Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/hQbLevbTulmjwgj-zTGZVI1HSPo.roa
File: hQbLevbTulmjwgj-zTGZVI1HSPo.roa (raw, json)
Hash identifier: Dr660uEE06Ofj4tUColShg2bWiGVhVtI6UMe0OYoWHQ=
Subject key identifier: 85:06:CB:7A:F6:D3:BA:59:A3:C2:08:FE:CD:31:99:54:8D:47:48:FA
Certificate issuer: /CN=a7e70a05b98639cd7ae57feb1a40b367ec9c43ad
Certificate serial: 018BFC480A5A0B0A0D7570B3BD72300011AB
Authority key identifier: A7:E7:0A:05:B9:86:39:CD:7A:E5:7F:EB:1A:40:B3:67:EC:9C:43:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-cKBbmGOc165X_rGkCzZ-ycQ60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/hQbLevbTulmjwgj-zTGZVI1HSPo.roa
Signing time: Thu 23 Nov 2023 13:04:21 +0000
ROA not before: Thu 23 Nov 2023 13:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205222
IP address blocks: 185.225.58.0/24 maxlen: 24
185.225.57.0/24 maxlen: 24
185.225.56.0/22 maxlen: 22
185.225.56.0/24 maxlen: 24
185.225.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:48:0a:5a:0b:0a:0d:75:70:b3:bd:72:30:00:11:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e70a05b98639cd7ae57feb1a40b367ec9c43ad
Validity
Not Before: Nov 23 13:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8506cb7af6d3ba59a3c208fecd3199548d4748fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:03:53:76:14:c2:c7:1f:65:49:fa:d1:df:fd:
48:b2:60:42:b0:4b:42:54:23:f6:1d:4a:46:be:49:
f8:ca:3f:3d:3b:7e:15:93:10:ef:96:45:d2:a2:24:
72:04:7e:60:f2:8e:b2:d1:a0:26:ce:d6:42:f1:39:
13:a6:d6:4c:31:09:aa:dc:ce:cb:5d:f4:9f:ad:8e:
4f:19:9f:b1:be:5f:80:5d:ff:cd:e7:b2:27:70:ce:
90:ca:30:41:b7:3f:98:18:93:dd:4f:01:29:e3:cd:
17:3b:fe:f1:f6:fe:e3:4e:1e:93:db:22:37:95:a4:
a6:4e:82:6c:65:61:03:40:61:42:7b:a3:9f:9e:66:
cf:b4:11:70:ee:65:d9:4e:e8:79:ba:40:5c:79:13:
87:13:90:02:4d:20:a0:cb:69:7f:aa:e3:80:57:44:
68:8e:9e:64:3e:d7:39:a0:c6:75:2b:17:3b:8f:62:
2c:2b:b3:cf:bf:91:5b:29:ec:ef:e3:0a:5b:22:af:
6d:8a:9a:57:9b:cb:8b:6b:93:95:00:9d:a8:04:a4:
85:7b:63:90:3e:f0:5f:64:48:94:61:2a:10:c0:57:
3e:46:6c:ae:34:38:14:9b:ff:d7:c2:e2:99:4a:53:
37:e9:db:fc:76:e5:c2:a4:ae:1e:ce:bb:1f:b7:78:
87:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:06:CB:7A:F6:D3:BA:59:A3:C2:08:FE:CD:31:99:54:8D:47:48:FA
X509v3 Authority Key Identifier:
keyid:A7:E7:0A:05:B9:86:39:CD:7A:E5:7F:EB:1A:40:B3:67:EC:9C:43:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-cKBbmGOc165X_rGkCzZ-ycQ60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/hQbLevbTulmjwgj-zTGZVI1HSPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/p-cKBbmGOc165X_rGkCzZ-ycQ60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:5e:45:bc:5f:91:d6:09:89:4f:f7:6b:e9:15:6d:49:c0:36:
ec:8f:56:8c:8f:18:22:25:21:f0:93:47:65:f3:31:77:0f:99:
4d:3a:d1:16:1f:95:bc:31:ce:80:5f:17:74:13:b9:66:c1:fa:
01:0c:1b:66:64:0b:0a:2c:af:c7:ae:58:b0:6e:48:c4:9c:9e:
e7:38:a0:d4:c4:bf:09:58:17:2d:9c:43:41:b6:b8:85:b0:25:
10:82:42:5a:3e:28:68:6d:ce:39:e6:87:47:cc:72:d7:c6:d2:
47:ba:c1:fb:27:d7:81:24:09:ad:08:24:d5:ec:4a:6c:f4:05:
3c:66:2b:f9:37:27:0e:85:63:70:08:a2:00:0e:c6:7d:bb:b3:
33:4f:43:e5:a9:dd:1f:23:40:c8:9c:bc:90:26:e3:fd:44:88:
78:b6:92:0a:a8:37:f2:5a:ad:6c:78:73:e8:5f:f2:46:f5:cd:
d7:41:bf:07:a7:5d:18:27:bd:87:17:9a:e7:79:76:e7:d8:1a:
7e:c0:19:42:99:a3:c2:a5:68:5a:2f:f9:e4:b8:0d:d0:60:3e:
6f:a9:ad:f6:8c:63:5b:e1:70:ca:a7:fe:d8:8a:81:b2:61:a2:
58:5b:3c:04:b8:a8:1b:17:2b:c9:98:f9:df:cc:f0:80:bf:5f:
7e:fd:e4:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv8SApaCwoNdXCzvXIwABGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTcwYTA1Yjk4NjM5Y2Q3YWU1N2ZlYjFhNDBiMzY3ZWM5
YzQzYWQwHhcNMjMxMTIzMTMwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA2Y2I3YWY2ZDNiYTU5YTNjMjA4ZmVjZDMxOTk1NDhkNDc0OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwNTdhTCxx9lSfrR3/1IsmBCsEtC
VCP2HUpGvkn4yj89O34VkxDvlkXSoiRyBH5g8o6y0aAmztZC8TkTptZMMQmq3M7L
XfSfrY5PGZ+xvl+AXf/N57IncM6QyjBBtz+YGJPdTwEp480XO/7x9v7jTh6T2yI3
laSmToJsZWEDQGFCe6OfnmbPtBFw7mXZTuh5ukBceROHE5ACTSCgy2l/quOAV0Ro
jp5kPtc5oMZ1Kxc7j2IsK7PPv5FbKezv4wpbIq9tippXm8uLa5OVAJ2oBKSFe2OQ
PvBfZEiUYSoQwFc+RmyuNDgUm//XwuKZSlM36dv8duXCpK4ezrsft3iH0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUGy3r207pZo8II/s0xmVSNR0j6MB8GA1UdIwQY
MBaAFKfnCgW5hjnNeuV/6xpAs2fsnEOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1jS0JibUdPYzE2NVhfckdrQ3paLXljUTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xMjAyZTItMGI1NC00MmVlLTkzM2Et
MmIxZGM5OTJlY2EyLzEvaFFiTGV2YlR1bG1qd2dqLXpUR1pWSTFIU1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xMjAyZTItMGI1NC00MmVlLTkzM2EtMmIxZGM5OTJlY2Ey
LzEvcC1jS0JibUdPYzE2NVhfckdrQ3paLXljUTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueE4MA0G
CSqGSIb3DQEBCwUAA4IBAQBqXkW8X5HWCYlP92vpFW1JwDbsj1aMjxgiJSHwk0dl
8zF3D5lNOtEWH5W8Mc6AXxd0E7lmwfoBDBtmZAsKLK/HrliwbkjEnJ7nOKDUxL8J
WBctnENBtriFsCUQgkJaPihobc455odHzHLXxtJHusH7J9eBJAmtCCTV7Eps9AU8
Ziv5NycOhWNwCKIADsZ9u7MzT0Plqd0fI0DInLyQJuP9RIh4tpIKqDfyWq1seHPo
X/JG9c3XQb8Hp10YJ72HF5rneXbn2Bp+wBlCmaPCpWhaL/nkuA3QYD5vqa32jGNb
4XDKp/7YioGyYaJYWzwEuKgbFyvJmPnfzPCAv19+/eST
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:16 2024 by rpki-client on console-ams.rpki-client.org