Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ss77Ty7pNcVsF32UiZQG4DfuGdI.roa
File: ss77Ty7pNcVsF32UiZQG4DfuGdI.roa (raw, json)
Hash identifier: lxXVXBjR0v7vNW9aoc9ryUM2yf3WXrkKdbaGoJD2k3I=
Subject key identifier: B2:CE:FB:4F:2E:E9:35:C5:6C:17:7D:94:89:94:06:E0:37:EE:19:D2
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01856E2668B90BE343F5DDBBE3EE1401926B
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ss77Ty7pNcVsF32UiZQG4DfuGdI.roa
Signing time: Sun 01 Jan 2023 16:24:48 +0000
ROA not before: Sun 01 Jan 2023 16:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204108
IP address blocks: 185.229.232.0/22 maxlen: 23
185.229.232.0/23 maxlen: 23
185.229.234.0/23 maxlen: 23
185.253.42.0/23 maxlen: 23
185.253.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 23 May 2023 07:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:68:b9:0b:e3:43:f5:dd:bb:e3:ee:14:01:92:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 16:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2cefb4f2ee935c56c177d94899406e037ee19d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:2a:d0:14:55:02:aa:26:06:4a:32:4b:ce:
92:02:80:e0:e9:3e:3a:21:cb:c1:66:80:8e:e5:ae:
43:53:e4:6a:21:24:1b:7a:47:a4:52:bc:83:a5:f7:
f7:cf:0e:01:01:5e:78:42:39:0a:2d:1a:89:0b:74:
b4:aa:ba:69:ea:f4:8b:b0:7d:f5:21:0b:5c:22:9b:
37:6a:ef:c0:11:c2:1f:fe:11:26:3d:20:af:ba:b6:
f1:ed:1c:c5:29:49:78:e2:0b:dc:99:cb:bb:9c:5a:
a4:9c:7f:4d:87:9b:33:eb:23:d9:9e:30:68:f3:e8:
83:2a:b5:16:a1:b5:12:db:cf:ce:ec:7c:5b:d0:79:
21:81:ba:d1:c7:43:6c:7c:33:b0:3c:0c:4e:e7:35:
c7:1f:2d:65:c7:de:79:92:ba:9b:1d:4c:53:db:39:
0a:7d:12:05:5b:44:fc:da:02:0c:3b:3b:66:39:e8:
c6:39:a3:14:aa:10:88:69:02:e9:d2:e4:41:b3:f9:
f8:69:1a:92:06:4f:22:8c:2b:c6:6f:7e:c6:9a:9a:
fa:8e:3f:5f:cd:03:1b:a4:a6:43:f3:d3:2e:a2:01:
05:67:b6:52:e3:7d:10:42:3a:a8:ca:60:ff:74:61:
33:b0:47:65:7d:33:9f:0c:a2:4a:ed:1d:51:e7:f5:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CE:FB:4F:2E:E9:35:C5:6C:17:7D:94:89:94:06:E0:37:EE:19:D2
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ss77Ty7pNcVsF32UiZQG4DfuGdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.232.0/22
185.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
29:ec:5e:48:27:29:c0:56:d3:fd:74:8d:e5:b2:92:d0:46:c9:
b4:73:23:d2:2c:d5:0d:c1:ff:04:ff:51:d7:3e:fb:dd:38:74:
eb:73:fe:c8:69:d2:43:ea:7b:6e:ab:1e:e7:ca:dd:8e:c4:79:
d8:84:d5:d9:4d:76:c9:60:81:13:4d:c7:1d:8f:42:8b:05:93:
e6:f4:d9:31:d9:a0:35:c8:8f:ce:2e:e4:f3:2c:4b:2a:7d:dd:
70:5d:4e:50:df:76:f8:ef:be:4d:da:3b:f1:b3:12:34:7f:6e:
7a:bc:01:c7:c2:3c:3c:e6:7a:2a:30:9a:a0:87:ca:61:13:92:
5b:5c:d3:ee:ed:b9:bc:6f:7f:c1:dc:94:3a:a2:f7:df:81:9c:
e3:b3:b0:49:5d:c5:cb:d2:fe:3b:94:ef:7a:10:d8:e3:e4:76:
15:b3:35:b9:e1:5b:5e:a6:3b:96:10:8a:d2:b4:f5:cf:ba:69:
c3:75:f7:70:b0:3b:08:d6:50:b5:66:a7:31:3c:8d:13:95:a0:
3e:9b:af:6a:e1:21:98:fd:b8:71:59:3e:29:b6:7a:16:a8:b8:
fd:e6:1b:17:e3:10:83:c5:83:3b:d0:64:a3:d4:5b:5c:59:6d:
88:95:c1:76:2e:fa:0b:34:01:2a:67:87:5e:a0:7c:c1:5a:d7:
f4:7c:cb:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuJmi5C+ND9d274+4UAZJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwMTAxMTYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNlZmI0ZjJlZTkzNWM1NmMxNzdkOTQ4OTk0MDZlMDM3ZWUxOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr68q0BRVAqomBkoyS86SAoDg6T46
IcvBZoCO5a5DU+RqISQbekekUryDpff3zw4BAV54QjkKLRqJC3S0qrpp6vSLsH31
IQtcIps3au/AEcIf/hEmPSCvurbx7RzFKUl44gvcmcu7nFqknH9Nh5sz6yPZnjBo
8+iDKrUWobUS28/O7Hxb0HkhgbrRx0NsfDOwPAxO5zXHHy1lx955krqbHUxT2zkK
fRIFW0T82gIMOztmOejGOaMUqhCIaQLp0uRBs/n4aRqSBk8ijCvGb37Gmpr6jj9f
zQMbpKZD89MuogEFZ7ZS430QQjqoymD/dGEzsEdlfTOfDKJK7R1R5/VFxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLO+08u6TXFbBd9lImUBuA37hnSMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvc3M3N1R5N3BOY1ZzRjMyVWlaUUc0RGZ1R2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCueXoAwQC
uf0oMA0GCSqGSIb3DQEBCwUAA4IBAQAp7F5IJynAVtP9dI3lspLQRsm0cyPSLNUN
wf8E/1HXPvvdOHTrc/7IadJD6ntuqx7nyt2OxHnYhNXZTXbJYIETTccdj0KLBZPm
9Nkx2aA1yI/OLuTzLEsqfd1wXU5Q33b4775N2jvxsxI0f256vAHHwjw85noqMJqg
h8phE5JbXNPu7bm8b3/B3JQ6ovffgZzjs7BJXcXL0v47lO96ENjj5HYVszW54Vte
pjuWEIrStPXPumnDdfdwsDsI1lC1ZqcxPI0TlaA+m69q4SGY/bhxWT4ptnoWqLj9
5hsX4xCDxYM70GSj1FtcWW2IlcF2LvoLNAEqZ4deoHzBWtf0fMvy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org