Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/pQiEwm92bTReGyMjErpDpaUXY34.roa
File: pQiEwm92bTReGyMjErpDpaUXY34.roa (raw, json)
Hash identifier: n6D1YpL0G2jHyM3wHcI5fL6ufIYOMGxEsu+9S9b0Sf8=
Subject key identifier: A5:08:84:C2:6F:76:6D:34:5E:1B:23:23:12:BA:43:A5:A5:17:63:7E
Certificate issuer: /CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Certificate serial: 018570796BE914D83488B540C6F3100AC9B2
Authority key identifier: 54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/pQiEwm92bTReGyMjErpDpaUXY34.roa
Signing time: Mon 02 Jan 2023 03:14:43 +0000
ROA not before: Mon 02 Jan 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62163
IP address blocks: 185.99.166.0/24 maxlen: 24
185.99.164.0/24 maxlen: 24
185.99.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 13:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6b:e9:14:d8:34:88:b5:40:c6:f3:10:0a:c9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Validity
Not Before: Jan 2 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a50884c26f766d345e1b232312ba43a5a517637e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:74:cc:60:af:35:2f:88:ec:86:e1:36:d3:
0e:a8:3e:bd:d3:e6:f1:cb:ea:38:08:a3:e7:a4:11:
eb:91:18:3a:6e:1c:75:dd:91:0e:c5:ce:2e:05:a3:
15:14:48:99:57:57:24:c4:92:52:43:46:b7:d0:c5:
05:f6:fd:02:09:2c:2b:8b:78:7c:28:61:75:f5:ee:
d2:b5:2a:e3:b7:39:e4:60:a3:45:4c:bb:15:5c:4e:
96:65:ec:d7:bb:fc:e4:94:21:f9:e8:9a:bc:f9:34:
fa:64:a6:6f:ef:b7:7b:61:6b:cf:4f:41:3d:09:f9:
2b:37:8c:95:93:1b:5b:da:70:9f:21:81:b1:a2:9e:
4a:5d:1c:fa:57:7f:d6:3f:49:64:01:5d:2b:b2:7b:
86:f6:7e:6c:15:ce:55:00:ab:81:da:f9:c8:a3:66:
01:79:a7:45:98:3e:6b:8c:b8:9f:a8:81:39:18:8b:
8e:20:6a:90:43:d0:60:fb:25:dc:57:0d:9d:34:89:
eb:50:64:86:a8:a4:10:0c:a6:da:96:97:3b:05:e6:
6a:13:df:53:2d:60:4c:24:54:de:59:15:b9:d6:0c:
70:b4:43:97:6c:f5:1f:b8:2d:84:0d:8f:88:0b:82:
86:f2:78:c5:6f:72:68:82:76:b1:3e:b0:32:f1:f3:
2e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:08:84:C2:6F:76:6D:34:5E:1B:23:23:12:BA:43:A5:A5:17:63:7E
X509v3 Authority Key Identifier:
keyid:54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/pQiEwm92bTReGyMjErpDpaUXY34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/VAxPdC_TKaNvzSnE65hOX0lRXZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.164.0/24
185.99.166.0/23
Signature Algorithm: sha256WithRSAEncryption
81:c8:66:ec:f6:f5:27:18:60:82:45:05:3d:01:23:e3:67:6d:
fe:03:dd:f5:49:0d:91:a9:5f:3e:7d:8b:e0:5e:e8:1d:26:c4:
6c:c3:df:0c:9d:cd:43:33:42:29:42:01:ca:d4:37:8b:f8:d0:
dc:56:60:1f:fd:b1:b6:f5:93:92:98:8e:90:f8:e0:9c:a1:af:
36:42:dc:c0:d4:0c:6e:81:dc:e0:66:8b:3a:a3:b8:97:8c:78:
3e:90:d5:7f:0e:5d:4a:36:bc:3a:77:44:72:25:94:41:48:6d:
4f:8e:4b:ef:48:86:b0:54:26:be:42:cf:8d:20:14:1c:40:f4:
a1:78:8f:1a:46:3d:73:97:78:37:71:58:df:ed:aa:07:86:4c:
4b:29:54:f3:d9:80:a7:93:6c:7d:8d:42:b5:e5:c0:00:c7:27:
06:1b:42:bd:02:73:5d:7f:35:56:ca:69:db:ed:c8:f2:65:06:
4c:fa:1c:47:82:cd:eb:dc:4a:bd:18:8a:76:80:ae:57:13:46:
93:ff:b9:9e:98:ff:43:48:25:ca:c2:18:79:82:0e:56:e3:67:
bd:3c:85:cc:5c:46:97:18:66:f2:d7:af:35:2c:45:0d:69:4d:
a4:7f:a1:f8:a2:b8:b3:df:5c:c2:22:03:b6:43:da:73:02:3b:
b9:c6:e6:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVweWvpFNg0iLVAxvMQCsmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MGM0Zjc0MmZkMzI5YTM2ZmNkMjljNGViOTg0ZTVmNDk1
MTVkOTkwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA4ODRjMjZmNzY2ZDM0NWUxYjIzMjMxMmJhNDNhNWE1MTc2MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw510zGCvNS+I7IbhNtMOqD690+bx
y+o4CKPnpBHrkRg6bhx13ZEOxc4uBaMVFEiZV1ckxJJSQ0a30MUF9v0CCSwri3h8
KGF19e7StSrjtznkYKNFTLsVXE6WZezXu/zklCH56Jq8+TT6ZKZv77d7YWvPT0E9
CfkrN4yVkxtb2nCfIYGxop5KXRz6V3/WP0lkAV0rsnuG9n5sFc5VAKuB2vnIo2YB
eadFmD5rjLifqIE5GIuOIGqQQ9Bg+yXcVw2dNInrUGSGqKQQDKbalpc7BeZqE99T
LWBMJFTeWRW51gxwtEOXbPUfuC2EDY+IC4KG8njFb3JognaxPrAy8fMudQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKUIhMJvdm00XhsjIxK6Q6WlF2N+MB8GA1UdIwQY
MBaAFFQMT3Qv0ymjb80pxOuYTl9JUV2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQt
Y2ZiMGQwNDkzYzNhLzEvcFFpRXdtOTJiVFJlR3lNakVycERwYVVYWTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQtY2ZiMGQwNDkzYzNh
LzEvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWOkAwQB
uWOmMA0GCSqGSIb3DQEBCwUAA4IBAQCByGbs9vUnGGCCRQU9ASPjZ23+A931SQ2R
qV8+fYvgXugdJsRsw98Mnc1DM0IpQgHK1DeL+NDcVmAf/bG29ZOSmI6Q+OCcoa82
QtzA1AxugdzgZos6o7iXjHg+kNV/Dl1KNrw6d0RyJZRBSG1PjkvvSIawVCa+Qs+N
IBQcQPSheI8aRj1zl3g3cVjf7aoHhkxLKVTz2YCnk2x9jUK15cAAxycGG0K9AnNd
fzVWymnb7cjyZQZM+hxHgs3r3Eq9GIp2gK5XE0aT/7memP9DSCXKwhh5gg5W42e9
PIXMXEaXGGby1681LEUNaU2kf6H4oriz31zCIgO2Q9pzAju5xubH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:50 2024 by rpki-client on console-fra.rpki-client.org