Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/4SZ1o52RSeCEAZOe0zvC_LTkVhs.roa
File: 4SZ1o52RSeCEAZOe0zvC_LTkVhs.roa (raw, json)
Hash identifier: EJwYfOxMQBDgrmfl89wZt+VYbevricqxHSYn5GVOcTE=
Subject key identifier: E1:26:75:A3:9D:91:49:E0:84:01:93:9E:D3:3B:C2:FC:B4:E4:56:1B
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 01856CCADD0E2986D6C13BBCB711D41FB31D
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/4SZ1o52RSeCEAZOe0zvC_LTkVhs.roa
Signing time: Sun 01 Jan 2023 10:05:12 +0000
ROA not before: Sun 01 Jan 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59799
IP address blocks: 185.71.24.0/22 maxlen: 24
2a01:b280::/36 maxlen: 36
2a0a:fd80:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:dd:0e:29:86:d6:c1:3b:bc:b7:11:d4:1f:b3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e12675a39d9149e08401939ed33bc2fcb4e4561b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:7b:2a:7e:18:d4:e7:6c:93:98:19:65:54:90:
0a:66:df:35:b4:9d:e5:8c:58:e1:3a:01:c8:9a:bb:
0c:a4:b8:18:02:e9:54:7a:c3:db:4c:40:d9:ac:45:
71:4d:af:89:b1:b7:95:00:76:c5:77:db:d8:87:48:
2a:56:d2:af:50:dc:cb:e2:fd:f5:ca:9e:cb:e1:e7:
e5:35:29:6c:52:ca:d2:29:24:56:6b:d4:f4:ae:ec:
7d:b6:31:8b:8e:ba:83:2d:b7:a1:88:9e:84:26:d8:
94:b0:64:9c:b9:03:e4:13:f2:e7:95:22:f3:e1:35:
0f:1d:65:9a:09:ff:1f:e4:ff:a8:f0:3d:f4:5f:32:
f2:13:e6:a5:c4:16:2f:6e:74:30:f7:b4:33:86:59:
8c:aa:15:d9:c2:cb:6e:52:a5:93:b6:c8:b4:01:dc:
33:ae:c7:ca:c4:1f:10:90:09:0c:5f:d8:65:57:fa:
60:31:b9:3a:6e:5a:28:d0:47:46:6c:b8:bd:81:79:
c0:b7:67:8b:27:8e:e2:de:9b:6b:57:b5:f4:1c:91:
f9:e3:36:de:51:b6:68:9f:7b:cb:e6:d3:a2:3d:5b:
da:23:55:17:54:39:d3:56:87:6c:f2:ba:79:04:3c:
a3:8c:75:32:18:0b:32:26:c1:cb:7a:57:60:80:09:
65:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:26:75:A3:9D:91:49:E0:84:01:93:9E:D3:3B:C2:FC:B4:E4:56:1B
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/4SZ1o52RSeCEAZOe0zvC_LTkVhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.24.0/22
IPv6:
2a01:b280::/36
2a0a:fd80:5000::/36
Signature Algorithm: sha256WithRSAEncryption
98:aa:3d:a5:38:75:5f:f4:39:1b:9f:11:f2:89:f9:4d:5b:f9:
c6:16:a5:ff:95:c1:28:44:d8:eb:f5:1c:38:db:ae:c5:7b:36:
3f:e3:3a:b0:b4:9e:5d:c1:d6:01:1b:77:6f:54:64:d1:15:e4:
eb:c5:f1:ab:23:69:fd:ab:1a:b2:34:94:2e:52:3f:6d:9b:6c:
06:60:39:7e:4b:2b:62:4f:75:58:a0:e2:e7:30:27:3f:8b:4d:
5e:a6:94:de:18:e2:c6:30:7b:18:a9:a3:a2:51:41:21:30:ca:
a3:ab:93:73:65:78:29:1e:65:0a:d6:1e:cd:36:cf:9a:e1:d0:
53:0e:a4:a2:d6:d4:ea:85:96:9e:d3:4b:ed:0c:85:ff:d6:19:
ac:59:8a:28:24:23:d0:05:7c:7f:e5:b5:67:04:bf:64:41:6d:
c7:2a:0d:75:d9:b8:04:0e:d8:d2:b0:1e:7c:a8:03:ee:ab:b5:
b4:f0:45:05:75:c5:3a:4a:27:ca:b4:5e:3c:e1:94:39:a4:57:
47:26:96:e2:f5:7a:b0:07:b8:68:45:5b:54:11:7d:e4:d7:f7:
5c:cb:c3:45:06:51:8e:25:ac:1f:00:c1:59:7c:d4:1c:89:2d:
6b:20:ba:87:69:e2:56:39:56:ea:b4:db:53:8f:7f:ad:75:fb:
b4:eb:55:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsyt0OKYbWwTu8txHUH7MdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjMwMTAxMTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI2NzVhMzlkOTE0OWUwODQwMTkzOWVkMzNiYzJmY2I0ZTQ1NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73sqfhjU52yTmBllVJAKZt81tJ3l
jFjhOgHImrsMpLgYAulUesPbTEDZrEVxTa+JsbeVAHbFd9vYh0gqVtKvUNzL4v31
yp7L4eflNSlsUsrSKSRWa9T0rux9tjGLjrqDLbehiJ6EJtiUsGScuQPkE/LnlSLz
4TUPHWWaCf8f5P+o8D30XzLyE+alxBYvbnQw97QzhlmMqhXZwstuUqWTtsi0Adwz
rsfKxB8QkAkMX9hlV/pgMbk6bloo0EdGbLi9gXnAt2eLJ47i3ptrV7X0HJH54zbe
UbZon3vL5tOiPVvaI1UXVDnTVods8rp5BDyjjHUyGAsyJsHLeldggAllHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOEmdaOdkUnghAGTntM7wvy05FYbMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvNFNaMW81MlJTZUNFQVpPZTB6dkNfTFRrVmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuUcYMBYE
AgACMBADBgQqAbKAAAMGBCoK/YBQMA0GCSqGSIb3DQEBCwUAA4IBAQCYqj2lOHVf
9DkbnxHyiflNW/nGFqX/lcEoRNjr9Rw4267FezY/4zqwtJ5dwdYBG3dvVGTRFeTr
xfGrI2n9qxqyNJQuUj9tm2wGYDl+SytiT3VYoOLnMCc/i01eppTeGOLGMHsYqaOi
UUEhMMqjq5NzZXgpHmUK1h7NNs+a4dBTDqSi1tTqhZae00vtDIX/1hmsWYooJCPQ
BXx/5bVnBL9kQW3HKg112bgEDtjSsB58qAPuq7W08EUFdcU6SifKtF484ZQ5pFdH
Jpbi9XqwB7hoRVtUEX3k1/dcy8NFBlGOJawfAMFZfNQciS1rILqHaeJWOVbqtNtT
j3+tdfu061X/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org