Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/37b64a-cc5e-4630-96f2-7218a31790f3/1/iTyHSCeceuFLWu51r8pAzeQAfoA.roa
File: iTyHSCeceuFLWu51r8pAzeQAfoA.roa (raw, json)
Hash identifier: ewDLcM1WiM1UWxlkg+QV3FUzlQ2UuXWvIEimcNyk4CA=
Subject key identifier: 89:3C:87:48:27:9C:7A:E1:4B:5A:EE:75:AF:CA:40:CD:E4:00:7E:80
Certificate issuer: /CN=25abe67b21d323b2b2b442c6b06ae32cc280358d
Certificate serial: 018CC6B7EBD519CAD25E90009133EF6FDD25
Authority key identifier: 25:AB:E6:7B:21:D3:23:B2:B2:B4:42:C6:B0:6A:E3:2C:C2:80:35:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JavmeyHTI7KytELGsGrjLMKANY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/37b64a-cc5e-4630-96f2-7218a31790f3/1/iTyHSCeceuFLWu51r8pAzeQAfoA.roa
Signing time: Mon 01 Jan 2024 20:29:51 +0000
ROA not before: Mon 01 Jan 2024 20:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13170
IP address blocks: 85.29.64.0/18 maxlen: 18
185.69.72.0/22 maxlen: 22
212.116.32.0/19 maxlen: 19
62.145.160.0/19 maxlen: 19
77.223.32.0/19 maxlen: 19
213.145.192.0/19 maxlen: 19
213.143.160.0/19 maxlen: 19
46.254.96.0/21 maxlen: 21
185.69.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 05 Apr 2024 07:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:eb:d5:19:ca:d2:5e:90:00:91:33:ef:6f:dd:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25abe67b21d323b2b2b442c6b06ae32cc280358d
Validity
Not Before: Jan 1 20:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=893c8748279c7ae14b5aee75afca40cde4007e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:ea:eb:de:09:31:f0:10:52:f1:e2:11:52:
ac:d8:68:f3:00:e9:89:57:e6:3f:c3:59:83:ee:b6:
b5:3e:31:39:bf:f2:e5:4d:a2:98:27:c2:ed:f3:a7:
77:ca:7d:af:de:3c:ba:f8:f1:00:e9:a7:6d:26:4d:
e1:6d:1f:82:a4:15:7d:57:60:9b:f5:db:a5:3e:ae:
10:52:88:30:2c:63:64:11:6d:ab:14:7e:2b:62:cc:
bb:00:5d:50:66:ef:03:92:6a:0d:7d:cb:54:1d:c7:
7f:90:81:b5:44:70:7a:44:b6:9b:da:d1:33:2a:a2:
4a:d7:c2:4a:eb:93:0c:de:7d:f5:1b:39:a8:82:d6:
a5:dd:fe:e9:b0:b4:52:f2:95:aa:4b:a9:36:f6:ab:
01:74:a6:ee:36:a7:f1:85:c3:12:1a:67:49:d7:d6:
87:e0:79:a9:6e:47:6c:63:5c:4d:bf:6d:01:23:67:
ef:19:9a:34:37:dd:f1:bd:56:4a:23:4c:9f:ee:07:
7e:57:2b:1f:1e:e7:19:6e:57:58:92:0f:5b:88:98:
d2:be:47:b0:14:dc:49:bf:a8:1c:b7:69:73:96:a1:
43:6d:79:ea:5f:67:59:37:3e:f5:d1:7b:5e:77:5a:
f0:e6:75:f0:7d:3b:78:4c:05:a4:22:e9:8f:51:be:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3C:87:48:27:9C:7A:E1:4B:5A:EE:75:AF:CA:40:CD:E4:00:7E:80
X509v3 Authority Key Identifier:
keyid:25:AB:E6:7B:21:D3:23:B2:B2:B4:42:C6:B0:6A:E3:2C:C2:80:35:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JavmeyHTI7KytELGsGrjLMKANY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/37b64a-cc5e-4630-96f2-7218a31790f3/1/iTyHSCeceuFLWu51r8pAzeQAfoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/37b64a-cc5e-4630-96f2-7218a31790f3/1/JavmeyHTI7KytELGsGrjLMKANY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.96.0/21
62.145.160.0/19
77.223.32.0/19
85.29.64.0/18
185.69.36.0/22
185.69.72.0/22
212.116.32.0/19
213.143.160.0/19
213.145.192.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:a3:a8:31:9f:9f:64:00:ac:8d:0e:33:26:79:84:b9:4a:80:
ea:65:ea:cb:44:68:30:a2:df:a7:4f:c3:11:5d:11:08:d1:ed:
d7:6c:b3:b5:6f:df:20:54:47:01:73:bb:25:6c:90:77:c9:6f:
7c:cd:3f:83:cd:68:c5:46:87:a3:2c:75:02:4d:3e:75:3b:f7:
b1:23:f6:5c:5f:5f:9a:95:a3:ce:37:c9:d5:83:80:4d:ff:ac:
93:9f:8a:21:32:75:e1:b4:94:f3:71:52:0d:77:6e:ca:b9:ea:
ae:07:1b:cb:22:e2:2d:ec:06:94:87:69:f9:07:cf:09:83:b5:
0f:72:29:5a:6d:bd:f1:b1:2f:a1:c1:3e:62:35:91:e8:e4:76:
09:1a:82:06:ca:8b:1c:24:20:f0:ef:70:9c:22:7f:f5:66:db:
48:66:f9:72:da:0b:ac:a3:d2:06:ee:71:bf:21:af:37:de:bb:
d9:e4:2c:a3:b8:1c:a4:67:47:26:fb:04:31:85:5e:81:3e:80:
13:55:ba:76:16:91:3f:9d:c9:ce:a8:da:65:87:8d:52:3c:f3:
ef:0d:29:71:e0:4a:97:c2:73:fa:2e:e3:52:6f:fd:ed:08:6e:
27:24:dc:a0:6f:dd:bc:52:9d:01:0c:44:d2:89:1e:ea:0e:b7:
89:9a:11:46
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzGt+vVGcrSXpAAkTPvb90lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YWJlNjdiMjFkMzIzYjJiMmI0NDJjNmIwNmFlMzJjYzI4
MDM1OGQwHhcNMjQwMTAxMjAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNjODc0ODI3OWM3YWUxNGI1YWVlNzVhZmNhNDBjZGU0MDA3ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZjq694JMfAQUvHiEVKs2GjzAOmJ
V+Y/w1mD7ra1PjE5v/LlTaKYJ8Lt86d3yn2v3jy6+PEA6adtJk3hbR+CpBV9V2Cb
9dulPq4QUogwLGNkEW2rFH4rYsy7AF1QZu8DkmoNfctUHcd/kIG1RHB6RLab2tEz
KqJK18JK65MM3n31Gzmogtal3f7psLRS8pWqS6k29qsBdKbuNqfxhcMSGmdJ19aH
4HmpbkdsY1xNv20BI2fvGZo0N93xvVZKI0yf7gd+VysfHucZbldYkg9biJjSvkew
FNxJv6gct2lzlqFDbXnqX2dZNz710Xted1rw5nXwfTt4TAWkIumPUb4r4QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIk8h0gnnHrhS1ruda/KQM3kAH6AMB8GA1UdIwQY
MBaAFCWr5nsh0yOysrRCxrBq4yzCgDWNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmF2bWV5SFRJN0t5dEVMR3NHcmpMTUtBTlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8zN2I2NGEtY2M1ZS00NjMwLTk2ZjIt
NzIxOGEzMTc5MGYzLzEvaVR5SFNDZWNldUZMV3U1MXI4cEF6ZVFBZm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8zN2I2NGEtY2M1ZS00NjMwLTk2ZjItNzIxOGEzMTc5MGYz
LzEvSmF2bWV5SFRJN0t5dEVMR3NHcmpMTUtBTlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDLv5gAwQF
PpGgAwQFTd8gAwQGVR1AAwQCuUUkAwQCuUVIAwQF1HQgAwQF1Y+gAwQF1ZHAMA0G
CSqGSIb3DQEBCwUAA4IBAQA9o6gxn59kAKyNDjMmeYS5SoDqZerLRGgwot+nT8MR
XREI0e3XbLO1b98gVEcBc7slbJB3yW98zT+DzWjFRoejLHUCTT51O/exI/ZcX1+a
laPON8nVg4BN/6yTn4ohMnXhtJTzcVINd27KuequBxvLIuIt7AaUh2n5B88Jg7UP
cilabb3xsS+hwT5iNZHo5HYJGoIGyoscJCDw73CcIn/1ZttIZvly2guso9IG7nG/
Ia833rvZ5CyjuBykZ0cm+wQxhV6BPoATVbp2FpE/ncnOqNplh41SPPPvDSlx4EqX
wnP6LuNSb/3tCG4nJNygb928Up0BDETSiR7qDreJmhFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:13 2024 by rpki-client on console-ams.rpki-client.org