Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/Dq5O1QdxeZLtcu1CAFwvcZpcUX4.roa
File: Dq5O1QdxeZLtcu1CAFwvcZpcUX4.roa (raw, json)
Hash identifier: Pt+Wk1m4d5LdY0QreZRZjeSTJ6kdCgAE0g3BVaKlioc=
Subject key identifier: 0E:AE:4E:D5:07:71:79:92:ED:72:ED:42:00:5C:2F:71:9A:5C:51:7E
Certificate issuer: /CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Certificate serial: 01856C5CB31604DB7B58FEF6E2353746F008
Authority key identifier: 77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/Dq5O1QdxeZLtcu1CAFwvcZpcUX4.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59919
IP address blocks: 185.204.220.0/22 maxlen: 24
5.178.88.0/21 maxlen: 24
185.187.172.0/22 maxlen: 24
185.248.240.0/22 maxlen: 24
185.136.136.0/22 maxlen: 24
185.60.188.0/22 maxlen: 24
45.152.144.0/22 maxlen: 24
2.59.140.0/22 maxlen: 24
2a01:9ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b3:16:04:db:7b:58:fe:f6:e2:35:37:46:f0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eae4ed507717992ed72ed42005c2f719a5c517e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:41:49:f9:66:30:af:2f:ea:82:f3:85:a0:
c3:51:04:4b:c6:7d:e8:52:a2:64:54:2b:1e:7a:26:
79:cd:3b:cf:84:ca:87:db:0c:64:f0:57:f2:63:31:
40:d7:c3:34:f3:02:08:27:6e:93:ba:c5:91:1b:8d:
d1:39:89:d7:00:7f:9a:98:f9:34:ad:14:62:be:e8:
bd:0c:c7:1a:c5:20:fc:a7:39:17:c3:a2:45:b2:ed:
ec:fb:34:0d:68:98:21:1d:f2:6c:da:3f:37:99:c1:
45:71:9a:18:43:d6:c7:01:56:18:00:3e:8f:0c:53:
94:62:db:8a:8a:2c:cc:4b:10:cb:7b:23:e3:d3:8b:
39:7d:e4:50:20:2c:71:4a:1f:a8:fa:aa:6d:c1:e2:
d1:5e:3d:de:27:9d:ef:45:c5:cb:a3:0a:5f:57:4e:
e2:10:92:d9:35:8d:bf:82:9d:73:67:5a:ab:a2:44:
8d:0f:42:ae:0d:95:c5:06:0a:3b:2a:2c:85:85:51:
40:16:8f:e4:43:38:76:00:bd:79:4c:e8:fb:46:a4:
19:a2:4f:4f:14:9b:6e:73:da:6c:32:44:9e:5e:a9:
6b:9f:1b:fe:46:a2:3f:f0:e6:19:05:92:fa:d1:48:
77:42:e6:67:d6:05:59:8f:c7:58:4c:8b:e4:a0:88:
60:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AE:4E:D5:07:71:79:92:ED:72:ED:42:00:5C:2F:71:9A:5C:51:7E
X509v3 Authority Key Identifier:
keyid:77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/Dq5O1QdxeZLtcu1CAFwvcZpcUX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/dxLiD1ELIrghfN8NIRSWsbnB7bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.140.0/22
5.178.88.0/21
45.152.144.0/22
185.60.188.0/22
185.136.136.0/22
185.187.172.0/22
185.204.220.0/22
185.248.240.0/22
IPv6:
2a01:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:f9:2a:f0:aa:db:45:77:f9:2a:ad:8e:e2:26:16:4e:2c:9c:
64:04:0a:18:30:65:be:6a:b1:ea:0e:8c:b5:4c:cb:28:14:5b:
02:04:4d:52:6b:15:aa:ab:3f:2a:06:f2:a7:eb:38:26:82:b0:
ba:a0:f2:fd:94:73:36:c9:25:df:e3:f0:bb:9e:27:5a:bd:d7:
c0:7a:bf:99:de:7c:f6:25:a1:17:66:4d:85:56:aa:aa:48:bc:
8c:0a:ab:7c:16:ca:af:fa:ee:80:ba:ad:87:5d:5a:d5:fd:29:
ea:dd:f0:28:99:fa:1b:75:6c:8d:05:aa:17:8c:30:ec:d9:c6:
2c:26:4f:dc:3d:c5:07:ba:e2:fa:42:02:39:55:cc:e5:4a:b5:
ee:25:aa:d6:35:c3:ff:e4:f8:ed:78:40:d3:80:58:94:cf:4a:
63:ef:53:5e:5f:3c:8d:a9:e8:30:b3:0e:b3:a9:06:1e:d7:6c:
83:d1:47:da:a2:dd:27:25:23:6d:bf:c1:d0:02:0d:33:bf:05:
de:65:96:d2:28:5b:da:6a:64:07:ba:e0:22:42:ac:e4:65:af:
e2:c1:a1:28:3b:b3:20:8a:6b:9d:5c:30:cc:75:06:18:39:be:
c5:93:10:fd:7b:71:1b:da:e8:e8:6a:02:60:7d:15:99:c5:52:
99:fd:11:4b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVsXLMWBNt7WP724jU3RvAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MTJlMjBmNTEwYjIyYjgyMTdjZGYwZDIxMTQ5NmIxYjlj
MWVkYjgwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFlNGVkNTA3NzE3OTkyZWQ3MmVkNDIwMDVjMmY3MTlhNWM1MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzNBSflmMK8v6oLzhaDDUQRLxn3o
UqJkVCseeiZ5zTvPhMqH2wxk8FfyYzFA18M08wIIJ26TusWRG43ROYnXAH+amPk0
rRRivui9DMcaxSD8pzkXw6JFsu3s+zQNaJghHfJs2j83mcFFcZoYQ9bHAVYYAD6P
DFOUYtuKiizMSxDLeyPj04s5feRQICxxSh+o+qptweLRXj3eJ53vRcXLowpfV07i
EJLZNY2/gp1zZ1qrokSND0KuDZXFBgo7KiyFhVFAFo/kQzh2AL15TOj7RqQZok9P
FJtuc9psMkSeXqlrnxv+RqI/8OYZBZL60Uh3QuZn1gVZj8dYTIvkoIhgmwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA6uTtUHcXmS7XLtQgBcL3GaXFF+MB8GA1UdIwQY
MBaAFHcS4g9RCyK4IXzfDSEUlrG5we24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHhMaUQxRUxJcmdoZk44TklSU1dzYm5CN2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2I3MTQtYzcxNC00MjgxLThhZGEt
NDNjZTk0OTY2M2Q5LzEvRHE1TzFRZHhlWkx0Y3UxQ0FGd3ZjWnBjVVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2I3MTQtYzcxNC00MjgxLThhZGEtNDNjZTk0OTY2M2Q5
LzEvZHhMaUQxRUxJcmdoZk44TklSU1dzYm5CN2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCAjuMAwQD
BbJYAwQCLZiQAwQCuTy8AwQCuYiIAwQCubusAwQCuczcAwQCufjwMA0EAgACMAcD
BQAqAZrAMA0GCSqGSIb3DQEBCwUAA4IBAQBO+SrwqttFd/kqrY7iJhZOLJxkBAoY
MGW+arHqDoy1TMsoFFsCBE1SaxWqqz8qBvKn6zgmgrC6oPL9lHM2ySXf4/C7nida
vdfAer+Z3nz2JaEXZk2FVqqqSLyMCqt8Fsqv+u6Auq2HXVrV/Snq3fAomfobdWyN
BaoXjDDs2cYsJk/cPcUHuuL6QgI5VczlSrXuJarWNcP/5PjteEDTgFiUz0pj71Ne
XzyNqegwsw6zqQYe12yD0Ufaot0nJSNtv8HQAg0zvwXeZZbSKFvaamQHuuAiQqzk
Za/iwaEoO7MgimudXDDMdQYYOb7FkxD9e3Eb2ujoagJgfRWZxVKZ/RFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:32 2024 by rpki-client on console-fra.rpki-client.org