Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/xkjAQ8cfhyZ_SSHBnLCDhaRac6M.roa
File: xkjAQ8cfhyZ_SSHBnLCDhaRac6M.roa (raw, json)
Hash identifier: VnOZ9u1g9MQgCtA0TzWTC3ByuknOIditEL9Ux+cSo00=
Subject key identifier: C6:48:C0:43:C7:1F:87:26:7F:49:21:C1:9C:B0:83:85:A4:5A:73:A3
Certificate issuer: /CN=e920237e725cf0a53ef43a74b5569551aff74e04
Certificate serial: 01889A2C9109B6F78769536FFD025147AE39
Authority key identifier: E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/xkjAQ8cfhyZ_SSHBnLCDhaRac6M.roa
Signing time: Thu 08 Jun 2023 08:43:11 +0000
ROA not before: Thu 08 Jun 2023 08:43:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61999
IP address blocks: 185.52.107.0/24 maxlen: 24
185.52.106.0/23 maxlen: 23
185.52.106.0/24 maxlen: 24
185.52.104.0/24 maxlen: 24
185.52.104.0/23 maxlen: 23
185.52.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:2c:91:09:b6:f7:87:69:53:6f:fd:02:51:47:ae:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e920237e725cf0a53ef43a74b5569551aff74e04
Validity
Not Before: Jun 8 08:43:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c648c043c71f87267f4921c19cb08385a45a73a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:49:b8:43:5c:8f:70:19:af:4c:d1:71:85:9a:
da:d0:a5:5e:cd:50:9f:71:04:fb:bb:e8:da:96:d9:
f3:0b:aa:7b:17:a5:74:e9:54:97:43:63:9c:65:47:
e9:b2:24:40:7b:f9:e6:b3:6e:3e:11:71:65:1e:01:
24:49:bc:aa:77:be:20:6c:80:f4:31:fd:d9:44:14:
18:89:df:83:68:41:fb:4a:c7:b4:5a:2e:ad:ee:34:
ab:fb:86:aa:2e:03:d0:0a:c2:70:bc:db:55:83:c1:
d7:a4:22:f5:de:86:44:b4:96:39:f9:c5:6d:10:7d:
59:24:7f:4f:2f:a7:7e:ef:ed:01:b5:48:7c:b6:76:
ec:c9:85:73:74:da:63:67:c5:a5:b3:d4:1f:ba:fe:
5b:a5:a7:ec:50:f1:a1:72:6c:17:a9:bc:97:1e:5d:
e4:b5:6b:8c:b4:7d:af:4e:c9:4a:df:a4:5c:94:50:
b3:48:e3:8c:a2:67:1b:c3:03:75:d0:75:88:58:51:
93:7b:45:76:4f:e6:7b:5a:16:be:fe:0c:4a:e0:f4:
28:3d:a5:be:1e:27:58:09:6a:07:dd:c8:8e:97:82:
a1:c3:2b:79:d4:3e:03:59:0f:45:e0:51:52:fc:b3:
77:b0:21:73:bf:89:5e:2b:b4:2e:55:4c:2e:50:c9:
5e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:48:C0:43:C7:1F:87:26:7F:49:21:C1:9C:B0:83:85:A4:5A:73:A3
X509v3 Authority Key Identifier:
keyid:E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/xkjAQ8cfhyZ_SSHBnLCDhaRac6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.104.0/22
Signature Algorithm: sha256WithRSAEncryption
82:96:46:68:a3:06:f4:0d:0b:50:23:9b:41:73:6d:e1:18:6c:
19:4f:ab:ae:9c:00:de:37:b4:45:bf:fc:24:4e:a8:e6:ae:b8:
be:09:27:25:34:b1:1f:92:cf:2b:1e:99:b7:04:64:db:d8:d2:
4f:fc:83:5a:04:c1:6f:b8:6e:21:68:1c:a1:59:4f:77:57:81:
ae:1c:18:2c:89:64:db:90:16:f9:e8:40:2d:8c:8e:fd:8f:16:
bf:e1:cf:a7:a7:42:5a:b2:d2:4e:6d:c4:95:7a:95:a0:fe:a3:
10:d5:8a:3c:f2:5e:16:d4:39:6d:1a:6f:73:0d:15:14:ae:65:
1a:34:b0:2e:bf:cc:a7:d8:30:4b:8e:f3:07:99:13:a1:1c:46:
9a:f1:ae:1a:4b:da:e9:75:90:76:0d:3f:5c:c0:6c:8d:7e:c4:
0c:18:52:5b:20:4a:42:6e:7c:77:54:f6:0a:4e:e9:4b:a7:10:
7f:90:80:4e:87:38:db:37:0c:1d:44:14:3c:32:b9:33:cd:cf:
d0:bd:b1:f9:b7:bd:a6:ec:fe:92:6c:9f:a1:4e:17:b3:e6:de:
9d:3b:8e:7e:07:61:f1:16:02:4f:b4:bc:11:c2:a3:bf:e0:74:
5b:8b:78:c6:0b:f0:8e:29:b6:f0:7b:43:46:d7:8e:da:6e:d2:
00:6b:a6:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaLJEJtveHaVNv/QJRR645MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MjAyMzdlNzI1Y2YwYTUzZWY0M2E3NGI1NTY5NTUxYWZm
NzRlMDQwHhcNMjMwNjA4MDg0MzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ4YzA0M2M3MWY4NzI2N2Y0OTIxYzE5Y2IwODM4NWE0NWE3M2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskm4Q1yPcBmvTNFxhZra0KVezVCf
cQT7u+jaltnzC6p7F6V06VSXQ2OcZUfpsiRAe/nms24+EXFlHgEkSbyqd74gbID0
Mf3ZRBQYid+DaEH7Sse0Wi6t7jSr+4aqLgPQCsJwvNtVg8HXpCL13oZEtJY5+cVt
EH1ZJH9PL6d+7+0BtUh8tnbsyYVzdNpjZ8Wls9Qfuv5bpafsUPGhcmwXqbyXHl3k
tWuMtH2vTslK36RclFCzSOOMomcbwwN10HWIWFGTe0V2T+Z7Wha+/gxK4PQoPaW+
HidYCWoH3ciOl4Khwyt51D4DWQ9F4FFS/LN3sCFzv4leK7QuVUwuUMlezwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZIwEPHH4cmf0khwZywg4WkWnOjMB8GA1UdIwQY
MBaAFOkgI35yXPClPvQ6dLVWlVGv904EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgt
ZWIxMTM5YTMzZDBhLzEveGtqQVE4Y2ZoeVpfU1NIQm5MQ0RoYVJhYzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgtZWIxMTM5YTMzZDBh
LzEvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTRoMA0G
CSqGSIb3DQEBCwUAA4IBAQCClkZoowb0DQtQI5tBc23hGGwZT6uunADeN7RFv/wk
Tqjmrri+CSclNLEfks8rHpm3BGTb2NJP/INaBMFvuG4haByhWU93V4GuHBgsiWTb
kBb56EAtjI79jxa/4c+np0JastJObcSVepWg/qMQ1Yo88l4W1DltGm9zDRUUrmUa
NLAuv8yn2DBLjvMHmROhHEaa8a4aS9rpdZB2DT9cwGyNfsQMGFJbIEpCbnx3VPYK
TulLpxB/kIBOhzjbNwwdRBQ8Mrkzzc/QvbH5t72m7P6SbJ+hThez5t6dO45+B2Hx
FgJPtLwRwqO/4HRbi3jGC/COKbbwe0NG147abtIAa6aE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:31 2024 by rpki-client on console-fra.rpki-client.org