Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/es3Gk0ynInXRZX8RF3bjK99KuNg.roa
File: es3Gk0ynInXRZX8RF3bjK99KuNg.roa (raw, json)
Hash identifier: 6i/qUlFgaK7xza65eKyiIbtfhbZNASdZKF4+OqsTB9M=
Subject key identifier: 7A:CD:C6:93:4C:A7:22:75:D1:65:7F:11:17:76:E3:2B:DF:4A:B8:D8
Certificate issuer: /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Certificate serial: 01856C53A99C4B2A4F389A0332FEFAB5E1ED
Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/es3Gk0ynInXRZX8RF3bjK99KuNg.roa
Signing time: Sun 01 Jan 2023 07:55:00 +0000
ROA not before: Sun 01 Jan 2023 07:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.119.221.0/24 maxlen: 24
185.119.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:a9:9c:4b:2a:4f:38:9a:03:32:fe:fa:b5:e1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Validity
Not Before: Jan 1 07:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7acdc6934ca72275d1657f111776e32bdf4ab8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:66:74:34:1c:84:29:41:8e:ef:f0:6b:f1:cd:
89:4f:e2:24:57:f4:2a:f0:4e:02:7a:ee:b4:17:50:
0e:31:18:d3:3a:e3:d2:fe:ae:cc:da:bc:d6:dd:ff:
45:70:b4:94:92:b5:4e:22:bf:4a:15:9a:52:df:ac:
68:78:3a:93:e9:0e:ef:ba:e6:8d:3f:27:c4:44:fd:
fc:9e:cf:ab:35:64:05:35:88:b6:2d:16:29:01:bb:
eb:6a:08:7a:82:75:9d:05:69:76:5f:6a:fb:cc:0c:
5d:08:b5:1d:4a:1d:10:8c:f3:c1:e3:ee:bc:cb:3f:
60:81:30:d3:6f:89:94:96:60:64:c1:a0:58:71:b7:
a8:04:64:87:fc:02:40:94:73:43:d6:2b:91:f5:94:
67:18:2e:1d:52:52:e1:cd:94:c4:9c:69:88:bc:d3:
e8:f4:eb:44:89:4b:c2:7e:41:15:21:65:5d:7b:e8:
b4:12:cc:78:68:5e:f2:09:6b:1b:8e:2d:ac:02:a8:
fd:73:41:3c:15:1f:4f:8b:f2:8e:4b:c5:eb:1d:60:
2e:fa:bd:be:d1:b2:b3:8e:69:ee:c1:9c:7b:a2:ae:
d0:5d:e0:cf:2f:41:64:36:56:98:f0:ab:5c:c0:89:
12:ef:79:ec:2f:05:9e:a8:dc:5d:f6:0c:03:e4:51:
80:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CD:C6:93:4C:A7:22:75:D1:65:7F:11:17:76:E3:2B:DF:4A:B8:D8
X509v3 Authority Key Identifier:
keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/es3Gk0ynInXRZX8RF3bjK99KuNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.221.0/24
185.119.223.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:66:8f:b0:3e:25:a3:4d:83:84:91:e4:d7:a9:b0:e9:34:11:
38:58:2a:94:32:d7:be:d2:42:d9:4d:40:0f:38:ca:a2:be:a0:
86:ad:62:7d:ea:11:66:51:23:52:fe:cd:a7:d4:5b:64:52:f7:
9b:d1:f2:02:d2:66:b4:2b:3c:f7:45:14:fa:f4:fa:e8:d8:a0:
27:90:f9:85:43:47:ea:ff:6c:5c:bf:c9:8d:fe:f6:53:31:22:
28:f9:6f:7f:93:9a:31:68:11:11:a2:c7:90:00:2e:7e:e1:fa:
8f:28:56:1f:bb:e8:2c:8b:fc:9f:f7:0a:63:38:1c:04:3f:b6:
b0:ec:da:d0:c5:cf:8d:fe:bc:f5:fd:d2:74:c7:43:c9:a8:4f:
1a:91:8d:d6:1a:b8:48:13:9e:4e:f4:6b:4d:23:83:85:a5:34:
32:bd:97:55:9a:16:e3:47:8f:c4:87:bf:4c:9d:88:78:70:9e:
c6:76:0b:f9:d6:65:85:7a:3e:45:18:6a:f5:73:3b:8c:66:b6:
7d:80:fe:5c:8e:4c:88:d7:55:08:2b:ef:a4:30:26:45:4c:be:
65:04:31:0d:71:a2:7b:92:86:c8:94:cd:01:01:fe:2d:54:41:
93:81:f4:a6:e8:9f:49:d2:a1:af:25:6d:99:69:a9:46:84:3a:
f6:7b:f8:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU6mcSypPOJoDMv76teHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YjBmZjc5OThjYTg4NTRjZTdjNDc1YTk3MmVkMWQ1MmE1
YzYwY2QwHhcNMjMwMTAxMDc1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNkYzY5MzRjYTcyMjc1ZDE2NTdmMTExNzc2ZTMyYmRmNGFiOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2Z0NByEKUGO7/Br8c2JT+IkV/Qq
8E4Ceu60F1AOMRjTOuPS/q7M2rzW3f9FcLSUkrVOIr9KFZpS36xoeDqT6Q7vuuaN
PyfERP38ns+rNWQFNYi2LRYpAbvragh6gnWdBWl2X2r7zAxdCLUdSh0QjPPB4+68
yz9ggTDTb4mUlmBkwaBYcbeoBGSH/AJAlHND1iuR9ZRnGC4dUlLhzZTEnGmIvNPo
9OtEiUvCfkEVIWVde+i0Esx4aF7yCWsbji2sAqj9c0E8FR9Pi/KOS8XrHWAu+r2+
0bKzjmnuwZx7oq7QXeDPL0FkNlaY8KtcwIkS73nsLwWeqNxd9gwD5FGALQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHrNxpNMpyJ10WV/ERd24yvfSrjYMB8GA1UdIwQY
MBaAFCiw/3mYyohUznxHWpcu0dUqXGDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDIt
MjY3NTQ3ZWExZTM1LzEvZXMzR2sweW5JblhSWlg4UkYzYmpLOTlLdU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDItMjY3NTQ3ZWExZTM1
LzEvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXfdAwQA
uXffMA0GCSqGSIb3DQEBCwUAA4IBAQCxZo+wPiWjTYOEkeTXqbDpNBE4WCqUMte+
0kLZTUAPOMqivqCGrWJ96hFmUSNS/s2n1FtkUveb0fIC0ma0Kzz3RRT69Pro2KAn
kPmFQ0fq/2xcv8mN/vZTMSIo+W9/k5oxaBERoseQAC5+4fqPKFYfu+gsi/yf9wpj
OBwEP7aw7NrQxc+N/rz1/dJ0x0PJqE8akY3WGrhIE55O9GtNI4OFpTQyvZdVmhbj
R4/Eh79MnYh4cJ7Gdgv51mWFej5FGGr1czuMZrZ9gP5cjkyI11UIK++kMCZFTL5l
BDENcaJ7kobIlM0BAf4tVEGTgfSm6J9J0qGvJW2ZaalGhDr2e/hE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:22 2024 by rpki-client on console-ams.rpki-client.org