Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/eMLSrxCIGAlnXcqVVcSLX67SJkI.roa
File: eMLSrxCIGAlnXcqVVcSLX67SJkI.roa (raw, json)
Hash identifier: e3pjDYFFEfA1+Q9kPKci5XCqK3p7Nua1HhxN85o1pog=
Subject key identifier: 78:C2:D2:AF:10:88:18:09:67:5D:CA:95:55:C4:8B:5F:AE:D2:26:42
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0188DE7AE63EBF65E1E764F74C1E80BC9513
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/eMLSrxCIGAlnXcqVVcSLX67SJkI.roa
Signing time: Wed 21 Jun 2023 15:02:56 +0000
ROA not before: Wed 21 Jun 2023 15:02:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207456
IP address blocks: 185.239.206.0/24 maxlen: 24
185.239.205.0/24 maxlen: 24
185.239.204.0/24 maxlen: 24
185.239.204.0/22 maxlen: 22
185.239.207.0/24 maxlen: 24
185.241.159.0/24 maxlen: 24
185.241.158.0/23 maxlen: 23
185.241.158.0/24 maxlen: 24
185.241.157.0/24 maxlen: 24
185.241.156.0/22 maxlen: 22
185.241.156.0/24 maxlen: 24
185.241.156.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:7a:e6:3e:bf:65:e1:e7:64:f7:4c:1e:80:bc:95:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jun 21 15:02:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78c2d2af10881809675dca9555c48b5faed22642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:35:46:08:07:bf:e6:c8:3a:65:f6:76:bf:27:
c8:e3:b1:ac:13:8f:bf:98:8c:f2:83:2e:3d:78:00:
84:27:cc:ab:0b:99:a1:51:31:a0:e4:b5:de:cb:07:
8e:91:e8:9c:bb:71:d3:02:06:3f:b1:f6:14:46:62:
2e:2a:71:e2:1e:ea:79:71:9f:e2:c9:e9:3d:f8:6e:
6f:fc:c9:57:a7:47:4c:73:5d:43:87:82:d0:f7:8e:
cd:20:f0:d5:c9:f2:51:d9:e7:da:a1:b1:a7:88:b0:
70:93:e1:5c:ad:01:94:64:32:66:62:50:6d:f2:00:
9a:bd:7e:e7:c8:2d:68:bd:94:42:5d:cd:4f:fe:06:
dc:a1:09:8b:bf:5f:99:9b:23:ed:09:24:10:fb:8c:
25:f0:24:65:86:cb:61:d7:22:ce:3d:ca:f5:1a:61:
ec:e2:1c:3a:73:9d:20:ca:fd:b8:8e:2e:11:63:b1:
0b:09:4e:c6:ee:59:ce:d4:d9:58:bd:ba:f9:75:c0:
88:8c:4b:1d:d5:64:15:7a:41:c0:87:1e:73:bb:ce:
24:b9:f4:91:43:5f:25:b3:eb:7a:53:31:95:e1:b9:
3e:90:01:71:a5:91:5e:f0:fe:2b:f6:c1:bf:c1:57:
54:0f:30:82:20:a7:e9:68:77:20:7d:74:1c:76:a3:
f9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C2:D2:AF:10:88:18:09:67:5D:CA:95:55:C4:8B:5F:AE:D2:26:42
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/eMLSrxCIGAlnXcqVVcSLX67SJkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.204.0/22
185.241.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:06:6f:d8:87:a5:08:04:c5:ab:1d:dd:64:02:ea:26:06:7c:
b5:26:ad:9d:00:24:7c:11:49:4b:33:39:af:38:4e:a5:9d:10:
a6:12:d5:f4:bf:5e:5e:e2:f1:6b:46:87:80:0e:76:a2:41:f2:
8c:5e:3f:a4:dc:01:7e:cd:c3:c9:89:13:5b:68:bd:46:b5:be:
6f:2b:03:7a:e6:37:62:d9:e7:71:f6:28:58:9d:66:11:b4:70:
b6:47:87:d0:e6:63:c8:fb:95:ac:68:dd:2a:1e:91:3b:57:18:
9b:da:3a:a8:ff:35:83:8b:c6:73:ca:ea:88:13:44:44:f9:05:
58:2b:a9:ff:d2:1d:ed:12:c5:e0:29:b2:65:85:96:7c:1a:50:
56:7d:bb:04:0e:b9:fa:39:f5:57:ad:b7:e1:82:6a:ab:e2:98:
17:a9:a7:35:d6:f1:f9:c0:6d:d1:c6:ce:66:55:1b:8b:b8:ff:
f0:9c:83:07:14:37:ca:bf:a5:bd:08:b5:f7:2e:82:b7:61:78:
a2:c1:a4:e2:ba:9d:50:53:3d:aa:05:5f:d8:b0:74:99:97:b9:
d2:34:ca:13:89:7c:a4:78:cb:2d:15:24:e8:9e:ec:6d:27:59:
78:77:4d:ac:57:d8:a9:3d:cd:f7:1d:d9:b9:36:d0:38:4f:0c:
ba:c8:f9:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjeeuY+v2Xh52T3TB6AvJUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjMwNjIxMTUwMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGMyZDJhZjEwODgxODA5Njc1ZGNhOTU1NWM0OGI1ZmFlZDIyNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDVGCAe/5sg6ZfZ2vyfI47GsE4+/
mIzygy49eACEJ8yrC5mhUTGg5LXeyweOkeicu3HTAgY/sfYURmIuKnHiHup5cZ/i
yek9+G5v/MlXp0dMc11Dh4LQ947NIPDVyfJR2efaobGniLBwk+FcrQGUZDJmYlBt
8gCavX7nyC1ovZRCXc1P/gbcoQmLv1+ZmyPtCSQQ+4wl8CRlhsth1yLOPcr1GmHs
4hw6c50gyv24ji4RY7ELCU7G7lnO1NlYvbr5dcCIjEsd1WQVekHAhx5zu84kufSR
Q18ls+t6UzGV4bk+kAFxpZFe8P4r9sG/wVdUDzCCIKfpaHcgfXQcdqP5mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHjC0q8QiBgJZ13KlVXEi1+u0iZCMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvZU1MU3J4Q0lHQWxuWGNxVlZjU0xYNjdTSmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCue/MAwQC
ufGcMA0GCSqGSIb3DQEBCwUAA4IBAQBbBm/Yh6UIBMWrHd1kAuomBny1Jq2dACR8
EUlLMzmvOE6lnRCmEtX0v15e4vFrRoeADnaiQfKMXj+k3AF+zcPJiRNbaL1Gtb5v
KwN65jdi2edx9ihYnWYRtHC2R4fQ5mPI+5WsaN0qHpE7Vxib2jqo/zWDi8ZzyuqI
E0RE+QVYK6n/0h3tEsXgKbJlhZZ8GlBWfbsEDrn6OfVXrbfhgmqr4pgXqac11vH5
wG3Rxs5mVRuLuP/wnIMHFDfKv6W9CLX3LoK3YXiiwaTiup1QUz2qBV/YsHSZl7nS
NMoTiXykeMstFSTonuxtJ1l4d02sV9ipPc33Hdm5NtA4Twy6yPlI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:41 2024 by rpki-client on console-ams.rpki-client.org