Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/HiqTL4iLvzwQF_DPey9i7gT3QT4.roa
File: HiqTL4iLvzwQF_DPey9i7gT3QT4.roa (raw, json)
Hash identifier: m72U2Z892ZJpRLy2cSmRg0wUyL1QA6FsxvhEB4VhMBg=
Subject key identifier: 1E:2A:93:2F:88:8B:BF:3C:10:17:F0:CF:7B:2F:62:EE:04:F7:41:3E
Certificate issuer: /CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Certificate serial: 01856D93F4884E7A0B25E5A98740D2454356
Authority key identifier: E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/HiqTL4iLvzwQF_DPey9i7gT3QT4.roa
Signing time: Sun 01 Jan 2023 13:44:50 +0000
ROA not before: Sun 01 Jan 2023 13:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57736
IP address blocks: 185.59.104.0/23 maxlen: 24
185.59.106.0/23 maxlen: 24
2a04:e3c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f4:88:4e:7a:0b:25:e5:a9:87:40:d2:45:43:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Validity
Not Before: Jan 1 13:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e2a932f888bbf3c1017f0cf7b2f62ee04f7413e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:e6:24:d1:5f:2e:f6:06:53:77:31:54:64:
92:f6:b3:0e:99:06:cd:e2:0d:fe:e7:23:03:24:66:
85:cd:d3:ac:3a:92:29:30:59:05:e8:fc:cc:18:c8:
46:98:28:75:94:61:ed:d4:5c:cd:d6:a0:eb:e8:2c:
56:67:16:72:19:68:d8:e2:9f:01:50:ca:8e:25:ad:
14:ed:81:bd:6e:d6:1c:d5:57:6c:e6:8f:15:e2:d7:
51:12:58:35:0b:74:89:23:d3:3b:50:7e:e0:df:be:
84:53:a9:71:8b:4c:be:04:46:ad:6d:8f:b4:8e:c7:
3f:d2:87:c2:80:0c:6b:7d:1b:1d:07:cc:f7:1f:6a:
e6:66:d5:e2:19:37:86:7c:15:92:9a:45:ad:bd:f3:
0c:39:61:f8:16:04:b0:37:c5:55:96:65:29:30:fd:
f8:4e:c4:89:f5:d1:be:62:22:51:19:a4:ad:1e:45:
6c:66:87:56:08:d9:7b:4c:d3:45:0c:bf:04:22:6c:
14:8e:30:de:44:20:96:aa:d8:fb:57:c9:fb:da:93:
4d:24:a6:7f:4a:19:a8:79:7b:99:ea:fb:a7:6f:8f:
f5:5a:f7:c6:27:ab:e1:5c:05:44:2c:b4:0f:8b:33:
99:11:9b:f5:14:00:9e:ee:a0:53:f7:97:72:1d:ba:
74:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:2A:93:2F:88:8B:BF:3C:10:17:F0:CF:7B:2F:62:EE:04:F7:41:3E
X509v3 Authority Key Identifier:
keyid:E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/HiqTL4iLvzwQF_DPey9i7gT3QT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.104.0/22
IPv6:
2a04:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:5b:15:1c:b4:3a:b3:41:1e:dd:d7:b9:db:9e:8f:0a:3f:3d:
bd:d4:6f:21:ae:6c:9a:cd:a1:a8:c1:0d:92:29:e0:ab:e2:e3:
a6:75:0a:45:77:05:de:0c:8d:18:cd:8b:21:0b:a1:c8:4d:a2:
c5:68:64:b6:48:f2:ed:9d:18:d2:07:51:7f:e5:7f:1a:c8:9e:
74:19:f3:3b:7f:8c:47:2b:ac:f2:39:2b:df:f8:dc:85:ee:52:
e4:61:bf:bb:85:3d:78:6f:86:53:cc:17:fa:f6:07:b5:5d:cb:
7f:c8:a9:ef:0a:82:66:12:6b:31:2a:85:8e:2f:e2:61:cd:cc:
b3:bf:6a:6e:78:9a:bb:89:2a:43:87:5b:85:50:c8:33:4d:d4:
ee:0c:8e:0d:12:62:58:8d:05:bd:06:b0:f8:6e:38:86:9c:06:
e0:e1:ba:08:98:9c:da:9e:34:19:a0:55:91:78:d9:53:97:9a:
88:95:aa:cb:71:2d:89:40:a8:c0:99:3c:ed:50:8f:e8:95:ea:
66:7a:7a:c7:05:52:39:8d:a4:5f:79:88:f0:d2:ff:25:2f:21:
49:14:d5:1f:f2:11:d8:01:9d:03:33:5b:4f:25:a1:c7:af:7c:
66:10:dd:e3:69:a7:83:e4:1e:56:48:af:85:86:3e:9f:46:af:
71:fc:59:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtk/SITnoLJeWph0DSRUNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MDA2NGRjZjcxOWVkODk5OWRhNzkyZjZmYmZjM2ZlOWJj
NzA4OTgwHhcNMjMwMTAxMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTJhOTMyZjg4OGJiZjNjMTAxN2YwY2Y3YjJmNjJlZTA0Zjc0MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqfmJNFfLvYGU3cxVGSS9rMOmQbN
4g3+5yMDJGaFzdOsOpIpMFkF6PzMGMhGmCh1lGHt1FzN1qDr6CxWZxZyGWjY4p8B
UMqOJa0U7YG9btYc1Vds5o8V4tdRElg1C3SJI9M7UH7g376EU6lxi0y+BEatbY+0
jsc/0ofCgAxrfRsdB8z3H2rmZtXiGTeGfBWSmkWtvfMMOWH4FgSwN8VVlmUpMP34
TsSJ9dG+YiJRGaStHkVsZodWCNl7TNNFDL8EImwUjjDeRCCWqtj7V8n72pNNJKZ/
ShmoeXuZ6vunb4/1WvfGJ6vhXAVELLQPizOZEZv1FACe7qBT95dyHbp0JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB4qky+Ii788EBfwz3svYu4E90E+MB8GA1UdIwQY
MBaAFOYAZNz3Ge2Jmdp5L2+/w/6bxwiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWdCazNQY1o3WW1aMm5rdmI3X0RfcHZIQ0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83MzRlMGMtNzg2ZS00NjMxLWE5MjMt
ZThiOGZjYzQxZTg1LzEvSGlxVEw0aUx2endRRl9EUGV5OWk3Z1QzUVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83MzRlMGMtNzg2ZS00NjMxLWE5MjMtZThiOGZjYzQxZTg1
LzEvNWdCazNQY1o3WW1aMm5rdmI3X0RfcHZIQ0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTtoMA0E
AgACMAcDBQMqBOPAMA0GCSqGSIb3DQEBCwUAA4IBAQBNWxUctDqzQR7d17nbno8K
Pz291G8hrmyazaGowQ2SKeCr4uOmdQpFdwXeDI0YzYshC6HITaLFaGS2SPLtnRjS
B1F/5X8ayJ50GfM7f4xHK6zyOSvf+NyF7lLkYb+7hT14b4ZTzBf69ge1Xct/yKnv
CoJmEmsxKoWOL+Jhzcyzv2pueJq7iSpDh1uFUMgzTdTuDI4NEmJYjQW9BrD4bjiG
nAbg4boImJzanjQZoFWReNlTl5qIlarLcS2JQKjAmTztUI/olepmenrHBVI5jaRf
eYjw0v8lLyFJFNUf8hHYAZ0DM1tPJaHHr3xmEN3jaaeD5B5WSK+Fhj6fRq9x/FlV
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:11 2024 by rpki-client on console-fra.rpki-client.org