Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/ESMkMMa7A9M0nMnhfLHJOFl7cQw.roa
File: ESMkMMa7A9M0nMnhfLHJOFl7cQw.roa (raw, json)
Hash identifier: RWEZ7HKnXC48MExwRX3mPX0dYfLeoK2U0Ivl7kRUUIo=
Subject key identifier: 11:23:24:30:C6:BB:03:D3:34:9C:C9:E1:7C:B1:C9:38:59:7B:71:0C
Certificate issuer: /CN=8c810edc51abd61e69f3c69ee49d88e9896a6f09
Certificate serial: 01856DA62CD74FF4C2A600B713705312E8E6
Authority key identifier: 8C:81:0E:DC:51:AB:D6:1E:69:F3:C6:9E:E4:9D:88:E9:89:6A:6F:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIEO3FGr1h5p88ae5J2I6Ylqbwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/ESMkMMa7A9M0nMnhfLHJOFl7cQw.roa
Signing time: Sun 01 Jan 2023 14:04:44 +0000
ROA not before: Sun 01 Jan 2023 14:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 185.165.194.0/24 maxlen: 24
83.97.36.0/24 maxlen: 24
2a10:a180::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:2c:d7:4f:f4:c2:a6:00:b7:13:70:53:12:e8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c810edc51abd61e69f3c69ee49d88e9896a6f09
Validity
Not Before: Jan 1 14:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11232430c6bb03d3349cc9e17cb1c938597b710c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e3:98:ba:05:99:5e:5a:55:da:78:f1:7f:f2:
e6:62:19:3c:17:67:83:29:0b:19:04:83:f5:57:7f:
c2:2b:e2:84:68:7b:b2:ce:af:26:f1:db:60:1f:5f:
af:b0:ec:68:c7:b3:e1:28:be:a3:63:66:40:c5:62:
49:10:36:6b:6c:56:03:38:90:4c:ce:78:6f:65:95:
87:f7:41:4f:dc:1c:89:c6:d0:12:4c:e9:eb:6b:cc:
4b:fc:d3:d4:b3:6c:55:f1:d8:77:78:4d:4c:b1:8c:
80:f3:a7:86:8e:fe:d3:08:b8:fa:4c:b7:94:01:c4:
e4:4c:ec:1a:ff:25:7f:ae:41:ef:70:42:65:78:cf:
f2:ab:41:c5:3f:78:47:fa:3c:78:c8:8c:bd:4d:b8:
20:18:3a:1b:f1:fd:4f:ba:b6:34:30:61:b5:e4:f0:
03:07:6c:f7:30:e6:04:f3:a8:6c:1b:de:0d:59:64:
32:26:56:70:84:31:33:d0:ee:74:1d:3b:6a:2a:6d:
e6:a5:08:31:21:1d:65:3c:c2:cf:4c:75:8e:11:16:
ee:e0:03:36:b4:08:a9:3d:19:b0:95:3f:d5:5e:13:
f7:31:9f:a3:7c:91:a7:e5:17:55:ed:00:9b:5b:aa:
4f:4f:48:5a:55:43:b3:8f:84:4c:57:56:2b:ab:5c:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:23:24:30:C6:BB:03:D3:34:9C:C9:E1:7C:B1:C9:38:59:7B:71:0C
X509v3 Authority Key Identifier:
keyid:8C:81:0E:DC:51:AB:D6:1E:69:F3:C6:9E:E4:9D:88:E9:89:6A:6F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIEO3FGr1h5p88ae5J2I6Ylqbwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/ESMkMMa7A9M0nMnhfLHJOFl7cQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/39254c-5286-4b84-b691-4014478bb6c8/1/jIEO3FGr1h5p88ae5J2I6Ylqbwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.36.0/24
185.165.194.0/24
IPv6:
2a10:a180::/30
Signature Algorithm: sha256WithRSAEncryption
1f:6b:90:67:e5:25:a7:40:bc:76:ed:1f:aa:ac:21:2e:84:d6:
96:7c:67:37:cb:cf:0a:48:19:d4:e4:2a:bd:60:3e:de:f1:b2:
18:c7:e9:7a:ba:16:39:fa:56:23:83:9d:17:ff:c5:05:1e:40:
6d:fa:3a:a9:03:b2:be:87:ea:bf:4e:c5:57:6d:7f:46:49:c1:
c8:b1:f8:ae:45:41:aa:46:0a:04:4a:7d:8c:90:97:fd:2d:f0:
12:3c:07:d8:e4:df:9b:ed:65:80:65:44:7a:97:64:f3:48:2d:
ca:ec:4c:1f:ed:ab:a7:7e:8c:1a:da:74:8b:a3:3d:6f:50:d0:
50:98:48:9b:39:8a:f6:c6:2f:2b:4d:39:2c:3e:39:03:d3:fb:
b0:90:5a:37:e8:18:13:93:f2:5d:ae:e2:6f:56:dd:c0:36:4f:
cd:ef:1f:e4:9b:c8:44:31:f6:26:50:d8:df:3d:4d:58:dd:78:
49:63:3a:db:15:a8:11:8b:99:4d:6d:0d:a4:48:c4:40:9d:f3:
93:96:92:fd:84:6a:27:58:4b:7e:bb:1f:4e:80:ee:54:35:ec:
3f:94:f6:ff:71:a4:ef:15:50:62:be:39:2e:b9:bd:4b:a1:00:
a0:f4:a3:91:99:ee:c2:27:95:62:9e:df:54:12:2e:3d:80:f3:
6e:72:46:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtpizXT/TCpgC3E3BTEujmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODEwZWRjNTFhYmQ2MWU2OWYzYzY5ZWU0OWQ4OGU5ODk2
YTZmMDkwHhcNMjMwMTAxMTQwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTIzMjQzMGM2YmIwM2QzMzQ5Y2M5ZTE3Y2IxYzkzODU5N2I3MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieOYugWZXlpV2njxf/LmYhk8F2eD
KQsZBIP1V3/CK+KEaHuyzq8m8dtgH1+vsOxox7PhKL6jY2ZAxWJJEDZrbFYDOJBM
znhvZZWH90FP3ByJxtASTOnra8xL/NPUs2xV8dh3eE1MsYyA86eGjv7TCLj6TLeU
AcTkTOwa/yV/rkHvcEJleM/yq0HFP3hH+jx4yIy9TbggGDob8f1PurY0MGG15PAD
B2z3MOYE86hsG94NWWQyJlZwhDEz0O50HTtqKm3mpQgxIR1lPMLPTHWOERbu4AM2
tAipPRmwlT/VXhP3MZ+jfJGn5RdV7QCbW6pPT0haVUOzj4RMV1Yrq1zIBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBEjJDDGuwPTNJzJ4XyxyThZe3EMMB8GA1UdIwQY
MBaAFIyBDtxRq9YeafPGnuSdiOmJam8JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklFTzNGR3IxaDVwODhhZTVKMkk2WWxxYndrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zOTI1NGMtNTI4Ni00Yjg0LWI2OTEt
NDAxNDQ3OGJiNmM4LzEvRVNNa01NYTdBOU0wbk1uaGZMSEpPRmw3Y1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zOTI1NGMtNTI4Ni00Yjg0LWI2OTEtNDAxNDQ3OGJiNmM4
LzEvaklFTzNGR3IxaDVwODhhZTVKMkk2WWxxYndrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAU2EkAwQA
uaXCMA0EAgACMAcDBQIqEKGAMA0GCSqGSIb3DQEBCwUAA4IBAQAfa5Bn5SWnQLx2
7R+qrCEuhNaWfGc3y88KSBnU5Cq9YD7e8bIYx+l6uhY5+lYjg50X/8UFHkBt+jqp
A7K+h+q/TsVXbX9GScHIsfiuRUGqRgoESn2MkJf9LfASPAfY5N+b7WWAZUR6l2Tz
SC3K7Ewf7aunfowa2nSLoz1vUNBQmEibOYr2xi8rTTksPjkD0/uwkFo36BgTk/Jd
ruJvVt3ANk/N7x/km8hEMfYmUNjfPU1Y3XhJYzrbFagRi5lNbQ2kSMRAnfOTlpL9
hGonWEt+ux9OgO5UNew/lPb/caTvFVBivjkuub1LoQCg9KORme7CJ5Vint9UEi49
gPNuckYi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:57 2024 by rpki-client on console-ams.rpki-client.org