Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/OeaEAPjzRLYpFW-zKMxteBCswio.roa
File: OeaEAPjzRLYpFW-zKMxteBCswio.roa (raw, json)
Hash identifier: kQp/7lHJ9YKClTC1AbOZGb5X+LiW72rLORZfNEM6qa0=
Subject key identifier: 39:E6:84:00:F8:F3:44:B6:29:15:6F:B3:28:CC:6D:78:10:AC:C2:2A
Certificate issuer: /CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Certificate serial: 01856FC286307B388C6992E6719FB0E21868
Authority key identifier: CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/OeaEAPjzRLYpFW-zKMxteBCswio.roa
Signing time: Sun 01 Jan 2023 23:54:57 +0000
ROA not before: Sun 01 Jan 2023 23:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60595
IP address blocks: 185.15.54.0/24 maxlen: 24
185.15.55.0/24 maxlen: 24
185.15.52.0/22 maxlen: 22
185.15.52.0/24 maxlen: 24
185.15.53.0/24 maxlen: 24
194.2.77.0/24 maxlen: 24
2a03:a2c0::/29 maxlen: 48
2a03:a2c0::/32 maxlen: 32
2a03:a2c2::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Aug 2023 07:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:86:30:7b:38:8c:69:92:e6:71:9f:b0:e2:18:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Validity
Not Before: Jan 1 23:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e68400f8f344b629156fb328cc6d7810acc22a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:21:b0:07:c5:81:b5:01:7f:f4:0f:d7:33:e0:
0d:6d:ae:6d:c7:04:09:ad:f4:d1:42:a3:ee:fb:1c:
bf:0d:01:3d:9c:a9:1e:92:7a:2c:60:89:9b:18:c9:
01:66:e1:6f:c0:77:5d:88:36:fb:b5:a0:f2:33:97:
4d:f6:71:5f:9b:d6:10:bf:ba:57:dd:a1:f0:61:9f:
da:dc:a7:42:f4:26:83:17:ef:85:1a:ce:86:28:53:
df:87:00:dd:29:86:5a:43:90:1f:2e:19:ec:00:86:
3f:49:9d:33:2a:f3:2d:ef:a5:58:fc:6a:c7:6c:66:
a8:f5:09:ad:84:6f:a0:87:84:bf:e3:57:f5:61:20:
cd:e8:45:49:25:07:b9:7c:59:64:ad:c5:da:44:93:
74:06:7c:1b:94:cb:7f:8e:a4:de:6b:2f:cd:26:dc:
14:d1:fc:ae:2d:28:aa:9e:91:7b:f7:0b:76:77:99:
0e:f7:7c:2c:6b:a2:ba:8b:8a:5d:9e:d6:4a:97:d6:
d0:10:28:33:83:69:68:c3:61:90:57:ba:46:cf:7a:
10:3a:2a:31:f5:8e:6a:83:73:a4:4a:bf:2a:78:8d:
76:5e:ba:f1:d7:c1:0d:66:56:14:d2:d4:02:dc:c5:
76:e3:1d:d8:3f:61:5b:d6:fd:c9:80:43:55:9f:89:
70:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E6:84:00:F8:F3:44:B6:29:15:6F:B3:28:CC:6D:78:10:AC:C2:2A
X509v3 Authority Key Identifier:
keyid:CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/OeaEAPjzRLYpFW-zKMxteBCswio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.52.0/22
194.2.77.0/24
IPv6:
2a03:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:75:85:cb:7f:23:bc:80:de:c2:de:ca:88:40:43:23:cc:22:
b0:b5:67:ec:28:42:33:2c:b4:6b:30:76:29:71:b0:8d:2f:81:
91:4b:fc:37:69:32:e8:18:e2:12:a7:f6:91:03:5a:69:b1:32:
58:88:a8:d1:bd:91:3b:15:33:b1:2c:e0:c9:3d:78:74:5d:6e:
44:62:40:be:f2:11:c4:09:48:7d:82:02:de:43:1b:fb:a7:ae:
2e:fe:0c:af:2b:3d:62:bc:69:86:64:d9:43:50:c1:3b:95:01:
34:0d:39:6c:9e:1e:f8:58:57:71:83:3e:da:53:26:85:0c:63:
ca:16:c0:7a:18:01:9e:de:e0:9c:aa:60:e5:05:17:2a:6c:c4:
3c:e1:8f:75:dd:f4:f0:06:9b:f8:cb:9b:d3:37:1b:52:44:29:
99:cd:17:5a:4e:c3:f7:62:87:a8:3b:02:09:3a:f0:c6:fc:24:
4c:b8:08:4e:80:f0:e4:ea:55:b0:be:3c:a9:2c:ca:1b:1d:0a:
36:9e:9a:f0:08:ee:d2:de:2f:bb:ab:02:d7:ad:5c:c9:88:d7:
7e:20:14:bc:78:e2:6c:2c:13:12:5e:62:8a:f9:00:26:72:7b:
59:f5:6a:9c:e5:08:24:17:d5:a0:91:f1:b3:9e:ad:a0:21:b3:
f0:85:9c:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwoYweziMaZLmcZ+w4hhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmY4ZDZkZWMzOTIwYmM3M2YwOTdmZGY1NmNhZjEwYjUy
ZGI0NTUwHhcNMjMwMTAxMjM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU2ODQwMGY4ZjM0NGI2MjkxNTZmYjMyOGNjNmQ3ODEwYWNjMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSGwB8WBtQF/9A/XM+ANba5txwQJ
rfTRQqPu+xy/DQE9nKkeknosYImbGMkBZuFvwHddiDb7taDyM5dN9nFfm9YQv7pX
3aHwYZ/a3KdC9CaDF++FGs6GKFPfhwDdKYZaQ5AfLhnsAIY/SZ0zKvMt76VY/GrH
bGao9QmthG+gh4S/41f1YSDN6EVJJQe5fFlkrcXaRJN0BnwblMt/jqTeay/NJtwU
0fyuLSiqnpF79wt2d5kO93wsa6K6i4pdntZKl9bQECgzg2low2GQV7pGz3oQOiox
9Y5qg3OkSr8qeI12Xrrx18ENZlYU0tQC3MV24x3YP2Fb1v3JgENVn4lwrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDnmhAD480S2KRVvsyjMbXgQrMIqMB8GA1UdIwQY
MBaAFM6/jW3sOSC8c/CX/fVsrxC1LbRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEt
YjVlNTcwMGZjNzc0LzEvT2VhRUFQanpSTFlwRlctektNeHRlQkNzd2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEtYjVlNTcwMGZjNzc0
LzEvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQ80AwQA
wgJNMA0EAgACMAcDBQMqA6LAMA0GCSqGSIb3DQEBCwUAA4IBAQBMdYXLfyO8gN7C
3sqIQEMjzCKwtWfsKEIzLLRrMHYpcbCNL4GRS/w3aTLoGOISp/aRA1ppsTJYiKjR
vZE7FTOxLODJPXh0XW5EYkC+8hHECUh9ggLeQxv7p64u/gyvKz1ivGmGZNlDUME7
lQE0DTlsnh74WFdxgz7aUyaFDGPKFsB6GAGe3uCcqmDlBRcqbMQ84Y913fTwBpv4
y5vTNxtSRCmZzRdaTsP3YoeoOwIJOvDG/CRMuAhOgPDk6lWwvjypLMobHQo2nprw
CO7S3i+7qwLXrVzJiNd+IBS8eOJsLBMSXmKK+QAmcntZ9Wqc5QgkF9WgkfGznq2g
IbPwhZxk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:27 2024 by rpki-client on console-ams.rpki-client.org