Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/EbLJw-MPODv-0gPybMOTYkW0zO8.roa
File: EbLJw-MPODv-0gPybMOTYkW0zO8.roa (raw, json)
Hash identifier: 15dZ0OnQRbfXVrpUTKunVTpMc3gyrtKCGS+JdzL7Zxo=
Subject key identifier: 11:B2:C9:C3:E3:0F:38:3B:FE:D2:03:F2:6C:C3:93:62:45:B4:CC:EF
Certificate issuer: /CN=5c76eff26884bf006207d722b3b01a44d2b56199
Certificate serial: 0185CECADC8311473CA6FF391306FD20F393
Authority key identifier: 5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/EbLJw-MPODv-0gPybMOTYkW0zO8.roa
Signing time: Fri 20 Jan 2023 10:47:59 +0000
ROA not before: Fri 20 Jan 2023 10:47:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202949
IP address blocks: 185.174.58.0/24 maxlen: 24
185.174.57.0/24 maxlen: 24
185.174.56.0/24 maxlen: 24
185.174.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:ca:dc:83:11:47:3c:a6:ff:39:13:06:fd:20:f3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c76eff26884bf006207d722b3b01a44d2b56199
Validity
Not Before: Jan 20 10:47:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11b2c9c3e30f383bfed203f26cc3936245b4ccef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8a:0d:31:e8:fd:87:c3:c7:47:57:42:23:2b:
85:ae:19:9e:13:94:7d:f1:11:1c:f2:cd:d7:8b:ac:
e0:a6:2f:b3:81:6b:b0:50:26:9d:1c:76:20:89:7b:
06:9d:6a:07:4d:b7:f8:cf:23:a0:7e:2a:5c:c3:30:
d9:2e:e4:a9:2c:df:ba:19:3e:93:28:d3:17:47:4a:
20:e0:53:ff:92:cb:9c:ab:b2:b1:08:8b:81:97:c2:
29:a5:63:3d:b5:45:e2:a5:15:42:29:dc:7b:6d:ce:
d9:dc:f2:15:a7:36:a7:86:bc:2d:f9:f1:e7:14:87:
43:3d:e3:49:39:e6:53:a9:5e:c2:fe:11:3e:8b:8e:
3b:18:be:16:d1:69:42:1d:ba:4e:5f:8c:6e:66:e4:
da:37:e7:24:01:65:ca:da:c7:f6:e2:a5:1f:a3:ed:
40:4e:76:d6:2a:08:c0:0f:a3:ce:0a:47:e4:09:56:
5c:d3:ae:40:b3:35:d5:79:7d:7c:73:c1:7e:ab:c1:
d9:10:aa:e4:ec:b5:7a:c8:bc:e1:c9:c4:b7:c4:d7:
d3:20:6d:de:d7:b4:d5:00:e2:24:c7:5c:b1:cb:2e:
6e:00:d5:af:de:2e:9b:01:c0:45:42:69:63:54:a3:
5d:bd:f6:52:c1:be:48:d9:64:fc:61:6a:31:3c:80:
8f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B2:C9:C3:E3:0F:38:3B:FE:D2:03:F2:6C:C3:93:62:45:B4:CC:EF
X509v3 Authority Key Identifier:
keyid:5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/EbLJw-MPODv-0gPybMOTYkW0zO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.56.0/22
Signature Algorithm: sha256WithRSAEncryption
55:b3:59:1e:c4:89:7f:67:89:c1:34:75:bb:a7:d0:36:00:02:
93:8e:67:83:8d:48:b6:9d:86:8e:b7:27:40:95:e8:19:99:cf:
14:8d:84:ff:4d:db:cc:49:f9:c4:66:db:fb:c4:64:5a:e6:06:
d2:ba:f6:78:6e:6a:50:d3:4e:d2:cc:92:d7:76:62:98:f7:c7:
91:3d:7a:11:11:8e:d0:8c:3e:f4:86:0e:e0:ca:32:b0:ad:33:
e3:8d:45:8c:1f:c5:34:ff:89:10:00:5c:d7:75:8b:a8:37:29:
3b:b4:d8:61:4c:24:57:88:b9:54:55:ca:e7:1d:7e:ec:bd:ab:
a8:f2:57:0e:57:a6:41:d0:7e:44:3e:36:f7:06:fc:ae:5e:69:
3a:39:0b:37:21:9f:f1:93:01:6e:c1:4e:f7:21:c5:97:66:9f:
0e:6b:d1:76:c8:aa:86:fe:a0:23:54:13:f0:0c:0f:e3:28:e4:
6e:81:55:df:c1:1a:8e:10:ce:cd:36:8e:dd:ca:b8:fa:c7:15:
a3:0d:01:b1:f7:64:4d:b0:d1:56:96:e5:30:f7:a7:9e:f8:1b:
ff:ea:1a:03:11:ff:47:61:56:18:aa:b3:d3:25:f8:24:b8:df:
0b:6d:ce:19:ad:c7:eb:b4:1d:7a:fa:28:a3:80:a3:12:dc:9c:
00:58:2d:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXOytyDEUc8pv85Ewb9IPOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzZlZmYyNjg4NGJmMDA2MjA3ZDcyMmIzYjAxYTQ0ZDJi
NTYxOTkwHhcNMjMwMTIwMTA0NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWIyYzljM2UzMGYzODNiZmVkMjAzZjI2Y2MzOTM2MjQ1YjRjY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4oNMej9h8PHR1dCIyuFrhmeE5R9
8REc8s3Xi6zgpi+zgWuwUCadHHYgiXsGnWoHTbf4zyOgfipcwzDZLuSpLN+6GT6T
KNMXR0og4FP/ksucq7KxCIuBl8IppWM9tUXipRVCKdx7bc7Z3PIVpzanhrwt+fHn
FIdDPeNJOeZTqV7C/hE+i447GL4W0WlCHbpOX4xuZuTaN+ckAWXK2sf24qUfo+1A
TnbWKgjAD6POCkfkCVZc065AszXVeX18c8F+q8HZEKrk7LV6yLzhycS3xNfTIG3e
17TVAOIkx1yxyy5uANWv3i6bAcBFQmljVKNdvfZSwb5I2WT8YWoxPICPywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGyycPjDzg7/tID8mzDk2JFtMzvMB8GA1UdIwQY
MBaAFFx27/JohL8AYgfXIrOwGkTStWGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgt
NjYwNDExYjlkMTY3LzEvRWJMSnctTVBPRHYtMGdQeWJNT1RZa1cwek84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgtNjYwNDExYjlkMTY3
LzEvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua44MA0G
CSqGSIb3DQEBCwUAA4IBAQBVs1kexIl/Z4nBNHW7p9A2AAKTjmeDjUi2nYaOtydA
legZmc8UjYT/TdvMSfnEZtv7xGRa5gbSuvZ4bmpQ007SzJLXdmKY98eRPXoREY7Q
jD70hg7gyjKwrTPjjUWMH8U0/4kQAFzXdYuoNyk7tNhhTCRXiLlUVcrnHX7svauo
8lcOV6ZB0H5EPjb3BvyuXmk6OQs3IZ/xkwFuwU73IcWXZp8Oa9F2yKqG/qAjVBPw
DA/jKORugVXfwRqOEM7NNo7dyrj6xxWjDQGx92RNsNFWluUw96ee+Bv/6hoDEf9H
YVYYqrPTJfgkuN8Lbc4ZrcfrtB16+iijgKMS3JwAWC1Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org