Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/lhQUvlKDMof0FBjGECP5QonhnQU.roa
File: lhQUvlKDMof0FBjGECP5QonhnQU.roa (raw, json)
Hash identifier: VUGpgWWRv/T0r6CsIEx/zXXaXGKv9IoaLjHdr/rTT8c=
Subject key identifier: 96:14:14:BE:52:83:32:87:F4:14:18:C6:10:23:F9:42:89:E1:9D:05
Certificate issuer: /CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Certificate serial: 018570E7613C205B69E1265AE64007E29D40
Authority key identifier: 04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/lhQUvlKDMof0FBjGECP5QonhnQU.roa
Signing time: Mon 02 Jan 2023 05:14:49 +0000
ROA not before: Mon 02 Jan 2023 05:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39176
IP address blocks: 185.86.52.0/24 maxlen: 24
185.86.52.0/23 maxlen: 23
185.86.55.0/24 maxlen: 24
185.86.54.0/24 maxlen: 24
185.86.53.0/24 maxlen: 24
2a05:b500:54::/48 maxlen: 48
2a05:b500:55::/48 maxlen: 48
2a05:b500:53::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Aug 2023 08:47:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:61:3c:20:5b:69:e1:26:5a:e6:40:07:e2:9d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Validity
Not Before: Jan 2 05:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=961414be52833287f41418c61023f94289e19d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:2e:5d:60:eb:96:2c:46:23:a0:98:77:33:
5f:c0:de:44:16:13:c5:ce:ad:7c:24:d4:8c:ff:a9:
22:42:0b:5f:3e:6a:10:5c:4c:40:46:88:84:44:bb:
f1:fd:35:86:ee:ba:f2:7c:5c:b8:64:7a:1c:01:b3:
a1:ef:f9:08:d5:7e:2b:52:2b:72:27:3b:f1:a3:dc:
54:9d:11:e3:52:3a:80:aa:57:4d:69:67:e4:68:ab:
d7:69:60:84:09:69:07:c1:53:c9:17:33:6f:c6:09:
d9:88:ed:59:87:43:fb:10:82:03:c0:e3:01:13:ba:
30:f1:61:93:94:69:c7:2c:6b:59:d3:fb:c4:ec:11:
1c:1a:8d:98:f1:fd:84:9b:9c:88:94:86:37:38:a0:
19:6b:3e:bd:6c:1e:72:89:1f:dc:23:e6:da:6e:15:
c2:61:ce:11:6f:1c:c7:73:c2:80:d7:f0:b0:00:45:
d1:a8:80:0a:c3:96:7a:eb:31:cd:f4:b0:cf:a3:e5:
75:d6:43:98:99:21:8c:a2:a9:23:8a:d1:9b:94:a3:
b8:96:91:a7:04:19:bd:b1:7a:fd:c0:00:d7:d1:d4:
ab:dd:c3:b8:02:52:45:e5:75:7b:5e:db:0b:f8:99:
79:86:7c:3e:55:38:e8:35:ff:6a:3e:c4:5d:03:7f:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:14:14:BE:52:83:32:87:F4:14:18:C6:10:23:F9:42:89:E1:9D:05
X509v3 Authority Key Identifier:
keyid:04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/lhQUvlKDMof0FBjGECP5QonhnQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/BHMrmF-PY_-K6OrHxwgyswzugK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.52.0/22
IPv6:
2a05:b500:53::-2a05:b500:55:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:9c:4c:c8:f4:05:69:5e:a4:d1:f8:07:79:9e:17:38:d0:c9:
70:c4:18:b4:82:5f:ba:ea:f9:8e:0c:99:03:5f:15:f5:14:8e:
22:b6:09:45:c0:a3:74:ad:ef:3d:bf:1e:cb:52:d7:bc:4c:cb:
81:ca:38:4c:78:58:43:8e:b6:57:10:0a:61:c5:bc:16:a5:a9:
dc:c5:03:4b:8c:a2:75:3b:69:ff:3e:e2:db:c1:7f:4c:7b:00:
25:35:f9:f3:e0:24:82:65:59:39:43:92:15:70:a1:54:b1:d9:
7a:55:1c:10:b8:6c:69:c3:c5:dc:9f:69:b5:ac:43:fa:e8:7e:
8c:34:92:be:6d:b0:52:a5:26:89:79:a4:58:c9:24:cb:41:36:
cb:5d:e1:cf:72:45:6a:c5:21:e8:9f:cf:10:55:85:32:ff:be:
d3:ec:ad:c0:3e:ba:5c:14:a9:f0:e0:6b:db:e2:50:8e:22:64:
d4:ba:89:0d:2c:50:71:21:70:fe:d3:1d:6c:4f:95:5f:7e:94:
c8:80:a0:11:fc:e8:f3:ca:f1:3a:7b:50:22:5e:43:96:52:c7:
f0:54:0a:e7:e2:e7:ce:fb:38:63:b7:fb:7f:b3:5c:00:bd:f0:
63:ff:3f:d9:77:2e:81:b4:2f:43:96:10:d5:f6:87:6d:37:18:
a6:6d:b1:d6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVw52E8IFtp4SZa5kAH4p1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzMyYjk4NWY4ZjYzZmY4YWU4ZWFjN2M3MDgzMmIzMGNl
ZTgwYWQwHhcNMjMwMTAyMDUxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE0MTRiZTUyODMzMjg3ZjQxNDE4YzYxMDIzZjk0Mjg5ZTE5ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstcuXWDrlixGI6CYdzNfwN5EFhPF
zq18JNSM/6kiQgtfPmoQXExARoiERLvx/TWG7rryfFy4ZHocAbOh7/kI1X4rUity
Jzvxo9xUnRHjUjqAqldNaWfkaKvXaWCECWkHwVPJFzNvxgnZiO1Zh0P7EIIDwOMB
E7ow8WGTlGnHLGtZ0/vE7BEcGo2Y8f2Em5yIlIY3OKAZaz69bB5yiR/cI+babhXC
Yc4RbxzHc8KA1/CwAEXRqIAKw5Z66zHN9LDPo+V11kOYmSGMoqkjitGblKO4lpGn
BBm9sXr9wADX0dSr3cO4AlJF5XV7XtsL+Jl5hnw+VTjoNf9qPsRdA3/FOQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJYUFL5SgzKH9BQYxhAj+UKJ4Z0FMB8GA1UdIwQY
MBaAFARzK5hfj2P/iujqx8cIMrMM7oCtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhNcm1GLVBZXy1LNk9ySHh3Z3lzd3p1Z0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ZGEwYWEtMTMyNy00ZmE2LWE5NDct
YWRhMjcwODI1MjE4LzEvbGhRVXZsS0RNb2YwRkJqR0VDUDVRb25oblFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ZGEwYWEtMTMyNy00ZmE2LWE5NDctYWRhMjcwODI1MjE4
LzEvQkhNcm1GLVBZXy1LNk9ySHh3Z3lzd3p1Z0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuVY0MBoE
AgACMBQwEgMHACoFtQAAUwMHASoFtQAAVDANBgkqhkiG9w0BAQsFAAOCAQEAHJxM
yPQFaV6k0fgHeZ4XONDJcMQYtIJfuur5jgyZA18V9RSOIrYJRcCjdK3vPb8ey1LX
vEzLgco4THhYQ462VxAKYcW8FqWp3MUDS4yidTtp/z7i28F/THsAJTX58+AkgmVZ
OUOSFXChVLHZelUcELhsacPF3J9ptaxD+uh+jDSSvm2wUqUmiXmkWMkky0E2y13h
z3JFasUh6J/PEFWFMv++0+ytwD66XBSp8OBr2+JQjiJk1LqJDSxQcSFw/tMdbE+V
X36UyICgEfzo88rxOntQIl5DllLH8FQK5+Lnzvs4Y7f7f7NcAL3wY/8/2XcugbQv
Q5YQ1faHbTcYpm2x1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org