Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/h2CQiMwF_yCoqKm7JUp85Oe6aFk.roa
File: h2CQiMwF_yCoqKm7JUp85Oe6aFk.roa (raw, json)
Hash identifier: olFk5vt6buU3Pw3ID0xHuaFgR1OiGksQjs0Hr+UaNO8=
Subject key identifier: 87:60:90:88:CC:05:FF:20:A8:A8:A9:BB:25:4A:7C:E4:E7:BA:68:59
Certificate issuer: /CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Certificate serial: 018CCA29835F2FEAEA136F6C7805E45451C4
Authority key identifier: E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/h2CQiMwF_yCoqKm7JUp85Oe6aFk.roa
Signing time: Tue 02 Jan 2024 12:32:47 +0000
ROA not before: Tue 02 Jan 2024 12:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57736
IP address blocks: 185.59.104.0/23 maxlen: 24
185.59.106.0/23 maxlen: 24
2a04:e3c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:83:5f:2f:ea:ea:13:6f:6c:78:05:e4:54:51:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e60064dcf719ed8999da792f6fbfc3fe9bc70898
Validity
Not Before: Jan 2 12:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87609088cc05ff20a8a8a9bb254a7ce4e7ba6859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:4b:b4:ad:15:7f:20:9d:87:0e:9b:00:f7:
7e:69:8b:8e:af:4d:b5:e2:0a:b9:6f:47:62:c1:53:
9b:cb:b2:3c:4e:b2:84:63:04:18:98:e1:b9:f0:d4:
88:45:27:00:d8:5d:1f:9e:be:82:36:f3:e9:49:01:
37:d3:77:38:15:b4:a2:0d:76:3e:90:22:63:97:ff:
ac:2c:af:e5:75:5d:69:79:40:4e:ac:ac:d7:ba:0d:
c0:6a:00:a3:2f:69:54:86:c6:59:ea:aa:4f:61:44:
6a:52:5a:13:13:fe:79:dc:49:15:44:c4:a7:bb:42:
88:a0:02:be:ad:1c:f6:1d:6c:7c:8c:06:ca:ae:3c:
7f:14:1b:d5:eb:c0:ac:00:d3:c2:42:ef:0c:0d:0d:
e1:07:8d:82:57:2a:31:04:1b:36:51:68:1d:d7:6a:
63:10:4e:26:c6:a4:a2:9c:59:d4:a7:01:75:63:73:
7f:8e:07:b6:1f:c7:21:93:96:1b:93:41:ce:1a:a0:
b4:ca:98:62:2e:7e:83:0b:2d:73:6e:84:93:14:d3:
d9:60:d2:24:3d:9b:13:cc:39:e2:8b:10:9f:94:fc:
c6:da:6b:7b:60:78:76:1d:0e:82:1a:55:bf:c6:eb:
cd:e2:e5:c3:94:1c:bc:e3:65:b6:5d:43:9d:55:80:
f1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:60:90:88:CC:05:FF:20:A8:A8:A9:BB:25:4A:7C:E4:E7:BA:68:59
X509v3 Authority Key Identifier:
keyid:E6:00:64:DC:F7:19:ED:89:99:DA:79:2F:6F:BF:C3:FE:9B:C7:08:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/h2CQiMwF_yCoqKm7JUp85Oe6aFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/734e0c-786e-4631-a923-e8b8fcc41e85/1/5gBk3PcZ7YmZ2nkvb7_D_pvHCJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.104.0/22
IPv6:
2a04:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:0f:30:c8:d2:29:20:bc:e0:a1:82:da:5c:9e:ff:20:e6:2e:
17:b5:f0:a2:a9:75:34:f5:3f:1d:37:50:5c:cb:ec:28:f5:f1:
44:c5:90:9e:a7:55:68:8c:3e:f9:a8:a5:8f:81:5a:7d:35:0a:
29:5f:09:2d:26:68:fa:11:ac:ca:4c:11:18:eb:8d:ed:66:7e:
01:79:e1:28:c8:2c:cf:63:b7:7f:84:a1:e3:be:49:a9:cb:a1:
98:83:98:df:f0:86:15:11:37:03:85:99:3d:bc:0a:e4:fb:43:
8f:45:14:19:02:1a:34:d0:a3:91:4b:31:27:c5:48:30:97:c4:
1a:80:7b:98:78:eb:2a:9e:c2:82:b9:bb:e4:fd:04:14:44:39:
7e:de:60:c4:81:ba:35:20:4d:83:a8:e0:8f:77:bc:23:6f:55:
3d:41:94:40:59:f5:d9:7e:05:de:ff:73:a6:83:c3:09:90:c3:
12:e1:0a:39:e8:0f:84:c7:07:20:76:99:f7:0a:91:00:fa:7a:
c3:61:5f:bf:ea:f1:a7:18:ce:f6:2a:80:24:c8:03:7f:d8:61:
80:ad:9e:ec:f4:2b:4c:c0:f5:2c:c6:79:bc:a3:a5:f7:b9:2f:
f6:1a:3c:86:7c:d6:f8:9f:86:06:3d:38:65:d5:a1:a6:70:12:
30:61:53:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKYNfL+rqE29seAXkVFHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MDA2NGRjZjcxOWVkODk5OWRhNzkyZjZmYmZjM2ZlOWJj
NzA4OTgwHhcNMjQwMTAyMTIzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYwOTA4OGNjMDVmZjIwYThhOGE5YmIyNTRhN2NlNGU3YmE2ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmttLtK0VfyCdhw6bAPd+aYuOr021
4gq5b0diwVOby7I8TrKEYwQYmOG58NSIRScA2F0fnr6CNvPpSQE303c4FbSiDXY+
kCJjl/+sLK/ldV1peUBOrKzXug3AagCjL2lUhsZZ6qpPYURqUloTE/553EkVRMSn
u0KIoAK+rRz2HWx8jAbKrjx/FBvV68CsANPCQu8MDQ3hB42CVyoxBBs2UWgd12pj
EE4mxqSinFnUpwF1Y3N/jge2H8chk5Ybk0HOGqC0yphiLn6DCy1zboSTFNPZYNIk
PZsTzDniixCflPzG2mt7YHh2HQ6CGlW/xuvN4uXDlBy842W2XUOdVYDxgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIdgkIjMBf8gqKipuyVKfOTnumhZMB8GA1UdIwQY
MBaAFOYAZNz3Ge2Jmdp5L2+/w/6bxwiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWdCazNQY1o3WW1aMm5rdmI3X0RfcHZIQ0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83MzRlMGMtNzg2ZS00NjMxLWE5MjMt
ZThiOGZjYzQxZTg1LzEvaDJDUWlNd0ZfeUNvcUttN0pVcDg1T2U2YUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83MzRlMGMtNzg2ZS00NjMxLWE5MjMtZThiOGZjYzQxZTg1
LzEvNWdCazNQY1o3WW1aMm5rdmI3X0RfcHZIQ0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTtoMA0E
AgACMAcDBQMqBOPAMA0GCSqGSIb3DQEBCwUAA4IBAQC4DzDI0ikgvOChgtpcnv8g
5i4XtfCiqXU09T8dN1Bcy+wo9fFExZCep1VojD75qKWPgVp9NQopXwktJmj6EazK
TBEY643tZn4BeeEoyCzPY7d/hKHjvkmpy6GYg5jf8IYVETcDhZk9vArk+0OPRRQZ
Aho00KORSzEnxUgwl8QagHuYeOsqnsKCubvk/QQURDl+3mDEgbo1IE2DqOCPd7wj
b1U9QZRAWfXZfgXe/3Omg8MJkMMS4Qo56A+Exwcgdpn3CpEA+nrDYV+/6vGnGM72
KoAkyAN/2GGArZ7s9CtMwPUsxnm8o6X3uS/2GjyGfNb4n4YGPThl1aGmcBIwYVNi
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:37 2025 by rpki-client