha256WithRSAEncryption
83:44:32:de:2d:08:eb:98:be:e5:5c:a2:69:49:45:cc:51:81:
8a:22:b3:31:71:94:32:1f:46:2a:4c:b1:74:8f:f4:51:5f:07:
96:f0:d3:ef:f7:cc:65:27:62:8c:70:2f:ce:a4:50:34:74:2f:
a1:5a:54:36:cb:ca:16:5e:32:39:7d:d7:48:89:13:33:da:60:
5e:67:86:d3:53:cf:75:ab:ef:45:57:6e:23:7a:34:ba:bf:30:
fb:5c:c8:95:bc:38:ff:ed:09:65:ed:83:7f:74:5e:88:25:c0:
a5:94:af:e4:fe:2a:fa:cd:ff:7b:2b:2b:da:d0:85:08:9f:39:
1f:b0:d8:8e:b4:99:ac:38:4e:26:f2:38:c4:e3:11:9e:fc:f7:
88:e1:77:4b:2c:5e:fa:45:9a:a6:ab:20:3f:75:bc:38:7e:6f:
f2:2e:d5:95:5e:8e:a2:f3:8b:e6:bb:3d:97:9a:55:db:0e:25:
0d:0b:ad:40:ab:30:62:49:35:12:9c:bb:d2:fd:7e:2a:9d:28:
bf:27:ba:33:d2:b9:d0:8e:ff:8a:7e:74:6c:c0:c3:62:11:3a:
1a:9f:90:d8:8b:0d:1a:8d:9d:20:60:5b:11:ab:a9:bc:8d:c3:
fb:29:db:2c:07:e9:b9:ba:e5:e2:1d:c2:10:a9:29:c0:48:55:
ed:36:7e:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVupqZH8TUd3RU7lqV7ta9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjMwMTAxMTg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2MyZGUxYTFjOTJjNjU5MTVhYzQ4YWNhMjk3ZTg0NjIyYTUzNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI0868KebNDwaG/Wvs07Uw8rrglK
3njE2T3fZxVjJOn9JmtrM1kV2UF4hdR6PjPRksDdP5A8EpSwYB8HYIh5Bow+sUI9
kjygVTZeIPCBerCWJbeDFS18Ry/v41MMiRpBbdZINg74dtAZkby7ppdiwdgdE88c
pFtvS4t9y3fmTIHOaClPrhC4iO5zdumESnUKmPM5l7xO1dVJrBX7NdNlRbpHDFK7
iMk9JHUsuPDvfl/aCuXVDIPtl+vJAgHNL4rlICTCCBoDhsqzdgVajZBEtrU//KcJ
0IVoa59zHT2/EdkVecgiIKzpPKwqAsTkIfn2igvuYfpXjtBDCWXVblT7IQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDPC3hocksZZFaxIrKKX6EYipTb+MB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvTThMZUdoeVN4bGtWckVpc29wZm9SaUtsTnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5gzUD
BAO5gzAwDQYJKoZIhvcNAQELBQADggEBAINEMt4tCOuYvuVcomlJRcxRgYoiszFx
lDIfRipMsXSP9FFfB5bw0+/3zGUnYoxwL86kUDR0L6FaVDbLyhZeMjl910iJEzPa
YF5nhtNTz3Wr70VXbiN6NLq/MPtcyJW8OP/tCWXtg390XoglwKWUr+T+KvrN/3sr
K9rQhQifOR+w2I60maw4TibyOMTjEZ7894jhd0ssXvpFmqarID91vDh+b/Iu1ZVe
jqLzi+a7PZeaVdsOJQ0LrUCrMGJJNRKcu9L9fiqdKL8nujPSudCO/4p+dGzAw2IR
OhqfkNiLDRqNnSBgWxGrqbyNw/sp2ywH6bm65eIdwhCpKcBIVe02fjM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org