Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I2ACx-Z2RSIsqi1XUwjjcGHDG64.roa
File: I2ACx-Z2RSIsqi1XUwjjcGHDG64.roa (raw, json)
Hash identifier: eMYeKDhJxfF1njc2fDc2DT/1Yc5vNE818z3LO0Ez7wY=
Subject key identifier: 23:60:02:C7:E6:76:45:22:2C:AA:2D:57:53:08:E3:70:61:C3:1B:AE
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 018AD746F8C8CEA4A3838021CDADFA74BEF1
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I2ACx-Z2RSIsqi1XUwjjcGHDG64.roa
Signing time: Wed 27 Sep 2023 15:34:27 +0000
ROA not before: Wed 27 Sep 2023 15:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59836
IP address blocks: 185.69.118.0/24 maxlen: 24
185.69.116.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:46:f8:c8:ce:a4:a3:83:80:21:cd:ad:fa:74:be:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Sep 27 15:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=236002c7e67645222caa2d575308e37061c31bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:12:ff:40:98:01:71:a6:8e:37:6b:b0:6b:1b:
0c:2f:fa:4c:41:4c:42:df:60:e2:ed:99:3c:4b:b3:
a9:a5:08:05:31:fe:5d:20:12:55:49:cb:91:cf:5a:
27:f2:97:a1:c5:7c:7f:6c:e3:a8:43:a0:56:1a:5d:
72:a4:25:1c:7d:13:68:c5:4b:eb:dd:5a:0e:ee:ec:
91:9b:a1:31:23:7d:e0:8b:6b:41:37:29:50:18:0a:
49:2a:33:98:d7:cc:7e:8b:c9:ee:e4:4a:a9:93:1b:
bf:fa:89:46:21:e8:fd:48:4c:e1:a1:cc:3e:cf:0b:
95:19:6d:e6:63:10:70:fa:5a:f5:cf:d8:70:06:46:
ed:f0:19:47:8f:d2:b9:4a:23:46:5f:4b:66:b7:57:
41:90:3c:f9:19:83:50:69:2b:a8:35:79:3e:17:1a:
f0:ba:e6:91:57:12:14:18:8f:99:34:90:29:b3:e8:
cf:8e:e3:4e:fb:bf:59:4e:3c:4f:38:14:cd:0a:f7:
a8:b7:2c:f0:51:7e:e2:6a:b9:47:57:f7:bf:45:7b:
8f:4d:a3:99:ea:a5:ff:68:3a:e9:ef:c4:e1:5c:c0:
07:e6:02:b7:9a:7c:0a:b5:fe:88:d1:f8:9d:92:73:
c6:05:f0:d8:bc:0a:4f:4b:f1:47:91:cc:5f:d3:82:
32:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:60:02:C7:E6:76:45:22:2C:AA:2D:57:53:08:E3:70:61:C3:1B:AE
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I2ACx-Z2RSIsqi1XUwjjcGHDG64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:56:98:53:df:8f:20:5f:78:52:42:a2:57:8e:0c:7b:10:78:
e1:c6:ad:e0:10:f7:60:03:5c:14:ef:5d:e4:bc:61:b5:72:88:
ac:cb:98:8e:c3:f5:0f:69:9d:86:c1:b3:62:ac:f3:71:e8:52:
12:64:c3:eb:e2:c2:e8:95:be:0a:f9:f9:2f:9a:fd:4c:8f:de:
ea:84:f6:3c:b9:61:75:22:e3:fc:85:69:6f:0c:c2:cb:c3:c7:
52:2d:d9:5e:35:a2:d8:df:71:5d:af:f4:39:ba:82:d8:22:6b:
b2:73:be:43:0b:f0:a0:73:af:90:b4:15:0b:10:45:00:d5:03:
cf:31:aa:c7:29:71:45:6e:10:87:73:6d:89:d9:d9:99:35:44:
83:40:b7:99:64:0d:85:21:a6:d3:90:fe:6f:f1:02:88:a1:40:
df:59:51:e1:ee:46:8a:aa:53:f4:b4:9b:b9:f5:42:82:47:87:
0e:14:64:10:12:56:59:b5:c1:cf:9a:30:3e:0b:dc:19:3c:90:
7d:9a:df:8a:14:9c:d3:f7:e0:f3:22:6c:65:86:45:56:50:4d:
30:03:69:d6:51:d9:b0:fc:86:64:a1:c7:75:6c:16:46:34:29:
59:9a:88:b0:fd:1e:1e:bc:18:f1:f8:9e:0a:bb:a9:6a:eb:2b:
1a:57:eb:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrXRvjIzqSjg4Ahza36dL7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjMwOTI3MTUzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzYwMDJjN2U2NzY0NTIyMmNhYTJkNTc1MzA4ZTM3MDYxYzMxYmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxL/QJgBcaaON2uwaxsML/pMQUxC
32Di7Zk8S7OppQgFMf5dIBJVScuRz1on8pehxXx/bOOoQ6BWGl1ypCUcfRNoxUvr
3VoO7uyRm6ExI33gi2tBNylQGApJKjOY18x+i8nu5Eqpkxu/+olGIej9SEzhocw+
zwuVGW3mYxBw+lr1z9hwBkbt8BlHj9K5SiNGX0tmt1dBkDz5GYNQaSuoNXk+Fxrw
uuaRVxIUGI+ZNJAps+jPjuNO+79ZTjxPOBTNCveotyzwUX7iarlHV/e/RXuPTaOZ
6qX/aDrp78ThXMAH5gK3mnwKtf6I0fidknPGBfDYvApPS/FHkcxf04IygwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCNgAsfmdkUiLKotV1MI43BhwxuuMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvSTJBQ3gtWjJSU0lzcWkxWFV3ampjR0hERzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQALVphT348g
X3hSQqJXjgx7EHjhxq3gEPdgA1wU713kvGG1coisy5iOw/UPaZ2GwbNirPNx6FIS
ZMPr4sLolb4K+fkvmv1Mj97qhPY8uWF1IuP8hWlvDMLLw8dSLdleNaLY33Fdr/Q5
uoLYImuyc75DC/Cgc6+QtBULEEUA1QPPMarHKXFFbhCHc22J2dmZNUSDQLeZZA2F
IabTkP5v8QKIoUDfWVHh7kaKqlP0tJu59UKCR4cOFGQQElZZtcHPmjA+C9wZPJB9
mt+KFJzT9+DzImxlhkVWUE0wA2nWUdmw/IZkocd1bBZGNClZmoiw/R4evBjx+J4K
u6lq6ysaV+tG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org