Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/58tTyB3TnrzZ_ZyQJL8ow5KgC8E.roa
File: 58tTyB3TnrzZ_ZyQJL8ow5KgC8E.roa (raw, json)
Hash identifier: csgSQbC5Kt79CIBCpnhphqF7u0mtqPi+x+gfKwhsdf8=
Subject key identifier: E7:CB:53:C8:1D:D3:9E:BC:D9:FD:9C:90:24:BF:28:C3:92:A0:0B:C1
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 018CC8DE0F07EBFE1FB3EAB46B4A6187BCC5
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/58tTyB3TnrzZ_ZyQJL8ow5KgC8E.roa
Signing time: Tue 02 Jan 2024 06:30:45 +0000
ROA not before: Tue 02 Jan 2024 06:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29505
IP address blocks: 149.249.127.0/24 maxlen: 24
149.249.64.0/18 maxlen: 18
185.111.68.0/22 maxlen: 22
85.233.0.0/19 maxlen: 19
85.233.8.0/24 maxlen: 24
2a07:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Mar 2024 11:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:0f:07:eb:fe:1f:b3:ea:b4:6b:4a:61:87:bc:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Jan 2 06:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7cb53c81dd39ebcd9fd9c9024bf28c392a00bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:57:d5:78:28:d7:10:5b:21:26:c0:5f:78:c8:
ff:1f:7e:ae:55:73:44:1e:e7:b2:c5:22:bf:9a:94:
d8:fe:d8:b8:06:9f:20:db:2f:75:eb:af:6f:79:bb:
c6:b9:12:3b:31:f1:47:06:6a:8a:ec:21:12:50:69:
e7:f8:b0:67:0c:f1:f3:cb:3a:5e:3a:18:af:91:d0:
6a:11:30:81:a2:c0:5e:07:8d:19:76:f5:14:b1:5a:
af:e0:66:26:94:60:a2:31:e8:5c:23:a9:18:14:ba:
da:9b:20:5e:38:e9:8a:77:c5:cd:89:5c:bc:ae:c4:
77:06:9d:4f:3b:79:bd:e1:a6:f8:ae:95:4b:19:a4:
a0:28:9f:56:8d:4d:a9:06:ef:7d:90:69:a0:8a:e0:
38:af:13:a6:87:6e:16:d0:9e:15:8d:85:e3:33:42:
77:f0:05:a2:6f:9e:d5:7a:27:76:94:85:b7:e4:88:
bc:63:29:60:9a:7a:58:a3:d4:ca:4a:93:14:cf:a7:
cf:6c:d1:ec:c2:1f:cf:e0:7e:8d:36:af:9e:35:0b:
0c:ab:94:34:5a:56:06:a6:60:c4:05:e5:ec:0f:34:
0b:b0:f4:e9:5b:fc:4e:a6:cb:6b:75:ec:de:c4:79:
91:ab:bf:b2:c2:c1:d2:71:d0:b3:5f:c2:76:b5:23:
79:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CB:53:C8:1D:D3:9E:BC:D9:FD:9C:90:24:BF:28:C3:92:A0:0B:C1
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/58tTyB3TnrzZ_ZyQJL8ow5KgC8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.233.0.0/19
149.249.64.0/18
185.111.68.0/22
IPv6:
2a07:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
83:cd:71:25:23:5e:67:4a:d3:25:da:1a:05:fa:0b:08:ae:2b:
e9:d8:e6:ab:29:3b:56:a7:d3:78:ea:cb:d1:40:46:fc:72:7b:
74:90:9f:f2:0e:76:bf:c5:e7:e7:69:fd:0a:26:d4:6e:aa:19:
5a:13:94:55:ad:3e:21:1f:3b:89:a2:f6:d7:40:b9:6e:43:b2:
d9:64:ee:70:e6:94:17:38:48:51:43:86:e6:13:c7:88:4f:3d:
5c:6e:9c:d5:c8:40:73:2a:59:64:36:18:eb:db:95:f5:78:14:
94:9c:20:1e:0b:9b:20:df:0a:1f:2a:17:cf:1a:a5:b5:3f:e8:
4e:2d:29:a5:ca:c8:c0:83:24:47:62:d6:82:da:9a:44:f7:06:
91:75:71:d3:49:54:fa:b4:22:0e:9e:dc:e5:fc:14:3d:00:0d:
51:d4:49:f4:de:b9:04:6a:4a:85:e1:bb:6c:2a:d0:f3:df:5f:
e1:ca:2f:d8:79:bd:d6:08:b5:6e:0f:b6:6d:6c:1d:cc:da:87:
1e:01:42:44:21:8f:c4:9d:11:33:3f:8e:54:d5:98:9f:3c:8a:
14:73:00:57:bb:a6:69:77:9f:19:89:89:c1:34:78:fd:61:ed:
7d:3f:33:d4:91:89:04:53:35:9e:07:7d:84:a0:e5:88:d8:a9:
bd:11:8b:49
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3g8H6/4fs+q0a0phh7zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjQwMTAyMDYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NiNTNjODFkZDM5ZWJjZDlmZDljOTAyNGJmMjhjMzkyYTAwYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVfVeCjXEFshJsBfeMj/H36uVXNE
HueyxSK/mpTY/ti4Bp8g2y91669vebvGuRI7MfFHBmqK7CESUGnn+LBnDPHzyzpe
OhivkdBqETCBosBeB40ZdvUUsVqv4GYmlGCiMehcI6kYFLramyBeOOmKd8XNiVy8
rsR3Bp1PO3m94ab4rpVLGaSgKJ9WjU2pBu99kGmgiuA4rxOmh24W0J4VjYXjM0J3
8AWib57Veid2lIW35Ii8YylgmnpYo9TKSpMUz6fPbNHswh/P4H6NNq+eNQsMq5Q0
WlYGpmDEBeXsDzQLsPTpW/xOpstrdezexHmRq7+ywsHScdCzX8J2tSN5vwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOfLU8gd05682f2ckCS/KMOSoAvBMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvNTh0VHlCM1RucnpaX1p5UUpMOG93NUtnQzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVekAAwQG
lflAAwQCuW9EMA0EAgACMAcDBQMqB2xAMA0GCSqGSIb3DQEBCwUAA4IBAQCDzXEl
I15nStMl2hoF+gsIrivp2OarKTtWp9N46svRQEb8cnt0kJ/yDna/xefnaf0KJtRu
qhlaE5RVrT4hHzuJovbXQLluQ7LZZO5w5pQXOEhRQ4bmE8eITz1cbpzVyEBzKllk
Nhjr25X1eBSUnCAeC5sg3wofKhfPGqW1P+hOLSmlysjAgyRHYtaC2ppE9waRdXHT
SVT6tCIOntzl/BQ9AA1R1En03rkEakqF4btsKtDz31/hyi/Yeb3WCLVuD7ZtbB3M
2oceAUJEIY/EnREzP45U1ZifPIoUcwBXu6Zpd58ZiYnBNHj9Ye19PzPUkYkEUzWe
B32EoOWI2Km9EYtJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:35 2024 by rpki-client on console-ams.rpki-client.org