Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/es-ImCij0yVHaiQcK0tRc_8zY4E.roa
File: es-ImCij0yVHaiQcK0tRc_8zY4E.roa (raw, json)
Hash identifier: smEj1iSA5oQZbmTQFoQrQKspXZPBIrBlR+wEjan81lc=
Subject key identifier: 7A:CF:88:98:28:A3:D3:25:47:6A:24:1C:2B:4B:51:73:FF:33:63:81
Certificate issuer: /CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Certificate serial: 018AF0C3340BC29AC9B75891A2E0C0B4E87D
Authority key identifier: 35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/es-ImCij0yVHaiQcK0tRc_8zY4E.roa
Signing time: Mon 02 Oct 2023 14:20:39 +0000
ROA not before: Mon 02 Oct 2023 14:20:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34513
IP address blocks: 85.198.0.0/24 maxlen: 24
85.198.1.0/24 maxlen: 24
85.198.2.0/24 maxlen: 24
85.198.3.0/24 maxlen: 24
85.198.4.0/24 maxlen: 24
85.198.7.0/24 maxlen: 24
85.198.5.0/24 maxlen: 24
85.198.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:c3:34:0b:c2:9a:c9:b7:58:91:a2:e0:c0:b4:e8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Validity
Not Before: Oct 2 14:20:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7acf889828a3d325476a241c2b4b5173ff336381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:09:0c:1d:e7:29:9a:db:d5:6d:e9:8d:6a:27:
73:e2:8c:95:3b:cd:2f:48:a5:15:bb:10:c7:f9:58:
f0:49:61:89:0c:b6:c7:e1:dd:b2:c6:df:fa:0b:6a:
68:72:2b:65:10:36:18:12:37:5d:7f:60:c6:23:a7:
ae:13:46:4a:c7:9f:ef:7b:05:9f:60:bd:a8:06:98:
2a:81:0e:57:d6:c0:19:c6:94:6a:06:1a:14:d2:1d:
13:c4:dd:1c:8d:f1:e3:96:54:ca:f1:c4:e4:ec:f4:
3f:26:31:75:dc:1e:c5:b8:65:bc:0b:59:82:ac:3e:
0b:04:95:b1:47:9a:24:b1:ac:d5:dc:7b:f5:b3:65:
22:64:24:79:b1:7f:6a:64:93:d8:f8:a0:ec:36:17:
a0:eb:1e:d2:b2:fc:1c:71:7f:38:1f:49:9b:2b:11:
6f:ff:ce:ad:b9:96:38:58:c1:3f:90:ce:2f:94:fc:
55:35:94:ca:7e:e7:9b:73:1c:a5:f2:11:f9:49:56:
61:58:9a:28:4f:03:3a:42:8a:44:2f:3c:d7:ea:73:
3f:5e:12:d3:60:8d:fe:02:93:c6:e2:47:8c:42:3c:
72:e9:04:68:76:fc:93:53:74:d9:b3:c1:7c:8b:2f:
d3:1a:da:8b:21:41:1e:94:73:67:51:1a:55:d9:73:
7d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CF:88:98:28:A3:D3:25:47:6A:24:1C:2B:4B:51:73:FF:33:63:81
X509v3 Authority Key Identifier:
keyid:35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/es-ImCij0yVHaiQcK0tRc_8zY4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/NXMLuLJiPn9lphY2BNHIX5EGKI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.0.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:76:32:9c:09:02:44:1e:1a:2a:13:46:0a:93:3c:c1:b7:52:
b6:89:dd:1c:aa:fb:78:09:81:b5:64:15:a5:07:af:08:ec:61:
9b:45:3c:24:d0:23:27:4e:40:4c:4a:f4:04:62:2d:92:ff:a8:
1a:57:61:aa:a7:01:92:1e:8f:83:f2:df:6d:a5:55:61:6c:6f:
98:22:19:4e:c8:21:57:59:19:f7:08:c8:d7:9c:50:2c:6e:c9:
d0:25:77:94:22:f1:ca:3c:6e:56:23:67:ce:9f:24:c6:07:13:
0d:cf:a9:c5:40:2e:58:9e:48:49:d1:c1:7a:17:b3:50:1f:46:
0b:a4:9f:97:74:d4:94:45:51:65:a1:c2:b2:e4:0a:e7:19:d3:
f3:0c:19:04:4d:82:6b:c6:a0:1c:07:f3:d2:96:51:5b:ae:5e:
c6:85:52:5d:31:d0:23:8b:be:c6:00:f7:61:82:8d:97:d4:5d:
65:3c:d6:36:87:a6:7e:31:94:d9:66:05:6b:55:19:c6:9e:38:
a7:23:d6:e1:1c:b9:80:13:ce:d7:a9:42:e3:45:83:8f:e2:3a:
ba:a0:24:e4:fb:0c:e3:ca:50:35:97:63:4f:7b:b1:1a:b1:72:
d9:7a:32:42:7d:72:96:21:79:55:1b:db:8c:2e:36:58:1c:ee:
bb:a3:31:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrwwzQLwprJt1iRouDAtOh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NzMwYmI4YjI2MjNlN2Y2NWE2MTYzNjA0ZDFjODVmOTEw
NjI4OGYwHhcNMjMxMDAyMTQyMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNmODg5ODI4YTNkMzI1NDc2YTI0MWMyYjRiNTE3M2ZmMzM2MzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wkMHecpmtvVbemNaidz4oyVO80v
SKUVuxDH+VjwSWGJDLbH4d2yxt/6C2pocitlEDYYEjddf2DGI6euE0ZKx5/vewWf
YL2oBpgqgQ5X1sAZxpRqBhoU0h0TxN0cjfHjllTK8cTk7PQ/JjF13B7FuGW8C1mC
rD4LBJWxR5oksazV3Hv1s2UiZCR5sX9qZJPY+KDsNheg6x7SsvwccX84H0mbKxFv
/86tuZY4WME/kM4vlPxVNZTKfuebcxyl8hH5SVZhWJooTwM6QopELzzX6nM/XhLT
YI3+ApPG4keMQjxy6QRodvyTU3TZs8F8iy/TGtqLIUEelHNnURpV2XN9EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrPiJgoo9MlR2okHCtLUXP/M2OBMB8GA1UdIwQY
MBaAFDVzC7iyYj5/ZaYWNgTRyF+RBiiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2Mt
M2E0ZGZmOGU4ZGVkLzEvZXMtSW1DaWoweVZIYWlRY0swdFJjXzh6WTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2MtM2E0ZGZmOGU4ZGVk
LzEvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVcYAMA0G
CSqGSIb3DQEBCwUAA4IBAQAfdjKcCQJEHhoqE0YKkzzBt1K2id0cqvt4CYG1ZBWl
B68I7GGbRTwk0CMnTkBMSvQEYi2S/6gaV2GqpwGSHo+D8t9tpVVhbG+YIhlOyCFX
WRn3CMjXnFAsbsnQJXeUIvHKPG5WI2fOnyTGBxMNz6nFQC5YnkhJ0cF6F7NQH0YL
pJ+XdNSURVFlocKy5ArnGdPzDBkETYJrxqAcB/PSllFbrl7GhVJdMdAji77GAPdh
go2X1F1lPNY2h6Z+MZTZZgVrVRnGnjinI9bhHLmAE87XqULjRYOP4jq6oCTk+wzj
ylA1l2NPe7EasXLZejJCfXKWIXlVG9uMLjZYHO67ozGc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org