Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/KpO5xdMXDTzgR_tRq31qIlGNYFU.roa
File: KpO5xdMXDTzgR_tRq31qIlGNYFU.roa (raw, json)
Hash identifier: 7Eyt2h/o8CSQS/zBipfK5hnjZlNjNzOEWlf9c4xDmn4=
Subject key identifier: 2A:93:B9:C5:D3:17:0D:3C:E0:47:FB:51:AB:7D:6A:22:51:8D:60:55
Certificate issuer: /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial: 01891CA5BC5CBCF4808D3A360AB85D1D0226
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/KpO5xdMXDTzgR_tRq31qIlGNYFU.roa
Signing time: Mon 03 Jul 2023 16:46:10 +0000
ROA not before: Mon 03 Jul 2023 16:46:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59397
IP address blocks: 185.75.130.0/24 maxlen: 24
185.75.129.0/24 maxlen: 24
185.75.131.0/24 maxlen: 24
185.75.128.0/22 maxlen: 22
2a03:4d22::/32 maxlen: 32
2a03:4d25::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:a5:bc:5c:bc:f4:80:8d:3a:36:0a:b8:5d:1d:02:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Validity
Not Before: Jul 3 16:46:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a93b9c5d3170d3ce047fb51ab7d6a22518d6055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:01:19:10:16:33:a1:92:e0:d0:aa:86:c5:
7e:d9:e8:c9:83:26:f6:04:02:5e:98:13:ae:02:d1:
91:96:47:94:24:5f:e3:37:ee:fb:1a:d3:49:39:65:
d5:5d:97:96:fb:be:45:32:41:6f:16:53:ea:5b:82:
5c:2b:7d:83:e0:50:a2:ec:17:74:02:63:84:9a:31:
b6:e0:91:7d:33:7a:1b:4c:12:f5:7e:22:61:c3:c1:
69:b3:c1:1e:e0:68:da:a4:c3:68:4d:25:c9:d5:00:
28:ef:69:ff:b7:e3:7b:e5:4b:50:be:11:94:65:8c:
b1:23:f0:41:75:5f:da:bf:10:28:be:d4:ff:35:98:
53:dc:d6:d5:0e:8b:57:c1:31:79:45:38:d8:27:80:
43:d9:42:cb:89:00:7c:d3:b9:dc:ca:bc:d9:95:25:
9a:fb:91:12:b4:3c:a9:ab:9d:2d:90:49:69:a2:7e:
86:16:e0:ae:7d:21:dd:64:ff:8d:42:3e:84:c5:21:
bd:0d:45:51:d1:3d:e3:53:d2:08:e3:ea:b0:09:72:
f1:ab:61:44:76:0e:76:f5:ba:21:68:d8:fe:41:d5:
ae:43:f4:1f:e7:49:f4:45:68:01:77:6b:0d:d2:92:
ff:49:14:a8:38:14:01:b6:6f:fd:1b:2b:2d:a5:cf:
d6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:B9:C5:D3:17:0D:3C:E0:47:FB:51:AB:7D:6A:22:51:8D:60:55
X509v3 Authority Key Identifier:
keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/KpO5xdMXDTzgR_tRq31qIlGNYFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.128.0/22
IPv6:
2a03:4d22::/32
2a03:4d25::/32
Signature Algorithm: sha256WithRSAEncryption
24:7a:58:1f:be:6c:9d:b9:7b:c1:34:e9:ee:e9:c9:c3:4e:2d:
24:b6:53:5e:3a:de:f8:85:d0:ce:11:fc:47:3f:ef:87:a3:54:
96:28:40:e3:d7:ba:5c:b0:ce:82:a2:6c:95:91:8d:31:c1:b3:
6c:8f:2d:1d:ef:c1:91:8f:1a:b6:e8:3d:0d:d8:35:62:30:91:
a6:25:fa:d0:b8:1a:b1:24:35:73:62:b2:9f:23:f3:75:3c:1b:
fd:1e:e3:fc:fd:fd:fa:1e:f9:29:e4:82:28:46:55:ca:7f:12:
43:4f:fd:fe:69:b6:38:92:e4:e0:0b:75:97:eb:a8:88:fc:97:
4f:1e:f1:25:94:55:9e:f4:61:54:e4:de:35:4d:ab:00:5e:b4:
b3:59:2e:af:49:9b:14:03:71:1f:22:c0:2a:df:95:3c:00:f9:
f7:5f:a5:93:34:2b:64:d3:ac:14:79:ae:b0:a6:06:93:83:72:
91:db:9f:ad:47:ff:2c:1d:f9:b1:ba:ee:f7:8c:49:93:11:19:
c9:33:b2:a4:18:3f:bb:4b:d1:27:b3:ac:28:83:43:b9:3f:7a:
8d:14:4b:6a:4f:e9:47:1a:88:16:5d:9e:a3:3d:13:89:69:1e:
4a:b8:36:de:7e:9e:a2:0b:bc:da:51:a3:60:60:c6:ab:57:58:
7c:bf:98:2c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYkcpbxcvPSAjTo2CrhdHQImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjI2ZWU1ZWEwNDA2NTkyZGY5NzVjNmY0Yzg0ZjEwZjE0
ZDE1Y2IwHhcNMjMwNzAzMTY0NjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzYjljNWQzMTcwZDNjZTA0N2ZiNTFhYjdkNmEyMjUxOGQ2MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ0BGRAWM6GS4NCqhsV+2ejJgyb2
BAJemBOuAtGRlkeUJF/jN+77GtNJOWXVXZeW+75FMkFvFlPqW4JcK32D4FCi7Bd0
AmOEmjG24JF9M3obTBL1fiJhw8Fps8Ee4GjapMNoTSXJ1QAo72n/t+N75UtQvhGU
ZYyxI/BBdV/avxAovtT/NZhT3NbVDotXwTF5RTjYJ4BD2ULLiQB807ncyrzZlSWa
+5EStDypq50tkElpon6GFuCufSHdZP+NQj6ExSG9DUVR0T3jU9II4+qwCXLxq2FE
dg529bohaNj+QdWuQ/Qf50n0RWgBd2sN0pL/SRSoOBQBtm/9Gystpc/WDQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCqTucXTFw084Ef7Uat9aiJRjWBVMB8GA1UdIwQY
MBaAFGUibuXqBAZZLfl1xvTITxDxTRXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEt
ZGVjMDI0ODhjMzdjLzEvS3BPNXhkTVhEVHpnUl90UnEzMXFJbEdOWUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEtZGVjMDI0ODhjMzdj
LzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuUuAMBQE
AgACMA4DBQAqA00iAwUAKgNNJTANBgkqhkiG9w0BAQsFAAOCAQEAJHpYH75snbl7
wTTp7unJw04tJLZTXjre+IXQzhH8Rz/vh6NUlihA49e6XLDOgqJslZGNMcGzbI8t
He/BkY8atug9Ddg1YjCRpiX60LgasSQ1c2KynyPzdTwb/R7j/P39+h75KeSCKEZV
yn8SQ0/9/mm2OJLk4At1l+uoiPyXTx7xJZRVnvRhVOTeNU2rAF60s1kur0mbFANx
HyLAKt+VPAD591+lkzQrZNOsFHmusKYGk4NykdufrUf/LB35sbru94xJkxEZyTOy
pBg/u0vRJ7OsKINDuT96jRRLak/pRxqIFl2eoz0TiWkeSrg23n6eogu82lGjYGDG
q1dYfL+YLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:40 2024 by rpki-client on console-fra.rpki-client.org