Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/EM4RFS6sleZI91OdbBxY813lz-s.roa
File: EM4RFS6sleZI91OdbBxY813lz-s.roa (raw, json)
Hash identifier: sYRYGLlgofdB+a00i4C5KshOBuOrSte8x6vVTxRoAZg=
Subject key identifier: 10:CE:11:15:2E:AC:95:E6:48:F7:53:9D:6C:1C:58:F3:5D:E5:CF:EB
Certificate issuer: /CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Certificate serial: 0189B047DD062C33D3531891722D2A7B020B
Authority key identifier: 04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/EM4RFS6sleZI91OdbBxY813lz-s.roa
Signing time: Tue 01 Aug 2023 08:47:26 +0000
ROA not before: Tue 01 Aug 2023 08:47:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39176
IP address blocks: 185.86.52.0/24 maxlen: 24
185.86.52.0/23 maxlen: 23
185.86.55.0/24 maxlen: 24
185.86.54.0/24 maxlen: 24
185.86.53.0/24 maxlen: 24
2a05:b500:54::/48 maxlen: 48
2a05:b500:52::/48 maxlen: 48
2a05:b500:55::/48 maxlen: 48
2a05:b500:53::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:47:dd:06:2c:33:d3:53:18:91:72:2d:2a:7b:02:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Validity
Not Before: Aug 1 08:47:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10ce11152eac95e648f7539d6c1c58f35de5cfeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:bf:6b:e0:c0:20:b3:ef:05:73:0f:3b:a4:
94:0c:26:cd:67:0d:ad:c9:81:4a:94:78:7a:c9:1b:
08:22:58:3b:5f:ff:a7:69:3f:87:7b:8b:fa:2d:24:
a6:57:b5:24:41:e1:a2:4d:4f:18:15:e0:ee:fd:6a:
f1:fb:31:ad:af:34:ce:a7:e1:e4:ad:89:cf:2a:88:
b9:0b:64:c2:aa:db:c2:af:ff:31:20:2a:d5:e6:6b:
92:bb:e4:0b:59:16:10:a3:2e:58:16:6a:7d:ff:11:
17:22:02:ab:58:72:40:50:ff:98:ce:43:74:f8:d8:
c9:ce:59:f7:49:76:0d:52:5f:6d:72:25:09:d2:63:
a6:8a:7b:05:7d:5b:8d:0d:ce:a1:67:50:80:fb:b9:
ed:00:15:96:60:a7:08:17:11:fc:72:e8:0e:eb:f8:
39:17:59:a0:76:13:df:f1:6a:ef:47:34:79:26:b1:
af:a5:86:68:32:1c:3b:a1:19:04:43:3d:27:c5:6e:
5f:8d:5e:a5:20:f8:be:9a:2d:f8:0a:0c:1a:1a:09:
07:bf:ba:40:bf:91:1f:c3:eb:5a:c7:4f:f1:9a:8c:
99:4f:b6:6a:fa:3b:38:f4:f8:90:55:71:25:78:fd:
5c:bd:e0:0d:e3:f1:c6:b1:97:97:1b:7f:91:62:e7:
91:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CE:11:15:2E:AC:95:E6:48:F7:53:9D:6C:1C:58:F3:5D:E5:CF:EB
X509v3 Authority Key Identifier:
keyid:04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/EM4RFS6sleZI91OdbBxY813lz-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/BHMrmF-PY_-K6OrHxwgyswzugK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.52.0/22
IPv6:
2a05:b500:52::-2a05:b500:55:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:ca:4e:18:e3:aa:a8:f4:b1:fd:5f:2f:50:22:8f:4d:24:a8:
ed:29:16:80:04:13:68:0f:5e:a6:ad:53:9a:75:5c:07:4f:3f:
33:66:38:44:bf:27:32:2e:18:93:60:ab:05:12:06:e1:89:ab:
3f:90:30:05:2a:34:86:3f:83:11:32:c9:97:61:c8:c9:31:f9:
a8:b9:f6:6c:85:f5:57:62:dc:85:be:48:d7:f8:73:1f:a6:fa:
39:f1:4a:52:cf:8e:cc:08:98:3b:d5:d4:a9:79:c6:38:14:f3:
d0:07:aa:08:cd:59:ff:13:97:85:b9:f8:5b:60:c4:aa:50:7c:
3b:d0:26:c0:ee:7e:4e:bb:2a:d9:1c:00:16:6f:da:5e:05:87:
f2:18:e0:4b:b6:84:d1:c0:9e:dd:b3:80:f6:69:6c:68:a2:0c:
e3:7d:40:e2:6c:0b:f3:da:f6:a2:96:dc:b2:6c:e0:40:1b:b5:
78:73:f7:14:8e:ef:e9:7b:b6:c4:cf:b7:f0:3a:16:2a:2e:57:
1f:b1:a7:ce:33:ae:05:fc:2a:af:c0:26:dd:cc:09:aa:8c:78:
84:40:2c:bc:a5:f1:44:3f:97:c7:93:d9:ee:62:9a:e9:18:f4:
4d:a0:7a:c5:b4:a8:f2:10:a9:98:1f:36:f8:f4:f4:ec:60:c3:
6d:3c:8d:cb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYmwR90GLDPTUxiRci0qewILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzMyYjk4NWY4ZjYzZmY4YWU4ZWFjN2M3MDgzMmIzMGNl
ZTgwYWQwHhcNMjMwODAxMDg0NzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNlMTExNTJlYWM5NWU2NDhmNzUzOWQ2YzFjNThmMzVkZTVjZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4a/a+DAILPvBXMPO6SUDCbNZw2t
yYFKlHh6yRsIIlg7X/+naT+He4v6LSSmV7UkQeGiTU8YFeDu/Wrx+zGtrzTOp+Hk
rYnPKoi5C2TCqtvCr/8xICrV5muSu+QLWRYQoy5YFmp9/xEXIgKrWHJAUP+YzkN0
+NjJzln3SXYNUl9tciUJ0mOminsFfVuNDc6hZ1CA+7ntABWWYKcIFxH8cugO6/g5
F1mgdhPf8WrvRzR5JrGvpYZoMhw7oRkEQz0nxW5fjV6lIPi+mi34CgwaGgkHv7pA
v5Efw+tax0/xmoyZT7Zq+js49PiQVXEleP1cveAN4/HGsZeXG3+RYueRWwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBDOERUurJXmSPdTnWwcWPNd5c/rMB8GA1UdIwQY
MBaAFARzK5hfj2P/iujqx8cIMrMM7oCtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhNcm1GLVBZXy1LNk9ySHh3Z3lzd3p1Z0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ZGEwYWEtMTMyNy00ZmE2LWE5NDct
YWRhMjcwODI1MjE4LzEvRU00UkZTNnNsZVpJOTFPZGJCeFk4MTNsei1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ZGEwYWEtMTMyNy00ZmE2LWE5NDctYWRhMjcwODI1MjE4
LzEvQkhNcm1GLVBZXy1LNk9ySHh3Z3lzd3p1Z0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuVY0MBoE
AgACMBQwEgMHASoFtQAAUgMHASoFtQAAVDANBgkqhkiG9w0BAQsFAAOCAQEATcpO
GOOqqPSx/V8vUCKPTSSo7SkWgAQTaA9epq1TmnVcB08/M2Y4RL8nMi4Yk2CrBRIG
4YmrP5AwBSo0hj+DETLJl2HIyTH5qLn2bIX1V2Lchb5I1/hzH6b6OfFKUs+OzAiY
O9XUqXnGOBTz0AeqCM1Z/xOXhbn4W2DEqlB8O9AmwO5+Trsq2RwAFm/aXgWH8hjg
S7aE0cCe3bOA9mlsaKIM431A4mwL89r2opbcsmzgQBu1eHP3FI7v6Xu2xM+38DoW
Ki5XH7GnzjOuBfwqr8Am3cwJqox4hEAsvKXxRD+Xx5PZ7mKa6Rj0TaB6xbSo8hCp
mB82+PT07GDDbTyNyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org