Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/59zmqhvLs020u92z6Hzf0f4pPVw.roa
File: 59zmqhvLs020u92z6Hzf0f4pPVw.roa (raw, json)
Hash identifier: OEAPaOzmDgiplXRuuVGHIodAf+DDN3B6KnXQgcXxeN0=
Subject key identifier: E7:DC:E6:AA:1B:CB:B3:4D:B4:BB:DD:B3:E8:7C:DF:D1:FE:29:3D:5C
Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Certificate serial: 01856CC166D01E07AC906698239BE34CA64E
Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/59zmqhvLs020u92z6Hzf0f4pPVw.roa
Signing time: Sun 01 Jan 2023 09:54:52 +0000
ROA not before: Sun 01 Jan 2023 09:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199319
IP address blocks: 185.228.140.0/22 maxlen: 22
185.38.224.0/22 maxlen: 22
2a00:fb20:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 17 Apr 2023 18:42:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:66:d0:1e:07:ac:90:66:98:23:9b:e3:4c:a6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Validity
Not Before: Jan 1 09:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7dce6aa1bcbb34db4bbddb3e87cdfd1fe293d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:38:3e:a3:ed:32:34:de:58:1d:68:3c:55:24:
c2:e9:05:bb:e8:04:c1:f9:7b:88:de:f6:ea:2f:e4:
aa:b1:ab:7b:83:0d:d4:27:a4:de:5b:60:75:19:80:
cd:ac:a8:90:e2:53:84:69:af:a7:8e:2c:f1:78:6e:
3f:b3:d4:54:61:7d:5e:97:b6:c8:30:73:56:2f:ed:
3f:ac:e8:16:27:d7:e1:eb:6d:e3:23:36:58:18:e0:
d2:a5:c5:28:7b:1d:f0:d5:d9:0f:2e:90:ec:84:5e:
07:b2:39:b3:f1:10:0c:55:cf:ac:8d:ab:0d:3e:0e:
3e:df:97:31:d3:45:8e:8a:4f:33:88:10:d8:8a:2b:
f3:7c:b2:74:1f:d1:cc:f9:7f:6f:6e:e8:42:73:fb:
95:b8:e7:f5:fb:4d:73:69:16:39:da:68:72:1e:d8:
e2:93:ce:73:c5:72:7a:45:ab:6f:d2:5a:af:6b:a1:
11:2a:48:4e:8a:01:cc:53:01:7f:53:f6:37:92:6c:
bf:da:ae:04:ba:44:a9:cf:6c:a9:42:1d:56:97:5f:
af:3f:28:dd:87:15:66:d0:c4:ae:c5:f6:f5:4d:a2:
40:37:ba:65:d2:8d:3b:de:b2:8e:a4:c8:a3:b7:c6:
81:35:d9:b4:cd:d1:70:d2:12:38:56:d1:31:cd:d1:
aa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:E6:AA:1B:CB:B3:4D:B4:BB:DD:B3:E8:7C:DF:D1:FE:29:3D:5C
X509v3 Authority Key Identifier:
keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/59zmqhvLs020u92z6Hzf0f4pPVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.224.0/22
185.228.140.0/22
IPv6:
2a00:fb20:8000::/33
Signature Algorithm: sha256WithRSAEncryption
0b:60:e9:b2:84:16:6a:1e:74:1d:c8:be:fd:76:c0:d3:c6:d6:
b0:bf:b8:9b:7b:71:cc:37:39:92:64:f4:d2:3e:48:b2:7b:1b:
2c:b4:41:f5:21:ec:d6:cb:f1:0a:17:5d:25:0e:a3:08:43:1e:
67:8c:d2:1c:d9:b0:7e:64:c5:8d:34:5c:d7:aa:e7:4f:90:4b:
3b:6a:d8:21:9b:8d:83:ee:d3:ac:8c:55:8b:54:b2:2a:c1:79:
7e:7b:da:55:cf:be:12:a9:35:2b:19:0b:4b:e2:dd:b0:25:1c:
ec:d3:45:49:30:c0:32:0b:27:87:da:98:e1:f1:65:70:01:51:
d5:cb:cf:44:14:4a:1a:f3:fd:c0:b6:b2:af:a2:1f:9e:03:39:
a3:44:86:fa:48:1a:53:39:52:cc:03:36:a7:74:d3:1a:15:f8:
4e:ec:1d:3a:b8:24:6b:50:00:fb:cc:7c:a7:a9:07:d5:b3:e6:
45:e8:9b:0e:3e:dc:5c:34:45:11:ad:a5:41:be:87:1b:60:c2:
49:d1:1d:b4:81:d9:79:59:b3:eb:12:1e:75:a8:fb:a1:69:7e:
cf:95:0c:ee:99:56:ba:92:16:1b:23:8a:aa:7e:88:f6:4e:0c:
41:2d:e2:8a:55:9a:95:7c:ff:ed:52:32:be:59:d8:0d:76:cc:
c4:47:24:09
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVswWbQHgeskGaYI5vjTKZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll
NzdmMGQwHhcNMjMwMTAxMDk1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RjZTZhYTFiY2JiMzRkYjRiYmRkYjNlODdjZGZkMWZlMjkzZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzg+o+0yNN5YHWg8VSTC6QW76ATB
+XuI3vbqL+Sqsat7gw3UJ6TeW2B1GYDNrKiQ4lOEaa+njizxeG4/s9RUYX1el7bI
MHNWL+0/rOgWJ9fh623jIzZYGODSpcUoex3w1dkPLpDshF4Hsjmz8RAMVc+sjasN
Pg4+35cx00WOik8ziBDYiivzfLJ0H9HM+X9vbuhCc/uVuOf1+01zaRY52mhyHtji
k85zxXJ6Ratv0lqva6ERKkhOigHMUwF/U/Y3kmy/2q4EukSpz2ypQh1Wl1+vPyjd
hxVm0MSuxfb1TaJAN7pl0o073rKOpMijt8aBNdm0zdFw0hI4VtExzdGqVQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOfc5qoby7NNtLvds+h839H+KT1cMB8GA1UdIwQY
MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt
ZmEzZTA5MDFmMjQwLzEvNTl6bXFodkxzMDIwdTkyejZIemYwZjRwUFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw
LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuSbgAwQC
ueSMMA4EAgACMAgDBgcqAPsggDANBgkqhkiG9w0BAQsFAAOCAQEAC2DpsoQWah50
Hci+/XbA08bWsL+4m3txzDc5kmT00j5IsnsbLLRB9SHs1svxChddJQ6jCEMeZ4zS
HNmwfmTFjTRc16rnT5BLO2rYIZuNg+7TrIxVi1SyKsF5fnvaVc++Eqk1KxkLS+Ld
sCUc7NNFSTDAMgsnh9qY4fFlcAFR1cvPRBRKGvP9wLayr6IfngM5o0SG+kgaUzlS
zAM2p3TTGhX4TuwdOrgka1AA+8x8p6kH1bPmReibDj7cXDRFEa2lQb6HG2DCSdEd
tIHZeVmz6xIedaj7oWl+z5UM7plWupIWGyOKqn6I9k4MQS3iilWalXz/7VIyvlnY
DXbMxEckCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org