Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/espExrP-gkMEruW-PlKA5jR8jts.roa
File: espExrP-gkMEruW-PlKA5jR8jts.roa (raw, json)
Hash identifier: 1C6tlfM0AYxM04rrGZLfc8yReqMKeimN39vm1rrnKk8=
Subject key identifier: 7A:CA:44:C6:B3:FE:82:43:04:AE:E5:BE:3E:52:80:E6:34:7C:8E:DB
Certificate issuer: /CN=5d7f63401407c1cc797b17034e813d2254f9773e
Certificate serial: 018570C2ABA4B141960D78C44C9A9D3EAB43
Authority key identifier: 5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/espExrP-gkMEruW-PlKA5jR8jts.roa
Signing time: Mon 02 Jan 2023 04:34:44 +0000
ROA not before: Mon 02 Jan 2023 04:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59895
IP address blocks: 194.26.222.0/24 maxlen: 24
185.65.206.0/24 maxlen: 24
185.65.205.0/24 maxlen: 24
185.65.204.0/24 maxlen: 24
185.65.207.0/24 maxlen: 24
2a05:300:1::/48 maxlen: 48
2a05:300:2::/48 maxlen: 48
2a05:300::/48 maxlen: 48
2a05:300:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:ab:a4:b1:41:96:0d:78:c4:4c:9a:9d:3e:ab:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7f63401407c1cc797b17034e813d2254f9773e
Validity
Not Before: Jan 2 04:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7aca44c6b3fe824304aee5be3e5280e6347c8edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:86:6c:a3:49:0e:a7:67:d3:19:3a:c4:30:ff:
13:5f:b8:a2:a0:84:04:12:7f:e2:a0:24:6f:73:dc:
d5:3f:c1:4a:54:79:4b:99:98:f0:8e:54:9c:67:7d:
e9:1b:8b:38:1d:66:be:48:b3:90:b6:f6:78:92:bc:
22:49:01:22:0b:78:2a:10:06:06:4d:81:21:9f:27:
91:b5:3d:14:24:d2:8f:16:07:c7:d5:94:e4:9a:0e:
2d:b0:7e:e6:14:07:04:56:9a:a5:c2:67:70:a6:d8:
9c:6a:c8:b7:e7:95:a7:b1:ca:df:d4:f9:6a:14:a6:
b8:f1:87:39:c0:37:fb:4e:88:b6:40:26:45:80:63:
be:c7:4e:4b:7f:35:54:08:99:1a:a1:e2:85:59:87:
b2:a3:d5:7a:37:cd:a0:61:8d:df:0f:16:df:91:74:
40:d1:13:2f:73:2c:4a:79:fe:cd:49:79:45:91:38:
50:86:d8:53:0c:ea:b2:05:b7:8f:32:32:be:1e:41:
3d:37:56:30:9e:5c:89:19:00:52:57:89:f6:13:f3:
26:9a:cb:f9:9f:4a:92:67:90:74:91:29:15:0c:75:
fd:77:b1:db:c9:73:36:f4:07:5d:93:4d:2a:68:66:
c2:41:24:47:82:bb:95:22:3a:cc:d0:4b:2f:72:19:
d6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CA:44:C6:B3:FE:82:43:04:AE:E5:BE:3E:52:80:E6:34:7C:8E:DB
X509v3 Authority Key Identifier:
keyid:5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/espExrP-gkMEruW-PlKA5jR8jts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.204.0/22
194.26.222.0/24
IPv6:
2a05:300::/46
Signature Algorithm: sha256WithRSAEncryption
ad:7c:bd:b9:cc:bf:d4:57:33:64:c7:48:14:62:03:58:17:79:
25:03:96:cd:1c:ea:28:71:74:00:34:d3:60:4e:a6:1c:d5:ff:
c4:71:eb:4a:d5:95:47:1f:1c:ab:d9:2d:3f:9f:8c:17:c8:be:
13:98:2f:48:d9:75:3a:0b:46:64:73:f9:91:f0:84:82:c7:d7:
29:10:61:06:5f:01:98:2d:13:cb:95:7f:06:b1:7d:c3:d2:fb:
de:f7:53:eb:88:c9:2d:da:76:29:b3:35:ee:3d:29:e6:78:c5:
13:b6:c4:61:81:25:d7:e4:8c:1a:7c:b0:21:d7:d5:53:0c:b3:
13:ae:e1:a6:48:ab:8a:33:62:55:85:46:d5:32:4a:c4:cc:04:
fa:a9:d8:82:32:a4:23:14:bf:c2:fe:7a:96:bc:a1:04:b1:2d:
1c:0b:94:87:dc:b9:08:b6:90:40:5e:2c:4e:d5:d3:aa:6b:22:
5c:f7:87:bb:2a:04:07:93:90:7e:74:09:97:fa:4b:d0:75:4d:
3b:87:f9:83:ad:b8:46:19:aa:0f:39:8b:14:45:39:3d:fd:b9:
58:3a:6d:79:c3:1f:ba:8c:a3:dd:59:1c:61:25:cc:b6:0a:98:
c1:7b:4a:00:4c:6e:37:4a:e5:04:4d:29:85:b3:5b:7c:33:66:
65:72:d5:14
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwwquksUGWDXjETJqdPqtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2Y2MzQwMTQwN2MxY2M3OTdiMTcwMzRlODEzZDIyNTRm
OTc3M2UwHhcNMjMwMTAyMDQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNhNDRjNmIzZmU4MjQzMDRhZWU1YmUzZTUyODBlNjM0N2M4ZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIZso0kOp2fTGTrEMP8TX7iioIQE
En/ioCRvc9zVP8FKVHlLmZjwjlScZ33pG4s4HWa+SLOQtvZ4krwiSQEiC3gqEAYG
TYEhnyeRtT0UJNKPFgfH1ZTkmg4tsH7mFAcEVpqlwmdwpticasi355Wnscrf1Plq
FKa48Yc5wDf7Toi2QCZFgGO+x05LfzVUCJkaoeKFWYeyo9V6N82gYY3fDxbfkXRA
0RMvcyxKef7NSXlFkThQhthTDOqyBbePMjK+HkE9N1YwnlyJGQBSV4n2E/Mmmsv5
n0qSZ5B0kSkVDHX9d7HbyXM29Addk00qaGbCQSRHgruVIjrM0EsvchnWGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHrKRMaz/oJDBK7lvj5SgOY0fI7bMB8GA1UdIwQY
MBaAFF1/Y0AUB8HMeXsXA06BPSJU+Xc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMt
MzNmYjE0NTJiYjBhLzEvZXNwRXhyUC1na01FcnVXLVBsS0E1alI4anRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMtMzNmYjE0NTJiYjBh
LzEvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUHMAwQA
whreMA8EAgACMAkDBwIqBQMAAAAwDQYJKoZIhvcNAQELBQADggEBAK18vbnMv9RX
M2THSBRiA1gXeSUDls0c6ihxdAA002BOphzV/8Rx60rVlUcfHKvZLT+fjBfIvhOY
L0jZdToLRmRz+ZHwhILH1ykQYQZfAZgtE8uVfwaxfcPS+973U+uIyS3adimzNe49
KeZ4xRO2xGGBJdfkjBp8sCHX1VMMsxOu4aZIq4ozYlWFRtUySsTMBPqp2IIypCMU
v8L+epa8oQSxLRwLlIfcuQi2kEBeLE7V06prIlz3h7sqBAeTkH50CZf6S9B1TTuH
+YOtuEYZqg85ixRFOT39uVg6bXnDH7qMo91ZHGElzLYKmMF7SgBMbjdK5QRNKYWz
W3wzZmVy1RQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org