Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/sEsoAP5GXUZQlP0mZzXLdRL9PXI.roa
File: sEsoAP5GXUZQlP0mZzXLdRL9PXI.roa (raw, json)
Hash identifier: 5BsJyGe+SrnMvCT5Kful2wmYK5q62Pi1E6zFYLLTYB8=
Subject key identifier: B0:4B:28:00:FE:46:5D:46:50:94:FD:26:67:35:CB:75:12:FD:3D:72
Certificate issuer: /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial: 01856EC204A08A5A5752F1FEEC8BC99A54A9
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/sEsoAP5GXUZQlP0mZzXLdRL9PXI.roa
Signing time: Sun 01 Jan 2023 19:14:46 +0000
ROA not before: Sun 01 Jan 2023 19:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24631
IP address blocks: 185.110.238.0/24 maxlen: 24
185.110.237.0/24 maxlen: 24
185.110.239.0/24 maxlen: 24
185.110.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:04:a0:8a:5a:57:52:f1:fe:ec:8b:c9:9a:54:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
Validity
Not Before: Jan 1 19:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b04b2800fe465d465094fd266735cb7512fd3d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:c9:50:42:fb:e9:f2:10:a8:19:8e:91:e7:
38:65:a1:48:46:01:2c:3c:d0:54:5a:23:d4:c5:d4:
f4:b2:7b:c0:77:5b:b0:76:2d:95:21:c9:54:06:42:
ee:04:d1:47:e0:cc:10:f4:8a:93:40:0a:0b:37:1b:
02:9b:7f:60:70:c6:d2:1c:ce:42:c8:eb:46:6d:2b:
97:92:c7:00:db:ee:58:5e:1c:18:bf:ec:af:be:e0:
d6:c7:9c:10:9e:8d:ed:b8:16:81:21:30:80:39:0e:
71:28:bc:cc:ff:e2:02:5a:d7:06:7d:f5:cf:bb:fd:
cf:25:f9:b8:80:07:20:ce:09:b2:74:aa:4f:cb:d6:
cd:a2:31:c3:b2:fc:1e:ec:f8:24:0a:47:a5:41:dc:
7a:57:83:e8:a1:a7:8d:d2:a5:60:98:c4:5d:ba:bf:
86:61:97:8c:18:43:1d:89:d5:7d:86:9a:b1:5d:8a:
c7:12:b6:34:f1:70:a4:25:92:de:cd:b6:31:8f:37:
0d:03:7c:bd:18:c3:32:fe:b4:57:28:68:3d:f3:7c:
ae:77:d7:6a:6b:24:89:dd:49:1e:cc:12:87:6d:c6:
c3:f3:40:d6:6f:47:72:11:03:b0:4d:98:39:ae:f1:
3a:fb:de:09:7b:be:b6:4e:7a:3c:c3:ff:2f:11:bb:
47:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4B:28:00:FE:46:5D:46:50:94:FD:26:67:35:CB:75:12:FD:3D:72
X509v3 Authority Key Identifier:
keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/sEsoAP5GXUZQlP0mZzXLdRL9PXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.236.0/22
Signature Algorithm: sha256WithRSAEncryption
66:31:ca:22:8b:58:86:c1:aa:30:fa:c9:2d:4a:4c:8d:d0:77:
db:0a:ec:96:5f:5a:fd:61:f1:6b:c0:99:75:16:aa:a5:6f:d8:
1f:bf:ea:50:6a:a3:43:c0:ea:42:32:4d:ca:2f:e6:6a:a4:54:
24:54:a8:c2:ef:51:c5:41:d6:49:28:7c:63:bf:33:37:14:52:
ce:c9:0a:ea:9f:ad:a4:a7:1b:3f:a0:10:c5:c9:4a:3e:91:29:
3b:a7:00:53:3a:68:b1:de:aa:23:78:d4:6c:a2:75:44:60:64:
28:be:6c:4c:02:ca:1a:82:7f:31:13:57:b5:56:75:f4:fa:84:
02:8e:06:44:8a:ef:c7:8d:44:00:4b:fc:b8:4b:cd:de:26:bd:
d2:26:85:8a:74:f3:be:8b:84:7d:61:89:aa:41:99:83:02:e6:
2a:f0:a3:8f:d5:4e:65:b0:5f:29:c0:d8:74:db:85:bc:df:9c:
27:75:bb:62:9f:7c:91:4d:25:fb:54:75:0a:5a:af:8f:79:02:
4c:b3:ff:1e:85:ee:90:46:12:fc:35:c2:7e:e9:54:48:33:d2:
2d:fb:8b:61:c1:a4:41:04:09:9c:eb:3e:79:ae:26:a3:40:ab:
4f:f8:29:e8:09:2f:cf:dc:0c:b9:36:b3:2c:b7:8f:81:1e:15:
c8:b3:b6:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgSgilpXUvH+7IvJmlSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjMwMTAxMTkxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRiMjgwMGZlNDY1ZDQ2NTA5NGZkMjY2NzM1Y2I3NTEyZmQzZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5TJUEL76fIQqBmOkec4ZaFIRgEs
PNBUWiPUxdT0snvAd1uwdi2VIclUBkLuBNFH4MwQ9IqTQAoLNxsCm39gcMbSHM5C
yOtGbSuXkscA2+5YXhwYv+yvvuDWx5wQno3tuBaBITCAOQ5xKLzM/+ICWtcGffXP
u/3PJfm4gAcgzgmydKpPy9bNojHDsvwe7PgkCkelQdx6V4PooaeN0qVgmMRdur+G
YZeMGEMdidV9hpqxXYrHErY08XCkJZLezbYxjzcNA3y9GMMy/rRXKGg983yud9dq
aySJ3UkezBKHbcbD80DWb0dyEQOwTZg5rvE6+94Je762Tno8w/8vEbtHjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBLKAD+Rl1GUJT9Jmc1y3US/T1yMB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEvc0Vzb0FQNUdYVVpRbFAwbVp6WExkUkw5UFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7sMA0G
CSqGSIb3DQEBCwUAA4IBAQBmMcoii1iGwaow+sktSkyN0HfbCuyWX1r9YfFrwJl1
Fqqlb9gfv+pQaqNDwOpCMk3KL+ZqpFQkVKjC71HFQdZJKHxjvzM3FFLOyQrqn62k
pxs/oBDFyUo+kSk7pwBTOmix3qojeNRsonVEYGQovmxMAsoagn8xE1e1VnX0+oQC
jgZEiu/HjUQAS/y4S83eJr3SJoWKdPO+i4R9YYmqQZmDAuYq8KOP1U5lsF8pwNh0
24W835wndbtin3yRTSX7VHUKWq+PeQJMs/8ehe6QRhL8NcJ+6VRIM9It+4thwaRB
BAmc6z55riajQKtP+CnoCS/P3Ay5NrMst4+BHhXIs7bG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org