Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/esCxpnRepBK0sATbh8Q2KcxoOMQ.roa
File: esCxpnRepBK0sATbh8Q2KcxoOMQ.roa (raw, json)
Hash identifier: gGtVk1AVVy3c7xUiMqwWZqTrUaiYOnTLmVagTDuNzuk=
Subject key identifier: 7A:C0:B1:A6:74:5E:A4:12:B4:B0:04:DB:87:C4:36:29:CC:68:38:C4
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 019049A95CACEB8B2B1E57B3906F25EB7AE8
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/esCxpnRepBK0sATbh8Q2KcxoOMQ.roa
Signing time: Mon 24 Jun 2024 09:52:34 +0000
ROA not before: Mon 24 Jun 2024 09:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.253.158.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 13:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:a9:5c:ac:eb:8b:2b:1e:57:b3:90:6f:25:eb:7a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jun 24 09:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ac0b1a6745ea412b4b004db87c43629cc6838c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3e:2c:1e:4b:53:76:31:8f:7f:50:13:bd:bd:
9d:80:78:53:ef:a5:7a:93:a7:f5:5e:fa:6d:65:97:
45:f3:d0:2d:43:43:b5:18:e2:16:68:6e:cf:7f:c9:
9a:f9:d8:23:8b:bf:79:24:bd:63:29:6d:46:90:91:
d6:6e:28:b0:49:96:52:bf:c7:c1:21:55:f8:d2:f4:
39:f9:5d:60:2e:a2:c8:e1:28:a2:fd:34:8d:27:7b:
13:99:d8:29:8c:d5:64:1e:09:12:07:84:de:ff:ca:
9b:be:62:cc:03:73:fe:61:3b:33:45:6f:4e:79:a4:
f4:a2:fc:74:4b:f0:66:b4:bd:a8:d5:af:72:62:e9:
34:76:1e:19:a6:c2:ae:09:87:af:8e:43:74:9b:23:
2c:2b:d1:6c:05:40:8a:8d:52:b5:8f:3f:4b:4e:95:
35:fd:9d:3d:f4:1b:ae:2a:52:0d:fb:5b:e3:c6:04:
75:21:e5:26:79:0d:eb:80:5c:23:20:38:b0:72:45:
05:05:16:b5:b0:c0:84:f0:d2:08:83:36:25:33:da:
32:e3:40:96:a4:0e:87:e5:a1:11:5d:57:67:3c:5d:
e5:25:9e:fa:86:0e:31:f9:23:69:33:59:06:1f:92:
5f:3f:b6:96:35:a2:93:bc:97:57:2c:55:b9:cd:ce:
28:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C0:B1:A6:74:5E:A4:12:B4:B0:04:DB:87:C4:36:29:CC:68:38:C4
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/esCxpnRepBK0sATbh8Q2KcxoOMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
62.122.228.0/22
185.167.181.0/24
185.204.203.0/24
185.218.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:34:7a:37:aa:fb:0c:10:4e:fa:96:4c:1e:de:7b:b4:59:a3:
22:8d:69:62:b7:b6:ed:8e:20:86:f2:e3:a7:95:b7:86:d0:c6:
be:a1:2c:04:ee:25:02:68:47:68:e1:d1:33:5a:da:25:13:da:
7b:64:40:8d:08:09:bf:5a:25:a3:49:1c:32:39:6d:2d:56:69:
f4:16:d1:46:ee:33:57:55:c3:10:0f:0f:3e:95:4b:1c:ca:7c:
57:cd:ed:dd:50:db:b9:9d:5c:5b:d5:57:dc:0d:4e:43:e0:d1:
5e:84:9d:95:f6:38:18:0f:6d:23:30:ec:3c:15:65:86:49:51:
80:b4:39:8f:5f:b3:65:91:3d:7e:81:1f:55:f1:e3:6e:59:07:
aa:fd:9e:27:f9:5a:6a:af:fa:f2:c1:ba:01:fb:f6:63:d3:54:
ea:09:cf:36:73:e0:2d:63:f9:f8:0e:21:55:11:cb:63:80:51:
e5:a8:e0:4f:80:93:2d:4b:12:ac:fb:3f:b0:ef:1d:61:2f:08:
96:fa:1e:39:8f:e6:2b:f8:94:9b:28:70:72:00:f3:75:8c:29:
b2:c9:ab:46:69:e8:00:7b:34:8f:d2:2f:24:56:92:02:18:85:
d2:f5:f7:04:5c:fd:74:6d:d1:2e:92:cb:ec:6a:86:42:91:b4:
07:d9:1c:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZBJqVys64srHlezkG8l63roMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQwNjI0MDk1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWMwYjFhNjc0NWVhNDEyYjRiMDA0ZGI4N2M0MzYyOWNjNjgzOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT4sHktTdjGPf1ATvb2dgHhT76V6
k6f1XvptZZdF89AtQ0O1GOIWaG7Pf8ma+dgji795JL1jKW1GkJHWbiiwSZZSv8fB
IVX40vQ5+V1gLqLI4Sii/TSNJ3sTmdgpjNVkHgkSB4Te/8qbvmLMA3P+YTszRW9O
eaT0ovx0S/BmtL2o1a9yYuk0dh4ZpsKuCYevjkN0myMsK9FsBUCKjVK1jz9LTpU1
/Z099BuuKlIN+1vjxgR1IeUmeQ3rgFwjIDiwckUFBRa1sMCE8NIIgzYlM9oy40CW
pA6H5aERXVdnPF3lJZ76hg4x+SNpM1kGH5JfP7aWNaKTvJdXLFW5zc4o9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHrAsaZ0XqQStLAE24fENinMaDjEMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvZXNDeHBuUmVwQkswc0FUYmg4UTJLY3hvT01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf2eAwQC
PnrkAwQAuae1AwQAuczLAwQAudqgMA0GCSqGSIb3DQEBCwUAA4IBAQCgNHo3qvsM
EE76lkwe3nu0WaMijWlit7btjiCG8uOnlbeG0Ma+oSwE7iUCaEdo4dEzWtolE9p7
ZECNCAm/WiWjSRwyOW0tVmn0FtFG7jNXVcMQDw8+lUscynxXze3dUNu5nVxb1Vfc
DU5D4NFehJ2V9jgYD20jMOw8FWWGSVGAtDmPX7NlkT1+gR9V8eNuWQeq/Z4n+Vpq
r/rywboB+/Zj01TqCc82c+AtY/n4DiFVEctjgFHlqOBPgJMtSxKs+z+w7x1hLwiW
+h45j+Yr+JSbKHByAPN1jCmyyatGaegAezSP0i8kVpICGIXS9fcEXP10bdEuksvs
aoZCkbQH2RwJ
-----END CERTIFICATE-----
Generated at Mon Jul 8 16:19:57 2024 by rpki-client on console-fra.rpki-client.org