Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ba1987-522e-498c-a359-76a0f7b841dc/1/AlTY3CqgHVT_zrM1g-BTPxbaqxs.roa
File: AlTY3CqgHVT_zrM1g-BTPxbaqxs.roa (raw, json)
Hash identifier: cBA78GzbFX9rC6Od1SUbd/hCtl4b7eiH4I+ZEK4bET8=
Subject key identifier: 02:54:D8:DC:2A:A0:1D:54:FF:CE:B3:35:83:E0:53:3F:16:DA:AB:1B
Certificate issuer: /CN=2d634fb681802144f064c1b19f11f6aae7596dcf
Certificate serial: 01874DCC8F5044CF2850D62D81C376FE5CCB
Authority key identifier: 2D:63:4F:B6:81:80:21:44:F0:64:C1:B1:9F:11:F6:AA:E7:59:6D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWNPtoGAIUTwZMGxnxH2qudZbc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/ba1987-522e-498c-a359-76a0f7b841dc/1/AlTY3CqgHVT_zrM1g-BTPxbaqxs.roa
Signing time: Tue 04 Apr 2023 19:44:24 +0000
ROA not before: Tue 04 Apr 2023 19:44:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203358
IP address blocks: 185.253.59.0/24 maxlen: 24
2a12:c140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:cc:8f:50:44:cf:28:50:d6:2d:81:c3:76:fe:5c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d634fb681802144f064c1b19f11f6aae7596dcf
Validity
Not Before: Apr 4 19:44:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0254d8dc2aa01d54ffceb33583e0533f16daab1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:79:a7:d6:c4:00:31:15:a4:37:0a:e9:b5:
bd:ae:2d:01:3f:3d:25:3a:24:91:8d:21:c1:72:77:
73:bb:80:9a:8d:1d:6e:e3:ca:43:e6:fc:59:dc:ad:
c8:1b:2b:4a:78:49:cc:c4:3d:d7:8f:c0:06:c2:e4:
08:92:74:3e:c3:92:a7:60:1b:cf:2d:22:69:8d:42:
d3:ee:c1:16:eb:c8:01:d8:c8:ba:f1:63:18:be:20:
79:1d:23:3d:3e:d1:e9:10:ee:46:47:eb:53:32:cd:
e8:96:29:b6:b0:b6:30:66:4e:0d:66:47:30:a1:67:
78:2e:10:11:28:35:04:a7:1c:00:72:18:bb:65:d0:
bb:4a:cc:1f:7b:39:c5:06:3c:e8:10:60:8d:8f:6a:
15:00:95:df:d3:1f:21:58:b7:df:99:5c:5e:db:a1:
e0:e3:f6:f2:82:16:29:a7:1f:86:c7:39:a1:a1:cb:
60:d6:c6:eb:65:4f:59:95:0b:de:de:26:d4:59:92:
b8:f1:84:8f:04:75:26:13:e0:33:ea:39:2f:72:e8:
ac:59:cc:44:be:c1:a0:b3:a7:5c:ce:98:5e:28:b8:
62:96:50:06:b5:5d:a1:ab:0e:0b:07:af:28:28:6a:
97:07:0b:25:d9:fb:b4:e3:f3:28:81:c4:92:af:b3:
02:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:54:D8:DC:2A:A0:1D:54:FF:CE:B3:35:83:E0:53:3F:16:DA:AB:1B
X509v3 Authority Key Identifier:
keyid:2D:63:4F:B6:81:80:21:44:F0:64:C1:B1:9F:11:F6:AA:E7:59:6D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWNPtoGAIUTwZMGxnxH2qudZbc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ba1987-522e-498c-a359-76a0f7b841dc/1/AlTY3CqgHVT_zrM1g-BTPxbaqxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ba1987-522e-498c-a359-76a0f7b841dc/1/LWNPtoGAIUTwZMGxnxH2qudZbc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.59.0/24
IPv6:
2a12:c140::/29
Signature Algorithm: sha256WithRSAEncryption
25:58:01:42:21:05:dd:37:a1:57:29:2a:ee:18:0c:11:e4:8b:
72:e2:c0:34:6a:c0:23:1e:2b:b1:bc:b5:24:31:7e:67:d7:c6:
b9:46:7a:b7:8e:c6:8f:91:87:54:2c:c8:aa:7a:c8:d2:7a:6f:
e1:97:f1:b3:32:d5:70:b2:05:3e:18:1f:9a:e9:c0:64:cc:27:
cc:9d:58:cd:92:0f:a7:28:20:2c:72:b8:d9:a6:0d:b0:ec:e8:
fc:5b:b1:dc:4a:7d:59:e3:f2:4a:9b:bb:2e:8e:61:f9:33:10:
c3:ec:11:a5:c3:fd:ec:1a:f2:68:ad:94:53:42:af:0b:ce:2f:
16:97:d8:ad:50:21:7a:8d:88:d9:88:6b:09:69:5d:19:67:17:
79:fa:f4:ae:de:b6:74:3c:7a:12:be:18:b5:d1:30:29:4c:e2:
60:c9:aa:87:e8:3a:3a:7a:3f:1c:d5:f0:8f:ce:dd:10:c0:20:
7f:de:31:d3:50:bb:80:a7:1a:a2:c3:8b:e9:b8:87:b1:e1:48:
da:d5:18:3b:e2:47:ea:95:a7:a6:7f:65:cd:a1:6d:e2:b6:f2:
3e:25:7a:d4:7e:98:3b:3d:72:0a:ec:b2:e3:f1:ff:e2:e3:32:
8b:83:b8:74:b5:19:7b:66:86:46:96:2b:04:a9:2f:af:29:af:
60:17:49:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdNzI9QRM8oUNYtgcN2/lzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNjM0ZmI2ODE4MDIxNDRmMDY0YzFiMTlmMTFmNmFhZTc1
OTZkY2YwHhcNMjMwNDA0MTk0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU0ZDhkYzJhYTAxZDU0ZmZjZWIzMzU4M2UwNTMzZjE2ZGFhYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZF5p9bEADEVpDcK6bW9ri0BPz0l
OiSRjSHBcndzu4CajR1u48pD5vxZ3K3IGytKeEnMxD3Xj8AGwuQIknQ+w5KnYBvP
LSJpjULT7sEW68gB2Mi68WMYviB5HSM9PtHpEO5GR+tTMs3olim2sLYwZk4NZkcw
oWd4LhARKDUEpxwAchi7ZdC7SswfeznFBjzoEGCNj2oVAJXf0x8hWLffmVxe26Hg
4/byghYppx+Gxzmhoctg1sbrZU9ZlQve3ibUWZK48YSPBHUmE+Az6jkvcuisWcxE
vsGgs6dczpheKLhillAGtV2hqw4LB68oKGqXBwsl2fu04/MogcSSr7MCEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAJU2NwqoB1U/86zNYPgUz8W2qsbMB8GA1UdIwQY
MBaAFC1jT7aBgCFE8GTBsZ8R9qrnWW3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFdOUHRvR0FJVVR3Wk1HeG54SDJxdWRaYmM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iYTE5ODctNTIyZS00OThjLWEzNTkt
NzZhMGY3Yjg0MWRjLzEvQWxUWTNDcWdIVlRfenJNMWctQlRQeGJhcXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iYTE5ODctNTIyZS00OThjLWEzNTktNzZhMGY3Yjg0MWRj
LzEvTFdOUHRvR0FJVVR3Wk1HeG54SDJxdWRaYmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf07MA0E
AgACMAcDBQMqEsFAMA0GCSqGSIb3DQEBCwUAA4IBAQAlWAFCIQXdN6FXKSruGAwR
5Ity4sA0asAjHiuxvLUkMX5n18a5Rnq3jsaPkYdULMiqesjSem/hl/GzMtVwsgU+
GB+a6cBkzCfMnVjNkg+nKCAscrjZpg2w7Oj8W7HcSn1Z4/JKm7sujmH5MxDD7BGl
w/3sGvJorZRTQq8Lzi8Wl9itUCF6jYjZiGsJaV0ZZxd5+vSu3rZ0PHoSvhi10TAp
TOJgyaqH6Do6ej8c1fCPzt0QwCB/3jHTULuApxqiw4vpuIex4Uja1Rg74kfqlaem
f2XNoW3itvI+JXrUfpg7PXIK7LLj8f/i4zKLg7h0tRl7ZoZGlisEqS+vKa9gF0n9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:42 2024 by rpki-client on console-fra.rpki-client.org