Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/I3o56ydQ2zzfpRQ_jaJgt2SZt9c.roa
File: I3o56ydQ2zzfpRQ_jaJgt2SZt9c.roa (raw, json)
Hash identifier: hE3fi9nCcmudpKO2+EFZDqV29thU3djgqKdkk+SsLlg=
Subject key identifier: 23:7A:39:EB:27:50:DB:3C:DF:A5:14:3F:8D:A2:60:B7:64:99:B7:D7
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 018F1BF009A48591F51BF77A2E2C720D300C
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/I3o56ydQ2zzfpRQ_jaJgt2SZt9c.roa
Signing time: Fri 26 Apr 2024 19:44:26 +0000
ROA not before: Fri 26 Apr 2024 19:44:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211623
IP address blocks: 185.253.58.0/24 maxlen: 24
2a10:b9c0::/29 maxlen: 48
2a10:b9c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Aug 2024 21:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:f0:09:a4:85:91:f5:1b:f7:7a:2e:2c:72:0d:30:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Apr 26 19:44:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=237a39eb2750db3cdfa5143f8da260b76499b7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3a:d9:ee:54:fd:79:62:61:b9:b1:26:ca:d8:
c2:1b:ad:6f:c0:bb:0d:da:98:81:66:72:1e:aa:1b:
53:ce:c7:5d:2d:0a:4b:d4:f2:df:fb:ba:96:56:d5:
c0:71:78:9a:21:10:67:75:69:03:6f:e2:87:22:73:
46:28:3c:2a:0e:f2:14:ff:28:cf:54:6a:a5:13:5f:
58:eb:1d:d5:6b:b8:78:7a:fa:d0:31:fc:83:4b:75:
c9:0e:2b:58:24:3c:eb:4e:64:9e:21:94:b1:fa:92:
7d:09:88:7c:46:72:3d:35:8f:6e:6d:bb:9f:93:5a:
d3:9a:e9:c0:2a:81:1b:55:b3:82:1e:50:1a:19:7a:
ca:8c:02:6a:15:a8:bb:9c:f4:b6:66:39:98:74:fe:
f2:09:51:f8:7b:0a:83:4c:93:35:f4:79:40:9c:1b:
b6:45:78:a6:66:f2:c0:f6:37:b4:e3:a8:22:b5:fc:
92:76:a9:b4:d4:20:29:a7:42:df:96:6e:92:0d:c3:
2f:21:7b:1d:63:46:25:fa:bd:a8:ee:05:e1:57:5f:
f4:68:f9:fe:7d:62:0d:64:e2:73:65:67:48:44:c6:
6b:ab:50:d0:60:e7:6b:a3:d4:7c:7e:2a:fd:98:fd:
94:5b:ae:34:0b:12:a8:35:2e:32:4f:7b:62:76:61:
37:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:39:EB:27:50:DB:3C:DF:A5:14:3F:8D:A2:60:B7:64:99:B7:D7
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/I3o56ydQ2zzfpRQ_jaJgt2SZt9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.58.0/24
IPv6:
2a10:b9c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:d9:b1:ea:d8:b9:20:93:64:22:04:11:e3:04:5a:e1:e1:a8:
e5:48:b1:56:d4:fa:92:54:d4:66:c5:8c:62:c4:b3:0f:d4:e9:
b0:0b:05:28:bf:a4:98:a3:87:f8:77:7d:f8:cc:f2:ba:8c:4d:
01:f1:b1:10:78:f4:44:fa:cd:e8:f4:2d:ce:e0:f6:7a:93:e8:
5b:92:74:6a:f3:81:a1:24:c6:c1:5d:79:bf:36:05:e3:95:9b:
be:3f:09:5e:b4:aa:9f:d9:52:75:a9:0f:cb:b7:97:a1:01:b2:
00:f4:93:32:b1:85:3e:f7:46:1d:4f:75:c4:42:a1:53:66:25:
39:6b:a9:e0:1b:36:06:84:63:6b:34:47:22:a9:bd:1d:a7:75:
a7:2b:c1:e6:44:dd:9f:bd:75:62:85:d1:bc:19:fd:dd:20:0b:
c6:62:9b:70:e5:71:85:ad:63:3a:0d:f3:bb:f6:7a:f1:f0:72:
b6:b0:e0:ed:29:96:b8:87:f4:18:13:86:6a:88:64:2b:fd:ce:
d5:32:7b:33:71:65:88:fd:d5:91:28:b3:fa:05:8b:18:d7:fa:
89:e9:01:cf:75:92:0d:0e:7d:54:d6:00:22:7d:25:d0:94:66:
bf:7f:b7:e3:9d:0d:cf:df:2b:59:48:2f:f1:ee:c9:ab:8c:41:
96:6e:00:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8b8AmkhZH1G/d6LixyDTAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2Y0ZjhhYzhjYTczNDNlZDFiNGZmMTJjZTI3NjMxOGI2
OWQxMGUwHhcNMjQwNDI2MTk0NDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdhMzllYjI3NTBkYjNjZGZhNTE0M2Y4ZGEyNjBiNzY0OTliN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDrZ7lT9eWJhubEmytjCG61vwLsN
2piBZnIeqhtTzsddLQpL1PLf+7qWVtXAcXiaIRBndWkDb+KHInNGKDwqDvIU/yjP
VGqlE19Y6x3Va7h4evrQMfyDS3XJDitYJDzrTmSeIZSx+pJ9CYh8RnI9NY9ubbuf
k1rTmunAKoEbVbOCHlAaGXrKjAJqFai7nPS2ZjmYdP7yCVH4ewqDTJM19HlAnBu2
RXimZvLA9je046gitfySdqm01CApp0Lflm6SDcMvIXsdY0Yl+r2o7gXhV1/0aPn+
fWINZOJzZWdIRMZrq1DQYOdro9R8fir9mP2UW640CxKoNS4yT3tidmE3yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCN6OesnUNs836UUP42iYLdkmbfXMB8GA1UdIwQY
MBaAFEp/T4rIynND7RtP8SzidjGLadEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4Mzkt
OWVjN2FkZDBlYjY4LzEvSTNvNTZ5ZFEyenpmcFJRX2phSmd0MlNadDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4MzktOWVjN2FkZDBlYjY4
LzEvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf06MA0E
AgACMAcDBQMqELnAMA0GCSqGSIb3DQEBCwUAA4IBAQB/2bHq2Lkgk2QiBBHjBFrh
4ajlSLFW1PqSVNRmxYxixLMP1OmwCwUov6SYo4f4d334zPK6jE0B8bEQePRE+s3o
9C3O4PZ6k+hbknRq84GhJMbBXXm/NgXjlZu+PwletKqf2VJ1qQ/Lt5ehAbIA9JMy
sYU+90YdT3XEQqFTZiU5a6ngGzYGhGNrNEciqb0dp3WnK8HmRN2fvXVihdG8Gf3d
IAvGYptw5XGFrWM6DfO79nrx8HK2sODtKZa4h/QYE4ZqiGQr/c7VMnszcWWI/dWR
KLP6BYsY1/qJ6QHPdZINDn1U1gAifSXQlGa/f7fjnQ3P3ytZSC/x7smrjEGWbgBy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:06 2025 by rpki-client