Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/X_jEsU5kNRA4QGDmW4vOPeL4DuQ.roa
File: X_jEsU5kNRA4QGDmW4vOPeL4DuQ.roa (raw, json)
Hash identifier: uITNIJTHDz7JiftW7WR9ATOcKuaJx2ndPnfwfhAoih0=
Subject key identifier: 5F:F8:C4:B1:4E:64:35:10:38:40:60:E6:5B:8B:CE:3D:E2:F8:0E:E4
Certificate issuer: /CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Certificate serial: 01856BDC87FF0FCCB58266049D1D88C6976A
Authority key identifier: 1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/X_jEsU5kNRA4QGDmW4vOPeL4DuQ.roa
Signing time: Sun 01 Jan 2023 05:44:52 +0000
ROA not before: Sun 01 Jan 2023 05:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50033
IP address blocks: 185.161.124.0/22 maxlen: 22
185.211.52.0/22 maxlen: 22
185.60.162.0/24 maxlen: 24
2a07:c3c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:87:ff:0f:cc:b5:82:66:04:9d:1d:88:c6:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Validity
Not Before: Jan 1 05:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff8c4b14e643510384060e65b8bce3de2f80ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:89:cb:f2:86:9a:2b:f6:d3:d9:9f:ce:d9:80:
30:4e:e8:bf:90:14:5d:4b:a1:25:32:b2:d0:1e:37:
b2:bd:87:75:07:6f:f0:ff:a3:c0:1c:05:68:83:b5:
52:d0:2c:39:0a:d1:3c:37:23:c1:db:86:3d:58:26:
91:95:66:2a:49:19:76:db:be:78:c0:99:0a:6d:ac:
25:52:df:f1:59:71:42:e9:eb:7c:29:89:7d:d7:67:
dd:d5:c7:15:dd:81:08:0d:fd:de:09:85:5d:5d:4c:
b8:ab:ae:ac:54:70:f8:d4:35:2b:b5:17:55:ef:28:
6f:f7:de:8e:05:24:52:ad:73:cf:2e:d2:bd:4d:6e:
39:d6:87:d7:0d:66:b2:04:91:3d:ef:e4:1f:55:9e:
10:c8:42:86:8d:a2:a7:ba:94:6c:40:d8:40:95:c7:
00:5f:f1:de:c1:49:74:1b:20:b1:81:c5:96:82:c6:
2c:d4:b6:b3:ec:ac:a3:72:bd:2a:02:bb:15:f7:3d:
40:02:54:25:ed:06:5b:f1:41:d7:fa:d8:16:34:11:
57:33:5b:e1:68:07:9c:0e:51:28:cb:af:49:c4:4a:
02:a1:79:ae:e5:e7:0d:7b:c9:d8:94:58:da:76:2d:
bb:4f:52:a0:36:73:cc:e9:06:f0:94:07:78:76:0b:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F8:C4:B1:4E:64:35:10:38:40:60:E6:5B:8B:CE:3D:E2:F8:0E:E4
X509v3 Authority Key Identifier:
keyid:1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/X_jEsU5kNRA4QGDmW4vOPeL4DuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/H-juh4U0Bs2NBLqOOb96Uf-4o7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.162.0/24
185.161.124.0/22
185.211.52.0/22
IPv6:
2a07:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
ce:45:6d:d1:a1:04:18:30:1d:e2:31:f9:e4:87:dc:71:00:ae:
de:9e:94:61:ad:76:49:7d:ba:78:c0:a1:33:e3:1d:97:d7:2e:
30:2f:ee:3b:b5:54:e6:4a:84:d3:0f:6d:93:34:cf:82:4f:68:
67:92:03:e3:24:f7:51:ff:15:ba:11:a2:14:fd:e5:bc:1f:29:
0b:8f:47:61:d7:3e:b3:40:29:48:aa:a0:6d:15:de:9f:92:90:
56:e0:7c:c0:14:2d:3e:49:02:0f:3e:4b:75:70:5b:54:c9:e6:
27:31:68:3a:84:8f:61:5a:f5:00:64:16:bc:e3:f7:71:66:6d:
ed:9c:41:e4:36:b3:00:33:9d:f7:84:e8:6e:77:08:57:5c:59:
e4:aa:18:e5:d8:7b:a7:fe:58:37:9a:1c:cb:e2:98:81:b6:52:
a0:78:45:ea:18:7d:bf:e9:2b:90:1a:26:93:a1:00:1c:32:e9:
c6:a6:70:d5:94:2f:65:e7:16:c3:fb:84:66:a8:33:54:b2:75:
33:64:fc:45:ae:62:f6:94:72:e1:8e:69:5a:a0:61:2f:fe:ea:
30:31:54:31:b8:df:46:3e:d7:23:2e:15:7a:60:82:1d:24:cd:
77:82:a2:01:8a:96:27:91:2a:42:4a:c3:f2:ad:fe:54:58:df:
cf:7c:b6:01
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVr3If/D8y1gmYEnR2IxpdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZThlZTg3ODUzNDA2Y2Q4ZDA0YmE4ZTM5YmY3YTUxZmZi
OGEzYmMwHhcNMjMwMTAxMDU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY4YzRiMTRlNjQzNTEwMzg0MDYwZTY1YjhiY2UzZGUyZjgwZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4nL8oaaK/bT2Z/O2YAwTui/kBRd
S6ElMrLQHjeyvYd1B2/w/6PAHAVog7VS0Cw5CtE8NyPB24Y9WCaRlWYqSRl22754
wJkKbawlUt/xWXFC6et8KYl912fd1ccV3YEIDf3eCYVdXUy4q66sVHD41DUrtRdV
7yhv996OBSRSrXPPLtK9TW451ofXDWayBJE97+QfVZ4QyEKGjaKnupRsQNhAlccA
X/HewUl0GyCxgcWWgsYs1Laz7Kyjcr0qArsV9z1AAlQl7QZb8UHX+tgWNBFXM1vh
aAecDlEoy69JxEoCoXmu5ecNe8nYlFjadi27T1KgNnPM6QbwlAd4dguoMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF/4xLFOZDUQOEBg5luLzj3i+A7kMB8GA1UdIwQY
MBaAFB/o7oeFNAbNjQS6jjm/elH/uKO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEt
NWM1ZWFiOGE5ZTNjLzEvWF9qRXNVNWtOUkE0UUdEbVc0dk9QZUw0RHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEtNWM1ZWFiOGE5ZTNj
LzEvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuTyiAwQC
uaF8AwQCudM0MA0EAgACMAcDBQMqB8PAMA0GCSqGSIb3DQEBCwUAA4IBAQDORW3R
oQQYMB3iMfnkh9xxAK7enpRhrXZJfbp4wKEz4x2X1y4wL+47tVTmSoTTD22TNM+C
T2hnkgPjJPdR/xW6EaIU/eW8HykLj0dh1z6zQClIqqBtFd6fkpBW4HzAFC0+SQIP
Pkt1cFtUyeYnMWg6hI9hWvUAZBa84/dxZm3tnEHkNrMAM533hOhudwhXXFnkqhjl
2Hun/lg3mhzL4piBtlKgeEXqGH2/6SuQGiaToQAcMunGpnDVlC9l5xbD+4RmqDNU
snUzZPxFrmL2lHLhjmlaoGEv/uowMVQxuN9GPtcjLhV6YIIdJM13gqIBipYnkSpC
SsPyrf5UWN/PfLYB
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:16 2024 by rpki-client on console-ams.rpki-client.org