Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/cMY5OZLBNkEhZC1js1C_4_-XS_o.roa
File: cMY5OZLBNkEhZC1js1C_4_-XS_o.roa (raw, json)
Hash identifier: InnYV6WXRtJ8jP+Sj1Uk1Mv2TJiqkkLk/EvFEiy4EdQ=
Subject key identifier: 70:C6:39:39:92:C1:36:41:21:64:2D:63:B3:50:BF:E3:FF:97:4B:FA
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 01856FD4F856B1DEAAE633CD84E1F73F23FD
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/cMY5OZLBNkEhZC1js1C_4_-XS_o.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
185.220.56.0/24 maxlen: 24
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 10:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f8:56:b1:de:aa:e6:33:cd:84:e1:f7:3f:23:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c6393992c1364121642d63b350bfe3ff974bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:02:16:88:4c:4c:ae:c3:d5:ad:ae:2c:ed:
05:61:b7:79:56:ad:70:35:41:d1:17:7c:c6:1f:5f:
6b:e0:b2:0d:71:a0:42:d4:e4:3f:9c:d1:e1:3e:85:
b6:af:5c:52:a5:e6:0a:f6:4d:bc:20:f9:ae:11:3f:
a9:5c:2e:04:db:ce:c8:8d:1d:39:41:29:04:67:0d:
07:38:21:73:0c:b4:e8:7a:6f:b4:a7:89:4f:a0:c4:
18:1e:fa:22:2b:da:36:4f:5d:2b:69:a7:c1:53:ad:
0b:95:d0:71:8c:35:ae:33:49:78:69:aa:ec:92:6e:
6f:fd:5a:bf:a6:07:ba:b7:36:25:af:da:38:9d:57:
dd:b0:5a:d1:6e:ee:7f:db:5c:9e:26:d7:34:62:0d:
c2:0a:7d:ae:0d:2c:cb:e8:ec:66:d5:b9:0a:c4:61:
9d:ee:89:2d:4b:27:8a:b1:c6:58:80:43:e0:49:eb:
e5:82:43:a9:f1:3b:6e:47:74:05:2d:22:62:5b:71:
2f:a1:f1:6b:ab:65:5f:30:b2:73:70:0a:29:89:02:
a0:b7:70:87:e1:86:ec:69:5b:7f:a9:b1:03:15:c8:
bb:cd:68:0b:fa:9d:81:fe:57:90:58:95:a5:94:b5:
a1:cc:09:69:29:e8:01:26:9b:87:69:0d:f5:93:df:
0c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C6:39:39:92:C1:36:41:21:64:2D:63:B3:50:BF:E3:FF:97:4B:FA
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/cMY5OZLBNkEhZC1js1C_4_-XS_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.56.0/24
185.220.58.0/23
194.107.229.0/24
194.110.1.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
83:81:ff:62:f5:6f:bb:da:05:47:d1:d9:1b:d6:55:91:46:0c:
b2:be:21:89:f3:77:f1:c5:47:9e:c9:1f:87:8b:43:63:48:21:
c6:08:e6:4c:bf:89:f0:24:93:24:53:72:15:59:25:88:08:d7:
37:ee:d9:93:ba:b8:12:5e:7c:a7:50:b4:16:82:c9:12:7b:ff:
74:05:bc:46:13:cf:4d:c3:3c:6b:38:f4:a7:55:16:32:8c:90:
f4:cf:df:55:8c:dc:3e:b1:e7:af:df:a2:47:28:e7:0e:b9:06:
76:f3:6c:10:52:e7:b5:27:39:99:ce:1e:9e:71:55:66:33:21:
e1:ad:9b:a5:7e:bf:01:96:74:f4:ff:7b:c4:6f:24:1c:67:a8:
e6:1b:6b:a3:e6:63:b4:0c:b6:84:4a:51:d4:e0:75:7a:51:8c:
c3:de:2f:21:5c:86:68:f5:f9:47:55:f7:f2:a3:09:fb:3e:30:
6e:21:4a:f4:de:ee:cb:ef:e6:55:df:ca:ad:79:c1:38:85:97:
d0:87:74:c2:22:33:28:86:f0:f2:c4:9c:13:0d:fa:7b:b7:11:
51:eb:b9:47:c4:04:53:61:c6:d0:df:a1:b9:43:0a:79:5c:cc:
02:13:08:5c:c3:16:44:15:f6:35:6a:83:1c:86:56:3c:82:f6:
20:7b:5a:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVv1PhWsd6q5jPNhOH3PyP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM2MzkzOTkyYzEzNjQxMjE2NDJkNjNiMzUwYmZlM2ZmOTc0YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDACFohMTK7D1a2uLO0FYbd5Vq1w
NUHRF3zGH19r4LINcaBC1OQ/nNHhPoW2r1xSpeYK9k28IPmuET+pXC4E287IjR05
QSkEZw0HOCFzDLToem+0p4lPoMQYHvoiK9o2T10raafBU60LldBxjDWuM0l4aars
km5v/Vq/pge6tzYlr9o4nVfdsFrRbu5/21yeJtc0Yg3CCn2uDSzL6Oxm1bkKxGGd
7oktSyeKscZYgEPgSevlgkOp8TtuR3QFLSJiW3EvofFrq2VfMLJzcAopiQKgt3CH
4YbsaVt/qbEDFci7zWgL+p2B/leQWJWllLWhzAlpKegBJpuHaQ31k98MNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHDGOTmSwTZBIWQtY7NQv+P/l0v6MB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvY01ZNU9aTEJOa0VoWkMxanMxQ180Xy1YU19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAudw4AwQB
udw6AwQAwmvlAwQAwm4BAwQAwm4TMA0GCSqGSIb3DQEBCwUAA4IBAQCDgf9i9W+7
2gVH0dkb1lWRRgyyviGJ83fxxUeeyR+Hi0NjSCHGCOZMv4nwJJMkU3IVWSWICNc3
7tmTurgSXnynULQWgskSe/90BbxGE89NwzxrOPSnVRYyjJD0z99VjNw+seev36JH
KOcOuQZ282wQUue1JzmZzh6ecVVmMyHhrZulfr8BlnT0/3vEbyQcZ6jmG2uj5mO0
DLaESlHU4HV6UYzD3i8hXIZo9flHVffyown7PjBuIUr03u7L7+ZV38qtecE4hZfQ
h3TCIjMohvDyxJwTDfp7txFR67lHxARTYcbQ36G5Qwp5XMwCEwhcwxZEFfY1aoMc
hlY8gvYge1pb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:50 2024 by rpki-client on console-ams.rpki-client.org