Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/es_f3aKLpTgE18hqVIbZJRB5BZc.roa
File: es_f3aKLpTgE18hqVIbZJRB5BZc.roa (raw, json)
Hash identifier: sEiB1LWYVqnU10RfqABGzvWeRGoPQpx+eypJ+mlD5vY=
Subject key identifier: 7A:CF:DF:DD:A2:8B:A5:38:04:D7:C8:6A:54:86:D9:25:10:79:05:97
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0185732842107BF860F614C38B728DBA062F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/es_f3aKLpTgE18hqVIbZJRB5BZc.roa
Signing time: Mon 02 Jan 2023 15:44:56 +0000
ROA not before: Mon 02 Jan 2023 15:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59592
IP address blocks: 5.231.200.0/24 maxlen: 32
5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
185.13.158.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Dec 2023 10:53:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:42:10:7b:f8:60:f6:14:c3:8b:72:8d:ba:06:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 2 15:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7acfdfdda28ba53804d7c86a5486d92510790597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:67:e2:18:16:b2:6a:a1:e7:5b:ac:02:f9:
a3:05:b4:3d:64:f3:29:3a:36:e5:c4:d0:a2:5e:de:
3a:98:dc:4f:80:20:d9:4c:bc:e2:18:1c:5c:ff:f1:
84:9d:c9:35:a2:4b:ec:1a:cb:50:c6:5e:d8:ac:47:
fb:2b:02:2a:9c:65:8a:1b:94:a2:f5:9e:07:17:ff:
59:26:20:06:aa:69:90:2f:e0:02:70:65:d4:28:44:
44:27:21:47:47:62:46:8c:10:5c:b0:d0:35:f4:8c:
2d:10:09:77:48:31:fd:db:9a:86:4b:39:e7:20:16:
1b:fa:c6:b5:9e:b2:d4:2a:46:b3:f6:ed:5a:1a:c3:
d4:d6:77:ed:a0:83:ad:ff:08:f9:7b:5b:7d:ab:b8:
76:a9:95:76:7b:75:b1:66:88:77:6f:ad:29:d3:a4:
2a:85:f5:94:0a:15:11:74:8f:9d:45:35:46:77:98:
b9:ad:57:d4:9c:67:76:85:67:44:f3:c6:8d:e6:a9:
24:b5:73:42:64:bb:f4:c7:56:50:42:0e:a9:88:7b:
06:70:bf:1f:74:ec:94:04:e5:56:77:ca:db:6b:c0:
e3:98:12:88:9d:3c:97:06:73:b0:77:bb:1d:bb:cb:
92:25:d5:ea:8a:0a:3b:3e:16:6d:24:b4:2a:c5:d2:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CF:DF:DD:A2:8B:A5:38:04:D7:C8:6A:54:86:D9:25:10:79:05:97
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/es_f3aKLpTgE18hqVIbZJRB5BZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
82:7e:9a:72:a9:f6:18:77:d4:cf:96:21:b6:11:4e:67:a3:0b:
fa:e8:d0:e3:85:e8:9a:ef:c0:15:10:b8:92:04:b8:9c:46:21:
bb:d6:53:9f:30:22:92:02:02:21:13:04:2d:1f:48:9a:00:8d:
f4:f8:c7:b9:05:d8:2f:74:dc:ca:42:77:3b:44:e8:a1:03:3e:
59:81:a7:b8:97:a6:06:bd:1c:93:c5:53:01:06:5d:4a:fd:20:
61:d3:7b:f7:92:74:05:55:78:21:3c:83:54:6f:d6:e9:69:04:
22:e6:85:1d:a1:06:f4:3b:d4:11:3b:b5:e2:61:82:6f:f3:d3:
54:e2:28:f6:1c:65:3a:28:05:52:12:30:7a:29:1a:b7:59:84:
d2:5a:54:da:98:c1:36:b1:ba:f9:f9:12:4f:10:13:b3:aa:64:
43:5e:5b:76:4e:8b:62:cb:e0:6a:8d:6f:10:52:74:26:59:48:
1f:00:32:c9:ec:80:7d:4d:5c:5c:8f:a2:89:4c:cf:ab:ff:78:
34:d1:85:d0:30:e4:3f:4d:0d:20:5c:0c:2d:b0:ab:a4:eb:80:
93:48:54:db:ea:69:77:34:bd:47:b6:5b:4f:be:ce:9c:ce:90:
61:03:f4:e8:2d:bf:18:e4:ec:e1:dd:98:16:fa:93:23:94:d5:
b5:29:be:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVzKEIQe/hg9hTDi3KNugYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjMwMTAyMTU0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNmZGZkZGEyOGJhNTM4MDRkN2M4NmE1NDg2ZDkyNTEwNzkwNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApThn4hgWsmqh51usAvmjBbQ9ZPMp
OjblxNCiXt46mNxPgCDZTLziGBxc//GEnck1okvsGstQxl7YrEf7KwIqnGWKG5Si
9Z4HF/9ZJiAGqmmQL+ACcGXUKEREJyFHR2JGjBBcsNA19IwtEAl3SDH925qGSznn
IBYb+sa1nrLUKkaz9u1aGsPU1nftoIOt/wj5e1t9q7h2qZV2e3WxZoh3b60p06Qq
hfWUChURdI+dRTVGd5i5rVfUnGd2hWdE88aN5qkktXNCZLv0x1ZQQg6piHsGcL8f
dOyUBOVWd8rba8DjmBKInTyXBnOwd7sdu8uSJdXqigo7PhZtJLQqxdLmRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHrP392ii6U4BNfIalSG2SUQeQWXMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZXNfZjNhS0xwVGdFMThocVZJYlpKUkI1QlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABebOAwQA
BebcAwQABedXAwQABefIAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQCCfppyqfYY
d9TPliG2EU5nowv66NDjheia78AVELiSBLicRiG71lOfMCKSAgIhEwQtH0iaAI30
+Me5BdgvdNzKQnc7ROihAz5Zgae4l6YGvRyTxVMBBl1K/SBh03v3knQFVXghPINU
b9bpaQQi5oUdoQb0O9QRO7XiYYJv89NU4ij2HGU6KAVSEjB6KRq3WYTSWlTamME2
sbr5+RJPEBOzqmRDXlt2Totiy+BqjW8QUnQmWUgfADLJ7IB9TVxcj6KJTM+r/3g0
0YXQMOQ/TQ0gXAwtsKuk64CTSFTb6ml3NL1HtltPvs6czpBhA/ToLb8Y5Ozh3ZgW
+pMjlNW1Kb7n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:54 2024 by rpki-client on console-ams.rpki-client.org