Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tlY_HMs26xeQKPC6_n3pRczbXV8.roa
File: tlY_HMs26xeQKPC6_n3pRczbXV8.roa (raw, json)
Hash identifier: x9XfljWrgtE53vU5R+W7NaBQBOxL+TOHdO6n5DpWqnw=
Subject key identifier: B6:56:3F:1C:CB:36:EB:17:90:28:F0:BA:FE:7D:E9:45:CC:DB:5D:5F
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 018CCA2BA22650E01AE38C01E4AE17AE1A7C
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tlY_HMs26xeQKPC6_n3pRczbXV8.roa
Signing time: Tue 02 Jan 2024 12:35:06 +0000
ROA not before: Tue 02 Jan 2024 12:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6893
IP address blocks: 185.125.199.0/24 maxlen: 24
185.125.198.0/24 maxlen: 24
185.125.197.0/24 maxlen: 24
185.125.196.0/22 maxlen: 22
185.125.196.0/23 maxlen: 23
185.125.196.0/24 maxlen: 24
62.220.128.0/19 maxlen: 19
62.220.150.0/24 maxlen: 24
62.220.158.0/24 maxlen: 24
2001:788::/29 maxlen: 29
2001:788::/32 maxlen: 32
2001:789::/32 maxlen: 32
2001:78c::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 14 Jan 2024 12:24:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a2:26:50:e0:1a:e3:8c:01:e4:ae:17:ae:1a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Jan 2 12:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6563f1ccb36eb179028f0bafe7de945ccdb5d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3a:9c:e6:92:1f:85:af:87:d0:cf:62:f3:d6:
6b:78:54:9c:3a:80:1e:1d:a4:02:14:9f:b9:6d:b5:
04:2b:26:a1:9b:ae:99:62:3f:1f:ea:e3:39:a4:e5:
08:1b:ef:c9:2b:af:c9:56:df:b7:cb:77:7b:c6:2f:
75:d3:11:9d:d1:08:73:35:ad:4d:14:8c:b2:68:a0:
96:f4:05:52:18:40:99:b9:7d:c2:d5:3c:27:30:88:
26:af:75:dd:11:9f:bf:92:aa:eb:f8:ef:ce:b2:9e:
f8:83:4f:75:aa:89:9e:94:67:05:be:28:08:1f:1f:
11:61:c6:e6:86:3f:6e:af:59:02:eb:4e:87:f7:bf:
51:c6:96:37:96:90:33:ac:6c:e2:a6:65:48:21:f1:
27:8e:41:ad:b5:5a:85:93:d1:f6:2c:ba:e3:83:da:
90:35:6b:c4:ac:4a:e6:98:9a:79:ce:49:9b:b7:8e:
fb:d5:e3:cc:e5:fd:f7:5f:6b:7a:c9:9b:dc:ff:df:
df:b3:5f:b3:cb:18:6e:7d:ad:55:bc:70:56:fe:1b:
b5:81:0d:84:61:40:65:d6:45:c7:41:09:f4:82:fa:
7b:11:c4:07:a4:01:45:1d:f9:21:5f:0c:59:0d:21:
66:c5:f9:45:18:c1:cb:0f:d9:1e:d6:c8:c7:e7:94:
c6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:56:3F:1C:CB:36:EB:17:90:28:F0:BA:FE:7D:E9:45:CC:DB:5D:5F
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/tlY_HMs26xeQKPC6_n3pRczbXV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.128.0/19
185.125.196.0/22
IPv6:
2001:788::/29
Signature Algorithm: sha256WithRSAEncryption
80:6c:d1:8f:22:98:4c:a3:10:18:11:40:09:3a:2f:8c:6d:eb:
db:30:5d:73:dc:18:56:99:55:00:16:26:df:3d:76:45:c5:3d:
75:a3:2a:be:71:e3:ca:7f:0a:62:66:ef:cc:b1:0b:79:2c:94:
b9:23:44:67:2f:c7:16:4e:d9:1a:6f:41:b6:1e:73:37:92:e4:
55:a2:58:bf:ea:ce:99:0d:94:72:32:52:93:0a:8a:b0:67:85:
ea:23:d6:9c:7d:55:44:ee:13:91:15:78:01:9e:32:52:7d:da:
21:a4:2f:ef:06:8b:55:ba:9a:9a:3f:09:33:ab:4a:b5:e3:6a:
e8:ce:79:3d:c7:7a:d8:1a:58:bf:a9:00:89:8a:88:a0:6b:20:
c7:1e:f0:d1:aa:24:8b:81:a6:f3:fb:e5:2e:bb:51:47:79:03:
36:7a:b0:c5:be:b2:83:78:b7:b3:8b:8c:d0:8a:e6:c0:86:a7:
a3:c7:b5:99:89:f8:b0:60:12:e7:44:99:ac:36:40:4b:7a:cd:
57:1f:ed:68:2f:0f:65:1d:cd:8d:3e:08:df:f2:4f:82:6b:c8:
92:86:91:7e:36:7b:81:9b:c0:fe:f5:19:6d:56:b8:02:dc:79:
92:1f:cb:58:c8:ae:d0:bf:7d:57:af:13:55:e9:9c:78:eb:db:
d8:da:57:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKK6ImUOAa44wB5K4Xrhp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3
NDAwOTcwHhcNMjQwMTAyMTIzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU2M2YxY2NiMzZlYjE3OTAyOGYwYmFmZTdkZTk0NWNjZGI1ZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jqc5pIfha+H0M9i89ZreFScOoAe
HaQCFJ+5bbUEKyahm66ZYj8f6uM5pOUIG+/JK6/JVt+3y3d7xi910xGd0QhzNa1N
FIyyaKCW9AVSGECZuX3C1TwnMIgmr3XdEZ+/kqrr+O/Osp74g091qomelGcFvigI
Hx8RYcbmhj9ur1kC606H979RxpY3lpAzrGzipmVIIfEnjkGttVqFk9H2LLrjg9qQ
NWvErErmmJp5zkmbt4771ePM5f33X2t6yZvc/9/fs1+zyxhufa1VvHBW/hu1gQ2E
YUBl1kXHQQn0gvp7EcQHpAFFHfkhXwxZDSFmxflFGMHLD9ke1sjH55TGAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLZWPxzLNusXkCjwuv596UXM211fMB8GA1UdIwQY
MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt
NDdiY2QzOWMzZDg2LzEvdGxZX0hNczI2eGVRS1BDNl9uM3BSY3piWFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2
LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPtyAAwQC
uX3EMA0EAgACMAcDBQMgAQeIMA0GCSqGSIb3DQEBCwUAA4IBAQCAbNGPIphMoxAY
EUAJOi+MbevbMF1z3BhWmVUAFibfPXZFxT11oyq+cePKfwpiZu/MsQt5LJS5I0Rn
L8cWTtkab0G2HnM3kuRVoli/6s6ZDZRyMlKTCoqwZ4XqI9acfVVE7hORFXgBnjJS
fdohpC/vBotVupqaPwkzq0q142roznk9x3rYGli/qQCJioigayDHHvDRqiSLgabz
++Uuu1FHeQM2erDFvrKDeLezi4zQiubAhqejx7WZifiwYBLnRJmsNkBLes1XH+1o
Lw9lHc2NPgjf8k+Ca8iShpF+NnuBm8D+9RltVrgC3HmSH8tYyK7Qv31XrxNV6Zx4
69vY2lcm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:18 2024 by rpki-client on console-fra.rpki-client.org