Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/s6lDvkVBbpVK4oqhxBePIhGtnlc.roa
File: s6lDvkVBbpVK4oqhxBePIhGtnlc.roa (raw, json)
Hash identifier: Eea2YbJMIEmG4aWrWyWRizLryrEJ4U+rSMRW4jCk35w=
Subject key identifier: B3:A9:43:BE:45:41:6E:95:4A:E2:8A:A1:C4:17:8F:22:11:AD:9E:57
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018CC8DF916C0CA03881AC4458CAACAB3FE8
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/s6lDvkVBbpVK4oqhxBePIhGtnlc.roa
Signing time: Tue 02 Jan 2024 06:32:24 +0000
ROA not before: Tue 02 Jan 2024 06:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35761
IP address blocks: 185.58.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 14 May 2024 11:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:91:6c:0c:a0:38:81:ac:44:58:ca:ac:ab:3f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 2 06:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3a943be45416e954ae28aa1c4178f2211ad9e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:06:fc:3a:b4:e2:20:f9:e1:61:70:ba:c4:af:
f5:7c:eb:c4:dd:12:b6:d2:46:e8:3a:2a:7f:3d:42:
1f:f4:49:75:03:44:e2:88:dc:ac:30:0d:24:4b:ec:
d7:10:34:d6:f1:68:57:ba:ef:53:bc:9f:d5:02:37:
43:c7:fc:b6:71:57:2f:a5:22:b6:83:b7:fc:b9:e2:
97:4d:41:ab:b6:27:02:5e:61:dd:86:84:8c:3b:7d:
cf:53:12:ce:77:25:da:6d:13:f4:f9:7f:67:e2:67:
b9:54:91:04:73:c8:8c:80:a6:44:14:43:0a:2b:6c:
f3:5b:cb:52:44:45:8f:dc:58:89:1e:58:13:2a:04:
c9:40:37:af:42:8d:bd:4e:18:01:ad:60:0e:87:98:
ef:88:09:e9:53:99:de:11:c6:36:9b:fe:83:d0:e0:
4f:56:54:2b:c6:fc:31:9b:32:9c:a5:88:11:a7:1f:
04:8c:ce:6a:31:eb:4d:ae:60:a9:50:4c:98:31:93:
db:9a:99:01:64:b9:ce:44:94:2e:2e:e2:9c:a8:35:
e3:fb:69:28:3d:7e:59:3b:c8:0a:bb:c3:c1:6c:f4:
c3:dc:14:bb:05:ca:27:ad:9e:a3:36:80:8d:7f:8a:
2c:4b:9a:13:5a:fb:98:ff:c4:a0:5e:a4:52:94:84:
66:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A9:43:BE:45:41:6E:95:4A:E2:8A:A1:C4:17:8F:22:11:AD:9E:57
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/s6lDvkVBbpVK4oqhxBePIhGtnlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:e9:22:a4:55:a8:bd:b6:c4:90:8b:1f:1b:f6:57:2d:46:a6:
b7:9f:c3:59:0d:59:05:06:18:58:58:44:38:f9:6c:80:ca:9c:
ec:b7:c8:7d:3a:1e:7e:4e:a7:a6:2f:6a:27:0e:63:8a:ef:e2:
c6:64:97:8d:cc:83:e6:2e:da:e6:0e:1b:02:bd:42:17:04:fd:
71:87:e1:ae:24:bd:40:9b:19:b2:10:22:06:be:d0:df:98:9f:
ad:ce:7a:b9:76:41:12:d0:eb:a1:93:21:11:bb:b5:22:85:e8:
82:b9:20:36:90:92:b5:39:6b:82:11:cf:18:b1:42:c1:12:d2:
07:68:98:81:1d:6f:58:9a:71:14:5a:f9:7f:54:50:2f:51:3b:
6d:a0:dc:f6:88:94:30:c2:89:45:e2:90:a8:66:12:5f:c0:29:
98:bb:4e:58:59:69:bc:d3:c7:84:4f:74:e1:ab:d4:bb:cf:5a:
41:7d:7b:f1:e2:c3:a9:f2:eb:4e:fe:8c:b9:2c:63:0c:06:e1:
90:49:41:f3:88:bb:65:50:ed:7f:02:12:17:ea:dd:93:60:85:
7f:6a:82:9a:fd:13:4e:e1:ed:d2:a2:27:01:64:c2:8f:8c:e9:
31:b1:59:a4:28:b1:ff:14:04:21:c8:e7:55:be:19:7a:f5:6c:
01:bd:31:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI35FsDKA4gaxEWMqsqz/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E5NDNiZTQ1NDE2ZTk1NGFlMjhhYTFjNDE3OGYyMjExYWQ5ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwb8OrTiIPnhYXC6xK/1fOvE3RK2
0kboOip/PUIf9El1A0TiiNysMA0kS+zXEDTW8WhXuu9TvJ/VAjdDx/y2cVcvpSK2
g7f8ueKXTUGrticCXmHdhoSMO33PUxLOdyXabRP0+X9n4me5VJEEc8iMgKZEFEMK
K2zzW8tSREWP3FiJHlgTKgTJQDevQo29ThgBrWAOh5jviAnpU5neEcY2m/6D0OBP
VlQrxvwxmzKcpYgRpx8EjM5qMetNrmCpUEyYMZPbmpkBZLnORJQuLuKcqDXj+2ko
PX5ZO8gKu8PBbPTD3BS7BconrZ6jNoCNf4osS5oTWvuY/8SgXqRSlIRmbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOpQ75FQW6VSuKKocQXjyIRrZ5XMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvczZsRHZrVkJicFZLNG9xaHhCZVBJaEd0bmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuToUMA0G
CSqGSIb3DQEBCwUAA4IBAQB+6SKkVai9tsSQix8b9lctRqa3n8NZDVkFBhhYWEQ4
+WyAypzst8h9Oh5+TqemL2onDmOK7+LGZJeNzIPmLtrmDhsCvUIXBP1xh+GuJL1A
mxmyECIGvtDfmJ+tznq5dkES0OuhkyERu7UiheiCuSA2kJK1OWuCEc8YsULBEtIH
aJiBHW9YmnEUWvl/VFAvUTttoNz2iJQwwolF4pCoZhJfwCmYu05YWWm808eET3Th
q9S7z1pBfXvx4sOp8utO/oy5LGMMBuGQSUHziLtlUO1/AhIX6t2TYIV/aoKa/RNO
4e3SoicBZMKPjOkxsVmkKLH/FAQhyOdVvhl69WwBvTEz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org