Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/N6eMAnX4MErhe-Yf_rlL7EGaCqs.roa
File: N6eMAnX4MErhe-Yf_rlL7EGaCqs.roa (raw, json)
Hash identifier: cloy8jR34+YgvXpb8B6u8jLoBA+Uy5f+Pku7j8xAbqk=
Subject key identifier: 37:A7:8C:02:75:F8:30:4A:E1:7B:E6:1F:FE:B9:4B:EC:41:9A:0A:AB
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 0185722809648B237D79E60431A5A399DDA8
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/N6eMAnX4MErhe-Yf_rlL7EGaCqs.roa
Signing time: Mon 02 Jan 2023 11:05:04 +0000
ROA not before: Mon 02 Jan 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39398
IP address blocks: 5.199.230.0/24 maxlen: 24
5.199.229.0/24 maxlen: 24
5.199.228.0/24 maxlen: 24
5.199.231.0/24 maxlen: 24
185.119.251.0/24 maxlen: 24
185.119.250.0/24 maxlen: 24
185.119.249.0/24 maxlen: 24
185.119.248.0/22 maxlen: 22
185.119.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:09:64:8b:23:7d:79:e6:04:31:a5:a3:99:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Jan 2 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37a78c0275f8304ae17be61ffeb94bec419a0aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6b:73:d0:06:91:2b:6f:2a:6b:67:c6:67:b1:
b7:eb:cb:26:c3:35:b9:97:af:18:55:88:4d:85:29:
ff:cf:c5:96:13:d3:ac:1a:03:46:e7:6f:77:8b:c4:
7c:41:89:a1:7d:5a:be:83:69:b7:46:57:81:71:06:
b9:f4:06:5c:28:75:07:43:50:c3:df:24:21:80:ae:
0f:5d:60:96:dc:e8:83:0d:71:1d:47:05:90:17:50:
ee:40:35:ca:0d:50:99:85:04:1c:35:5d:f5:2a:04:
61:6c:92:fc:14:ff:8e:ff:f7:77:f6:d8:88:b3:dc:
41:0c:9b:80:39:6b:a1:fe:6e:9b:82:2c:c0:33:d6:
df:fb:c7:cc:58:75:f7:be:2c:d4:c4:a1:34:27:a0:
5b:2c:f0:92:46:ac:a6:9b:89:90:e4:9e:05:52:d2:
47:ea:c8:4c:74:98:ba:4c:15:68:24:4f:3d:cd:1d:
77:15:54:5d:a1:59:86:e8:67:ff:60:82:d2:bd:66:
b2:18:da:c9:a3:d4:ce:d9:45:e5:49:38:23:1e:b9:
5b:45:0f:48:ef:f1:3b:69:f8:07:1a:fb:a1:95:cf:
35:a0:34:07:d6:b3:dc:9a:e1:c8:c2:1d:58:27:d5:
41:36:80:f3:be:46:c9:df:32:d5:63:e0:ca:4f:5f:
7b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A7:8C:02:75:F8:30:4A:E1:7B:E6:1F:FE:B9:4B:EC:41:9A:0A:AB
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/N6eMAnX4MErhe-Yf_rlL7EGaCqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.228.0/22
185.119.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:e8:5b:15:b7:e3:c9:f3:de:b4:78:4b:59:ba:55:39:15:f7:
d5:00:cb:b9:44:20:90:80:fb:c5:8c:91:4e:76:75:8e:2b:4b:
38:44:e0:ac:21:38:ef:35:7e:88:e4:66:c3:c5:f2:10:2e:ad:
a9:f8:a1:23:ac:52:d0:57:08:21:0d:b7:de:2c:cf:bb:c9:31:
07:a5:a1:e6:b2:bf:e9:35:5a:d1:49:46:ae:c7:7f:cb:2a:8b:
cc:61:96:fa:d8:10:03:15:9a:2b:51:0f:09:02:94:c6:e6:38:
87:fc:5f:c6:ef:2a:02:21:59:ca:cd:7d:b8:99:8b:f4:2c:84:
c0:c5:5f:30:d3:6a:d6:ca:31:2d:fd:8d:f8:41:be:8c:7e:90:
1c:59:dd:fd:d6:ef:77:fe:ba:07:1f:3c:49:a2:cf:d1:91:dc:
9f:46:6c:39:f7:63:2c:04:1c:00:b8:2d:f0:ff:69:46:55:15:
c7:db:9a:e9:5f:57:62:05:c8:2e:df:cb:ce:19:d9:b6:ef:e4:
7a:03:fc:53:48:31:da:8f:07:1f:d4:59:58:98:17:ce:9a:5d:
97:84:ee:05:c4:90:fb:1f:51:6e:f2:75:e5:1a:c8:1f:b9:cd:
c0:9c:53:da:32:dc:d2:e4:c2:14:16:75:e4:88:e0:eb:cd:c0:
9c:4b:07:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyKAlkiyN9eeYEMaWjmd2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWE4ODdlNzY1M2EyZGU0NGYxMzE2M2UxODcwMzczMjZh
MjlhMDMwHhcNMjMwMTAyMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2E3OGMwMjc1ZjgzMDRhZTE3YmU2MWZmZWI5NGJlYzQxOWEwYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mtz0AaRK28qa2fGZ7G368smwzW5
l68YVYhNhSn/z8WWE9OsGgNG5293i8R8QYmhfVq+g2m3RleBcQa59AZcKHUHQ1DD
3yQhgK4PXWCW3OiDDXEdRwWQF1DuQDXKDVCZhQQcNV31KgRhbJL8FP+O//d39tiI
s9xBDJuAOWuh/m6bgizAM9bf+8fMWHX3vizUxKE0J6BbLPCSRqymm4mQ5J4FUtJH
6shMdJi6TBVoJE89zR13FVRdoVmG6Gf/YILSvWayGNrJo9TO2UXlSTgjHrlbRQ9I
7/E7afgHGvuhlc81oDQH1rPcmuHIwh1YJ9VBNoDzvkbJ3zLVY+DKT197vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDenjAJ1+DBK4XvmH/65S+xBmgqrMB8GA1UdIwQY
MBaAFL4aiH52U6LeRPExY+GHA3MmopoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYt
ODZjNTQxY2E5ZDcxLzEvTjZlTUFuWDRNRXJoZS1ZZl9ybEw3RUdhQ3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYtODZjNTQxY2E5ZDcx
LzEvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBcfkAwQC
uXf4MA0GCSqGSIb3DQEBCwUAA4IBAQB+6FsVt+PJ8960eEtZulU5FffVAMu5RCCQ
gPvFjJFOdnWOK0s4ROCsITjvNX6I5GbDxfIQLq2p+KEjrFLQVwghDbfeLM+7yTEH
paHmsr/pNVrRSUaux3/LKovMYZb62BADFZorUQ8JApTG5jiH/F/G7yoCIVnKzX24
mYv0LITAxV8w02rWyjEt/Y34Qb6MfpAcWd391u93/roHHzxJos/RkdyfRmw592Ms
BBwAuC3w/2lGVRXH25rpX1diBcgu38vOGdm27+R6A/xTSDHajwcf1FlYmBfOml2X
hO4FxJD7H1Fu8nXlGsgfuc3AnFPaMtzS5MIUFnXkiODrzcCcSwfI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:20 2024 by rpki-client on console-ams.rpki-client.org