Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1Y04wf0RTG7XRaW7lK61vWVH1xw.roa
File: 1Y04wf0RTG7XRaW7lK61vWVH1xw.roa (raw, json)
Hash identifier: FnAwmpi8ZVp6K7OUvSFQawFu1ohRGsZgEN4vZypVL3o=
Subject key identifier: D5:8D:38:C1:FD:11:4C:6E:D7:45:A5:BB:94:AE:B5:BD:65:47:D7:1C
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3F2F5116A269AA03E21F73913A44A129
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1Y04wf0RTG7XRaW7lK61vWVH1xw.roa
Signing time: Wed 06 Dec 2023 12:51:54 +0000
ROA not before: Wed 06 Dec 2023 12:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.167.181.0/24 maxlen: 24
5.253.158.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 14:52:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:2f:51:16:a2:69:aa:03:e2:1f:73:91:3a:44:a1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 12:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d58d38c1fd114c6ed745a5bb94aeb5bd6547d71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:93:94:1b:f2:5d:9c:89:1b:d9:aa:8b:1d:c1:
4f:83:96:be:30:0a:e3:9d:33:e1:a4:3b:bc:82:2f:
8e:df:db:f9:75:d8:58:09:b5:27:f4:10:27:40:e6:
22:34:4f:d7:c3:cb:ed:cb:3b:1e:2b:c0:68:db:9a:
f7:64:f3:15:b3:30:4d:13:84:25:e5:5e:8f:2a:be:
1e:62:ae:02:0d:49:8d:13:9d:4b:3f:d0:ab:77:95:
21:b1:7c:9e:e7:f4:9b:9a:de:b9:2b:c6:b1:bb:8c:
91:c9:3c:7b:0f:ed:50:3a:f2:cf:d7:38:48:4c:94:
12:55:27:0e:c9:8e:3c:38:f6:b0:bb:a1:dd:8a:91:
0e:d6:fc:01:78:7e:47:3b:f4:24:a6:89:cf:06:5d:
62:ed:f7:15:01:9d:ba:bf:ae:fd:04:34:cd:99:5f:
0a:26:56:36:e0:bc:12:75:51:c3:05:54:07:5f:b7:
ba:2e:5d:9b:fc:a0:68:33:49:b6:eb:6e:d8:4a:90:
14:c6:a9:17:22:ac:b6:e6:b3:b4:f6:cc:32:39:f5:
40:ce:53:17:aa:75:f0:2b:ab:78:cd:9d:94:63:28:
5a:c2:ed:e0:08:33:ae:47:db:e4:3d:04:02:7e:ea:
c5:84:e2:93:9b:66:5b:8a:3d:99:9f:85:60:d2:90:
c1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8D:38:C1:FD:11:4C:6E:D7:45:A5:BB:94:AE:B5:BD:65:47:D7:1C
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1Y04wf0RTG7XRaW7lK61vWVH1xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
185.167.181.0/24
185.204.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:50:5b:5a:3f:b5:ba:0d:ae:7f:e1:82:da:e0:68:76:7f:09:
6e:06:0a:f3:28:64:b6:68:45:55:04:74:c2:20:54:18:9b:07:
2c:bd:e7:39:ac:62:5a:8e:64:a3:69:8f:63:c1:b9:de:52:fc:
0d:00:99:f9:15:61:37:de:0a:b7:7d:b9:f4:ea:f2:cc:8a:ea:
19:af:f7:da:c7:f1:2f:ec:4c:d6:3c:6b:ca:3d:e8:cb:ef:98:
16:a9:50:95:7e:a2:72:ce:81:a4:4c:2d:a0:b5:ba:c2:b8:50:
ae:a5:67:a1:2d:6d:35:0a:8b:c3:4d:bd:32:9f:06:be:29:a6:
9a:01:49:d3:60:15:b6:2d:a1:01:3c:29:52:50:dc:7c:3c:b5:
8b:c0:64:2d:46:08:24:f5:60:71:be:19:a5:e6:d4:f9:6b:84:
b3:7d:8b:0f:ae:f0:3c:50:3f:fe:f8:cf:ca:c7:e4:84:23:9f:
4e:d5:9a:f5:9d:98:3b:e9:9a:e9:ee:c9:78:01:81:52:ba:32:
e3:66:c6:ee:95:da:13:94:14:98:53:45:5a:84:96:b8:44:1a:
e0:f8:f6:97:6f:ee:d5:91:52:0a:b5:0a:4f:76:4a:67:1b:4a:
cf:ff:29:c5:27:0a:b2:c4:db:a4:a7:cc:8c:9f:07:66:30:77:
8b:96:11:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw/L1EWommqA+Ifc5E6RKEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTI1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThkMzhjMWZkMTE0YzZlZDc0NWE1YmI5NGFlYjViZDY1NDdkNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZOUG/JdnIkb2aqLHcFPg5a+MArj
nTPhpDu8gi+O39v5ddhYCbUn9BAnQOYiNE/Xw8vtyzseK8Bo25r3ZPMVszBNE4Ql
5V6PKr4eYq4CDUmNE51LP9Crd5UhsXye5/Sbmt65K8axu4yRyTx7D+1QOvLP1zhI
TJQSVScOyY48OPawu6HdipEO1vwBeH5HO/QkponPBl1i7fcVAZ26v679BDTNmV8K
JlY24LwSdVHDBVQHX7e6Ll2b/KBoM0m2627YSpAUxqkXIqy25rO09swyOfVAzlMX
qnXwK6t4zZ2UYyhawu3gCDOuR9vkPQQCfurFhOKTm2Zbij2Zn4Vg0pDBNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNWNOMH9EUxu10Wlu5Sutb1lR9ccMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvMVkwNHdmMFJURzdYUmFXN2xLNjF2V1ZIMXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf2eAwQA
uae1AwQAuczLMA0GCSqGSIb3DQEBCwUAA4IBAQBaUFtaP7W6Da5/4YLa4Gh2fwlu
BgrzKGS2aEVVBHTCIFQYmwcsvec5rGJajmSjaY9jwbneUvwNAJn5FWE33gq3fbn0
6vLMiuoZr/fax/Ev7EzWPGvKPejL75gWqVCVfqJyzoGkTC2gtbrCuFCupWehLW01
CovDTb0ynwa+KaaaAUnTYBW2LaEBPClSUNx8PLWLwGQtRggk9WBxvhml5tT5a4Sz
fYsPrvA8UD/++M/Kx+SEI59O1Zr1nZg76Zrp7sl4AYFSujLjZsbuldoTlBSYU0Va
hJa4RBrg+PaXb+7VkVIKtQpPdkpnG0rP/ynFJwqyxNukp8yMnwdmMHeLlhEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org